Se maneja la seguridad de apis

src/main/java/ec/edu/espe/movilidad/MovilidadWS/Security/JwtAuthenticationFilter.java

@@ -5,6 +5,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.web.filter.OncePerRequestFilter;
 
@@ -34,6 +35,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
         loggerAuth.info("Token válido obtenido en el backend:  {}", Token);
 
         if (email != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+            try {
                 // Autenticar al usuario por correo electrónico
                 UserDetails userDetails = jwtUserDetailsService.loadUserByUsername(email);
                 if (userDetails != null) {
@@ -41,14 +43,19 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
                             userDetails, null, userDetails.getAuthorities());
                     authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
                     SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-
+                }
+            } catch (UsernameNotFoundException ex) {
+                // Manejar la excepción y enviar una respuesta adecuada
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.getWriter().write("El usuario no es correcto");
+                response.getWriter().flush();
+                return;
             }
         }
 
         if (request.getRequestURI().equals("/api/v1.0/usuarioLogeado")) {
 
-            String username = SecurityContextHolder.getContext().getAuthentication().getName(); //Se obtiene el nombre del uuario autenticado
-
+            String username = SecurityContextHolder.getContext().getAuthentication().getName(); //Se obtiene el nombre del usuario autenticado
             DtoUserLogeado userInfo = jwtUserDetailsService.getUserInfoByUsername(username);
             //Se devuelve los datos en formato JSON
             ObjectMapper objectMapper = new ObjectMapper();
@@ -61,4 +68,3 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
         filterChain.doFilter(request, response);
     }
 }
-

src/main/java/ec/edu/espe/movilidad/MovilidadWS/Security/SecurityConfig.java

@@ -3,6 +3,7 @@ package ec.edu.espe.movilidad.MovilidadWS.Security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 
@@ -34,9 +35,9 @@ public class SecurityConfig {
                 .httpBasic().authenticationEntryPoint(jwtEntryPoint)
                 .and()
                 .authorizeRequests()
+                .antMatchers(HttpMethod.DELETE, "/api/v1.0/**").hasRole("Administrador del Sistema")
                 .antMatchers("/api/v1.0/**").authenticated()
                 //.antMatchers("/api/v1.0/**").permitAll()
-               // .antMatchers("/api/v1.0/**").hasRole("Administrador del Sistema") // Asignar API a rol ADMIN
                 .and()
                 .sessionManagement()
                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS);