NotScream/IP_PIbd-21_Sergeev_N.I.
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Реакт

Browse Source
This commit is contained in:
Nikita Sergeev 2023-05-14 13:53:12 +04:00
parent 52a842d8c9
commit 5dd9a0d2e1
42 changed files with 1518 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
build.gradle
View File

@ -1,7 +1,7 @@
plugins { plugins {
id 'java' id 'java'
id 'org.springframework.boot' version '3.0.2' id 'org.springframework.boot' version '3.0.2'
id 'io.spring.dependency-management' version '1.1.0' id 'io.spring.dependency-management' version '1.1.0'
} }
group = 'ip' group = 'ip'
@ -9,26 +9,30 @@ version = '0.0.1-SNAPSHOT'
sourceCompatibility = '17' sourceCompatibility = '17'
repositories { repositories {
mavenCentral() mavenCentral()
} }
jar { jar {
enabled = false enabled = false
} }
dependencies { dependencies {
implementation(project(':front')) implementation(project(':front'))
implementation 'org.springframework.boot:spring-boot-starter-web' annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'com.h2database:h2:2.1.210' implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5' implementation 'com.h2database:h2:2.1.210'
implementation 'org.hibernate.validator:hibernate-validator' implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5'
implementation group: 'org.springframework', name: 'spring-tx' implementation 'org.hibernate.validator:hibernate-validator'
implementation 'org.springdoc:springdoc-openapi-ui:1.6.5' implementation group: 'org.springframework', name: 'spring-tx'
testImplementation 'org.springframework.boot:spring-boot-starter-test' implementation 'org.springdoc:springdoc-openapi-ui:1.6.5'
implementation 'org.springframework.boot:spring-boot-starter-validation' testImplementation 'org.springframework.boot:spring-boot-starter-test'
implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.auth0:java-jwt:4.4.0'
} }
tasks.named('test') { tasks.named('test') {
useJUnitPlatform() useJUnitPlatform()
} }

17
front/index.html
View File

@ -1,9 +1,8 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="ru"> <html lang="ru">
<head> <head>
<meta charset="UTF-8" /> <meta charset="UTF-8"/>
<link rel="icon" type="image/svg+xml" href="/favicon.svg" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<script src="/node_modules/bootstrap/dist/js/bootstrap.min.js"></script> <script src="/node_modules/bootstrap/dist/js/bootstrap.min.js"></script>
<script <script
src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js" src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js"
@ -24,9 +23,9 @@
href="/node_modules/@fortawesome/fontawesome-free/css/all.min.css" href="/node_modules/@fortawesome/fontawesome-free/css/all.min.css"
/> />
<title>Очень вкусно и запятая</title> <title>Очень вкусно и запятая</title>
</head> </head>
<body class="d-flex flex-column h-100"> <body class="d-flex flex-column h-100">
<div id="app"></div> <div id="app"></div>
<script type="module" src="/src/main.jsx"></script> <script type="module" src="/src/main.jsx"></script>
</body> </body>
</html> </html>

105
front/src/App.jsx
View File

@ -1,46 +1,91 @@
import './App.css'; import "./App.css";
import { useRoutes, Outlet, BrowserRouter } from 'react-router-dom'; import {
import Header from './components/common/Header'; useRoutes,
Outlet,
BrowserRouter,
Routes,
Route,
} from "react-router-dom";
import Header from "./components/common/Header";
import PrivateRoute from "./components/common/PrivateRoute";
import Footer from "./components/common/Footer"; import Footer from "./components/common/Footer";
import CatalogStudents from './components/catalogs/CatalogStudents'; import CatalogStudents from "./components/catalogs/CatalogStudents";
import Menu from './components/catalogs/Menu'; import Menu from "./components/catalogs/Menu";
import Basket from './components/catalogs/Basket'; import Basket from "./components/catalogs/Basket";
import History from './components/catalogs/History'; import History from "./components/catalogs/History";
import { useState } from 'react'; import Registration from "./components/catalogs/Registration";
import { useState } from "react";
import Login from "./components/catalogs/Login";
import Users from "./components/catalogs/Users";
function Router(props) { function Router(props) {
return useRoutes(props.rootRoute); return useRoutes(props.rootRoute);
} }
export default function App() { export default function App() {
const [product,setProduct] = useState([]); const [product, setProduct] = useState([]);
const routes = [ const routes = [
{ index: true, element: <CatalogStudents /> }, { index: true, element: <CatalogStudents /> },
{ path: "catalogs/menu", element: <Menu product={product} setProduct={setProduct}/>, label: "Меню" }, {
{ path: "catalogs/component", element: <CatalogStudents />, label: "Компоненты" }, path: "catalogs/menu",
{ path: "catalogs/basket", element: <Basket product={product} setProduct={setProduct}/>, label: "Корзина" }, label: "Меню",
{ path: "catalogs/history", element: <History />, label: "История" } },
{
path: "catalogs/component",
label: "Компоненты",
role: "ADMIN",
},
{
path: "catalogs/basket",
label: "Корзина",
},
{ path: "catalogs/history", label: "История" },
{
path: "catalogs/users",
label: "Пользователи",
role: "ADMIN",
},
{
path: "catalogs/registration",
label: "Регистрация",
},
{
path: "catalogs/login",
label: "Вход в систему",
},
]; ];
const links = routes.filter(route => route.hasOwnProperty('label')); const links = routes.filter((route) => route.hasOwnProperty("label"));
const rootRoute = [
{ path: '/', element: render(links), children: routes }
];
function render(links) {
return (
<>
<Header links={links} />
<div className="container-fluid p-0">
<Outlet />
</div>
<Footer></Footer>
</>
);
}
return ( return (
<BrowserRouter> <BrowserRouter>
<Router rootRoute={ rootRoute } /> <Header links={links} />
<div className="content-div">
<Routes>
<Route element={<PrivateRoute role="USER" />}>
<Route
element={<Menu product={product} setProduct={setProduct} />}
path="/catalogs/menu"
exact
/>
<Route
element={<Menu product={product} setProduct={setProduct} />}
path="*"
/>
<Route
element={<Basket product={product} setProduct={setProduct} />}
path="/catalogs/basket"
/>
<Route element={<History />} path="/catalogs/history" />
</Route>
<Route element={<PrivateRoute role="ADMIN" />}>
<Route element={<CatalogStudents />} path="/catalogs/component" />
<Route element={<Users />} path="/catalogs/users" />
</Route>
<Route element={<Login />} path="/catalogs/login" />
<Route element={<Registration />} path="/catalogs/registration" />
</Routes>
</div>
<Footer />
</BrowserRouter> </BrowserRouter>
); );
} }

2
front/src/components/catalogs/CatalogHistory.jsx
View File

@ -16,7 +16,7 @@ export default function CatalogHistory(props) {
}, []); }, []);
function loadItems() { function loadItems() {
DataService.readAll(props.getAllUrl, props.transformer) DataService.readAllOrders(props.getAllUrl+`/all/${localStorage.getItem("user")}`, props.transformer)
.then(data => setItems(data)); .then(data => setItems(data));
} }

109
front/src/components/catalogs/Login.jsx Normal file
View File

@ -0,0 +1,109 @@
import { useState, useEffect } from "react";
import { Link, useNavigate } from 'react-router-dom';
import { useRef } from "react";
export default function Login(props) {
const [login, setLogin] = useState("");
const [password, setPassword] = useState("");
const navigate = useNavigate();
useEffect(() => {
}, []);
const loginsystem = async function (login, password) {
const requestParams = {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({login: login, password: password}),
};
const response = await fetch("http://localhost:8080/jwt/login", requestParams);
const result = await response.text();
if (response.status === 200) {
localStorage.setItem("token", result);
localStorage.setItem("user", login);
getRole(result);
} else {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
}
}
const getRole = async function (token) {
const requestParams = {
method: "GET",
headers: {
"Content-Type": "application/json"
}
};
const requestUrl = `http://localhost:8080/user?token=${token}`;
const response = await fetch(requestUrl, requestParams);
const result = await response.text();
localStorage.setItem("role", result);
window.dispatchEvent(new Event("storage"));
navigate("/main");
}
const loginFormOnSubmit = function (event) {
event.preventDefault();
loginsystem(login, password);
};
return (
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<h1 className="my-5 ms-5 ">
<b>Вход в систему</b>
</h1>
<form className="row g-3" onSubmit={loginFormOnSubmit}>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="login">
Логин
</label>
<div className="form-outline col-sm-10">
<input
placeholder="Логин"
className="form-control w-50"
type="text"
id="login"
name="login"
value={login}
onChange={(e) => setLogin(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="password">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Пароль"
className="form-control w-50"
type="password"
id="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
<h2>
<button className="btn btn-success ms-5" style={{ color: "black" }}>
Войти
</button>
</h2>
</form>
</main>
);
}

115
front/src/components/catalogs/Registration.jsx Normal file
View File

@ -0,0 +1,115 @@
import { useState } from "react";
import { useNavigate } from "react-router-dom";
import { useEffect } from "react";
import { Link } from 'react-router-dom';
import { useRef } from "react";
export default function Registration(props) {
const [login, setLogin] = useState("");
const [password, setPassword] = useState("");
const [passwordConfirm, setPasswordConfirm] = useState("");
const navigate = useNavigate();
useEffect(() => {}, []);
async function signup() {
const requestParams = {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
login: login,
password: password,
passwordConfirm: passwordConfirm,
}),
};
const response = await fetch(
"http://localhost:8080/jwt/signup",
requestParams
);
const result = await response.json();
if (response.status === 200) {
localStorage.setItem("token", result.token);
localStorage.setItem("user", result.login);
localStorage.setItem("role", result.role);
window.dispatchEvent(new Event("storage"));
navigate("/catalogs/menu");
} else {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
alert(result);
}
}
const signupFormOnSubmit = function (event) {
event.preventDefault();
signup({
login: login,
password: password,
passwordConfirm: passwordConfirm
});
};
return (
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<h1 className="my-5 ms-5 ">
<b>Регистрация</b>
</h1>
<form className="row g-3" onSubmit={signupFormOnSubmit}>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="login">
Логин
</label>
<div className="form-outline col-sm-10">
<input
placeholder="Логин"
className="form-control w-50"
type="text"
id="login"
name="login"
value={login}
onChange={(e) => setLogin(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="password">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Пароль"
className="form-control w-50"
type="password"
id="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="passwordConfirm">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Подтверждение пароля"
className="form-control w-50"
type="password"
id="passwordConfirm"
value={passwordConfirm}
onChange={(e) => setPasswordConfirm(e.target.value)}
/>
</div>
</div>
<h2>
<button className="btn btn-success ms-5" style={{ color: "black" }}>
Зарегистрироваться
</button>
</h2>
</form>
</main>
);
}

76
front/src/components/catalogs/Users.jsx Normal file
View File

@ -0,0 +1,76 @@
import { useState } from "react";
import { useEffect } from "react";
import DataService from "../../services/DataService";
export default function Users(props) {
const [users, setUsers] = useState([]);
const [pageNumbers, setPageNumbers] = useState([]);
const [pageNumber, setPageNumber] = useState();
const usersUrl = "/users";
const host = "http://localhost:8080";
useEffect(() => {
DataService.readUsersPage(host, usersUrl, 1).then((data) => {
setUsers(data.users.content);
setPageNumbers(data.pageNumbers);
setPageNumber(1);
});
}, []);
const pageButtonOnClick = function (page) {
DataService.readUsersPage(host, usersUrl, page).then((data) => {
setUsers(data.users.content);
setPageNumber(page);
});
};
return (
<>
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<div className="table-shell mb-3">
<table className="table">
<thead>
<tr>
<th style={{ width: "15%" }} scope="col">
ID
</th>
<th style={{ width: "30%" }} scope="col">
Логин
</th>
<th style={{ width: "15%" }} scope="col">
Роль
</th>
</tr>
</thead>
<tbody>
{users.map((user, index) => (
<tr key={index}>
<td style={{ width: "15%" }}>{user.id}</td>
<td style={{ width: "30%" }}>{user.login}</td>
<td style={{ width: "15%" }}>{user.role}</td>
</tr>
))}
</tbody>
</table>
</div>
<div>
<p>Pages:</p>
<nav>
<ul className="pagination" style={{ backgroundColor: "white" }}>
{pageNumbers.map((number, index) => (
<li key={index}
className={`page-item ${
number === pageNumber ? "active" : ""
}`}
onClick={() => pageButtonOnClick(number)}
>
<a className="page-link" >
{number}
</a>
</li>
))}
</ul>
</nav>
</div>
</main>
</>
);
}

121
front/src/components/common/Card.jsx
View File

@ -1,44 +1,46 @@
import DataService from "../../services/DataService"; import DataService from "../../services/DataService";
export default function Card(props) { export default function Card(props) {
function edit(id) { function edit(id) {
props.onEdit(id); props.onEdit(id);
} }
function remove(id) { function remove(id) {
props.onRemove(id); props.onRemove(id);
}
async function mess(id) {
let currentProduct = props.product.filter((x) => x.id == id.id);
if (currentProduct.length != 0) {
let temp = props.product.filter((x) => x.id != id.id);
currentProduct[0].count++;
temp.push(currentProduct[0]);
await props.setProduct(temp);
return;
} else {
id.count++;
props.product.push(id);
props.setProduct(props.product);
} }
async function mess(id){ }
let currentProduct = props.product.filter(x => x.id == id.id); return (
if (currentProduct.length != 0){ <div className="temp row row-cols-1 row-cols-md-3 g-4" id="tbl-items">
let temp = props.product.filter(x => x.id != id.id); {props.items.map((item) => (
currentProduct[0].count++; <div className="col" key={item.id}>
temp.push(currentProduct[0]); <div className="card">
await props.setProduct(temp); <div
return; className="container"
}else{ style={{ width: "100%", height: "350px" }}
id.count++; >
props.product.push(id); <img
props.setProduct(props.product); src={item["image"]}
} className="img-fluid rounded mx-auto d-block"
} style={{ width: "100%", height: "350px", objectFit: "contain" }}
return ( alt="Бугер"
<div className="temp row row-cols-1 row-cols-md-3 g-4" id="tbl-items"> />
{props.items.map((item) => ( </div>
<div className="col" key={item.id}> <div className="card-body">
<div className="card"> <h5 className="card-title text-center fs-1">{item["price"]}</h5>
<div {localStorage.getItem("role") == "ADMIN" && (
className="container" <>
style={{ width: "100%", height: "350px" }}
>
<img
src={item["image"]}
className="img-fluid rounded mx-auto d-block"
style={{ width: "100%", height: "350px", objectFit: "contain" }}
alt="Бугер"
/>
</div>
<div className="card-body">
<h5 className="card-title text-center fs-1">{item["price"]}</h5>
<a <a
href="#" href="#"
className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5" className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5"
@ -47,27 +49,28 @@ export default function Card(props) {
Удалить Удалить
</a> </a>
<a <a
href="#" href="#"
type="button" type="button"
className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5" className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5"
data-bs-toggle="modal" data-bs-toggle="modal"
data-bs-target="#staticBackdrop" data-bs-target="#staticBackdrop"
onClick={(e) => edit(item.id, e)} onClick={(e) => edit(item.id, e)}
> >
Изменить Изменить
</a> </a>
<a </>
type="button" )}
className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5" <a
onClick={()=>mess(item)} type="button"
> className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5"
в корзину onClick={() => mess(item)}
</a> >
</div> в корзину
</a>
</div> </div>
</div> </div>
))} </div>
</div> ))}
); </div>
} );
}

94
front/src/components/common/Header.jsx
View File

@ -1,35 +1,67 @@
import { NavLink } from "react-router-dom"; import {NavLink, useNavigate} from "react-router-dom";
import {useEffect, useState} from "react";
export default function Header(props) { export default function Header(props) {
return ( const [userRole, setUserRole] = useState("");
<nav className="navbar navbar-expand-lg"> const navigate = useNavigate();
<div className="container-fluid"> useEffect(() => {
<NavLink className="navbar-brand" to={"/"}> window.addEventListener("storage", () => {
<h1>Очень вкусно и запятая</h1> getUserRole();
</NavLink> });
<button getUserRole();
className="navbar-toggler" }, []);
type="button"
data-bs-toggle="collapse" const getUserRole = function () {
data-bs-target="#navbarSupportedContent" const role = localStorage.getItem("role") || "NONE";
aria-controls="navbarSupportedContent" setUserRole(role);
aria-expanded="false" };
aria-label="Toggle navigation" const handlelogout = function () {
> window.location.reload();
<span className="navbar-toggler-icon"></span> navigate("/catalogs/login");
</button> localStorage.removeItem("role");
<div className="collapse navbar-collapse" id="navbarSupportedContent"> localStorage.removeItem("user");
<ul className="navbar-nav me-auto mb-2 mb-lg-0"> localStorage.removeItem("token");
{props.links.map((route) => ( }
<li key={route.path} className="nav-item"> return (
<NavLink className="nav-link fs-4" to={route.path}> <nav className="navbar navbar-expand-lg">
{route.label} <div className="container-fluid">
<NavLink className="navbar-brand" to={"/"}>
<h1>Очень вкусно и запятая</h1>
</NavLink> </NavLink>
</li> <button
))} className="navbar-toggler"
</ul> type="button"
</div> data-bs-toggle="collapse"
</div> data-bs-target="#navbarSupportedContent"
</nav> aria-controls="navbarSupportedContent"
); aria-expanded="false"
aria-label="Toggle navigation"
>
<span className="navbar-toggler-icon"></span>
</button>
<div className="collapse navbar-collapse" id="navbarSupportedContent">
<ul className="navbar-nav me-auto mb-2 mb-lg-0">
{props.links.map((route) => {
if (route.role == userRole || route.role == undefined) {
return (
<li key={route.path} className="nav-item">
<NavLink className="nav-link" to={route.path}>
{route.label}
</NavLink>
</li>
);
}
})}
</ul>
</div>
<span className="col text-end">
{localStorage.getItem("role") !== null &&
<a className="nav-link" onClick={handlelogout}>
{"Выход(" + localStorage.getItem("user") + ")"}
</a>
}
</span>
</div>
</nav>
);
} }

45
front/src/components/common/PrivateRoute.jsx Normal file
View File

@ -0,0 +1,45 @@
import { Outlet, Navigate, useNavigate } from "react-router-dom";
import { useEffect, useState } from "react";
export default function PrivateRoute(props) {
const navigate = useNavigate();
useEffect(() => {
window.addEventListener("storage", () => {
let token = localStorage.getItem("token");
if (token) {
getRole(token).then((role) => {
if (localStorage.getItem("role") != role) {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
window.dispatchEvent(new Event("storage"));
navigate("/catalog/main");
}
});
}
});
}, []);
const getRole = async function (token) {
const requestParams = {
method: "GET",
headers: {
"Content-Type": "application/json",
},
};
const requestUrl = `http://localhost:8080/user?token=${token}`;
const response = await fetch(requestUrl, requestParams);
const result = await response.text();
return result;
};
let isAllowed = false;
let userRole = localStorage.getItem("role");
if (
props.role === userRole || userRole == "ADMIN"
) {
isAllowed = true;
}
return isAllowed ? <Outlet /> : <Navigate to="/catalogs/login" />;
}

2
front/src/components/common/TableOrder.jsx
View File

@ -44,7 +44,7 @@ export default function TableOrder(props) {
} }
} }
async function acceptOrder(){ async function acceptOrder(){
await DataService.create("/order",{...order, ["price"]:cost, ["status"]: "1"} ).then(data => { await DataService.create("/order",{...order, ["price"]:cost, ["status"]: "1", ["user"]:localStorage.getItem("user")} ).then(data => {
props.setProduct([]); props.setProduct([]);
setCost(0); setCost(0);
}); });

32
front/src/components/common/ToolbarProduct.jsx
View File

@ -1,17 +1,21 @@
export default function ToolbarProduct(props) { export default function ToolbarProduct(props) {
function add() { function add() {
props.onAdd(); props.onAdd();
}
return (
<div className="btn-group mt-2" role="group">
<button
type="button"
className={`btn btn-outline-dark text-center d-flex justify-content-md-center mx-5 mb-3`}
onClick={add}
>
Добавить
</button>
</div>
);
} }
return (
<>
<div className="btn-group mt-2" role="group">
{localStorage.getItem("role") == "ADMIN" &&
<button
type="button"
className={`btn btn-outline-dark text-center d-flex justify-content-md-center mx-5 mb-3`}
onClick={add}
>
Добавить
</button>
}
</div>
</>
);
}

1
front/src/models/Order.js
View File

@ -5,5 +5,6 @@ export default class Order {
this.price = data?.price || 0; this.price = data?.price || 0;
this.productDTOList = data?.productDTOList || []; this.productDTOList = data?.productDTOList || [];
this.status = data?.status || "0"; this.status = data?.status || "0";
this.user = data?.user || "";
} }
} }

7
front/src/models/User.js Normal file
View File

@ -0,0 +1,7 @@
export default class User {
constructor(data) {
this.id = data?.id;
this.login = data?.login || "";
this.role = data?.role || "";
}
}

42
front/src/services/DataService.js
View File

@ -4,13 +4,32 @@ export default class DataService {
static dataUrlPrefix = 'http://localhost:8080'; static dataUrlPrefix = 'http://localhost:8080';
static async readAll(url, transformer) { static async readAll(url, transformer) {
const response = await fetch(this.dataUrlPrefix + url); const response = await fetch(this.dataUrlPrefix + url, {headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
const data = await response.json(); const data = await response.json();
return data.map(item => transformer(item)); return data.map(item => transformer(item));
} }
static async readUsersPage(dataUrlPrefix, url, page) {
const response = await axios.get(dataUrlPrefix + url + `?page=${page}`,{
headers:{
"Authorization": "Bearer " + localStorage.getItem("token")
}
});
return response.data;
}
static async readUser(dataUrlPrefix, url, login){
const response = await axios.get(dataUrlPrefix + url + `/${login}`);
return response.data;
}
static async read(url, transformer) { static async read(url, transformer) {
const response = await axios.get(this.dataUrlPrefix + url); const response = await axios.get(this.dataUrlPrefix + url,{headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
return transformer(response.data); return transformer(response.data);
} }
@ -30,6 +49,7 @@ export default class DataService {
method: "PUT", method: "PUT",
headers: { headers: {
"Content-Type": "application/json", "Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}, },
body: JSON.stringify(data), body: JSON.stringify(data),
}; };
@ -38,7 +58,23 @@ export default class DataService {
} }
static async delete(url) { static async delete(url) {
const response = await axios.delete(this.dataUrlPrefix + url); const response = await axios.delete(this.dataUrlPrefix + url,{headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
return response.data.id; return response.data.id;
} }
static async readUser(url, data) {
const response = await axios.get(this.dataUrlPrefix + url + `/${data}`);
return response.data;
}
static async readAllOrders(url, transformer) {
const response = await fetch(this.dataUrlPrefix + url, {headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
const data = await response.json();
return data.map(item => transformer(item));
}
} }

8
src/main/java/ip/labwork/LabworkApplication.java
View File

@ -2,12 +2,10 @@ package ip.labwork;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication @SpringBootApplication
@RestController
public class LabworkApplication { public class LabworkApplication {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(LabworkApplication.class, args); SpringApplication.run(LabworkApplication.class, args);
} }
} }

28
src/main/java/ip/labwork/configuration/OpenAPI30Configuration.java Normal file
View File

@ -0,0 +1,28 @@
package ip.labwork.configuration;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import ip.labwork.configuration.jwt.JwtFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class OpenAPI30Configuration {
public static final String API_PREFIX = "/api/1.0";
@Bean
public OpenAPI customizeOpenAPI() {
final String securitySchemeName = JwtFilter.TOKEN_BEGIN_STR;
return new OpenAPI()
.addSecurityItem(new SecurityRequirement()
.addList(securitySchemeName))
.components(new Components()
.addSecuritySchemes(securitySchemeName, new SecurityScheme()
.name(securitySchemeName)
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")));
}
}

14
src/main/java/ip/labwork/configuration/PasswordEncoderConfiguration.java Normal file
View File

@ -0,0 +1,14 @@
package ip.labwork.configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class PasswordEncoderConfiguration {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

92
src/main/java/ip/labwork/configuration/SecurityConfiguration.java Normal file
View File

@ -0,0 +1,92 @@
package ip.labwork.configuration;
import ip.labwork.configuration.jwt.JwtFilter;
import ip.labwork.user.controller.UserController;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
public class SecurityConfiguration {
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
private final UserService userService;
private final JwtFilter jwtFilter;
public SecurityConfiguration(UserService userService) {
this.userService = userService;
this.jwtFilter = new JwtFilter(userService);
createAdminOnStartup();
}
private void createAdminOnStartup() {
final String admin = "admin";
if (userService.findByLogin(admin) == null) {
log.info("Admin user successfully created");
userService.createUser(admin, admin, admin, UserRole.ADMIN);
}
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
log.info("Creating security configuration");
http.cors()
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeHttpRequests()
.requestMatchers("/", SPA_URL_MASK).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_SIGNUP).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
.requestMatchers(HttpMethod.GET, "/users/*").permitAll()
.requestMatchers(HttpMethod.GET, "/h2-console").permitAll()
.anyRequest()
.authenticated()
.and()
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
.anonymous();
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(HttpSecurity http, PasswordEncoderConfiguration bCryptPasswordEncoder)
throws Exception {
return http.getSharedObject(AuthenticationManagerBuilder.class)
.userDetailsService(userService)
.passwordEncoder(bCryptPasswordEncoder.passwordEncoder())
.and()
.build();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring()
.requestMatchers(HttpMethod.OPTIONS, "/**")
.requestMatchers("/*.js")
.requestMatchers("/*.png")
.requestMatchers("/*.jpg")
.requestMatchers("/*.html")
.requestMatchers("/*.css")
.requestMatchers("/assets/**")
.requestMatchers("/favicon.ico")
.requestMatchers("/.js", "/.css")
.requestMatchers("/swagger-ui/index.html")
.requestMatchers("/webjars/**")
.requestMatchers("/swagger-resources/**")
.requestMatchers("/v3/api-docs/**");
}
}

11
src/main/java/ip/labwork/WebConfiguration.java → src/main/java/ip/labwork/configuration/WebConfiguration.java
View File

@ -1,24 +1,27 @@
package ip.labwork; package ip.labwork.configuration;
import org.springframework.boot.web.server.ErrorPage; import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.WebServerFactoryCustomizer; import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory; import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.http.HttpStatus; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration @Configuration
class WebConfiguration implements WebMvcConfigurer { class WebConfiguration implements WebMvcConfigurer {
@Override @Override
public void addCorsMappings(CorsRegistry registry){ public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("*"); registry.addMapping("/**").allowedMethods("*");
} }
@Override @Override
public void addViewControllers(ViewControllerRegistry registry) { public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController(SecurityConfiguration.SPA_URL_MASK).setViewName("forward:/");
registry.addViewController("/notFound").setViewName("forward:/");
ViewControllerRegistration registration = registry.addViewController("/notFound"); ViewControllerRegistration registration = registry.addViewController("/notFound");
registration.setViewName("forward:/index.html"); registration.setViewName("forward:/index.html");
registration.setStatusCode(HttpStatus.OK); registration.setStatusCode(HttpStatus.OK);

11
src/main/java/ip/labwork/configuration/jwt/JwtException.java Normal file
View File

@ -0,0 +1,11 @@
package ip.labwork.configuration.jwt;
public class JwtException extends RuntimeException {
public JwtException(Throwable throwable) {
super(throwable);
}
public JwtException(String message) {
super(message);
}
}

72
src/main/java/ip/labwork/configuration/jwt/JwtFilter.java Normal file
View File

@ -0,0 +1,72 @@
package ip.labwork.configuration.jwt;
import com.fasterxml.jackson.databind.ObjectMapper;
import ip.labwork.user.service.UserService;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.GenericFilterBean;
import java.io.IOException;
public class JwtFilter extends GenericFilterBean {
private static final String AUTHORIZATION = "Authorization";
public static final String TOKEN_BEGIN_STR = "Bearer ";
private final UserService userService;
public JwtFilter(UserService userService) {
this.userService = userService;
}
private String getTokenFromRequest(HttpServletRequest request) {
String bearer = request.getHeader(AUTHORIZATION);
if (StringUtils.hasText(bearer) && bearer.startsWith(TOKEN_BEGIN_STR)) {
return bearer.substring(TOKEN_BEGIN_STR.length());
}
return null;
}
private void raiseException(ServletResponse response, int status, String message) throws IOException {
if (response instanceof final HttpServletResponse httpResponse) {
httpResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
httpResponse.setStatus(status);
final byte[] body = new ObjectMapper().writeValueAsBytes(message);
response.getOutputStream().write(body);
}
}
@Override
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain) throws IOException, ServletException {
if (request instanceof final HttpServletRequest httpRequest) {
final String token = getTokenFromRequest(httpRequest);
if (StringUtils.hasText(token)) {
try {
final UserDetails user = userService.loadUserByToken(token);
final UsernamePasswordAuthenticationToken auth =
new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
} catch (JwtException e) {
raiseException(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
return;
} catch (Exception e) {
e.printStackTrace();
raiseException(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
String.format("Internal error: %s", e.getMessage()));
return;
}
}
}
chain.doFilter(request, response);
}
}

27
src/main/java/ip/labwork/configuration/jwt/JwtProperties.java Normal file
View File

@ -0,0 +1,27 @@
package ip.labwork.configuration.jwt;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
@Configuration
@ConfigurationProperties(prefix = "jwt", ignoreInvalidFields = true)
public class JwtProperties {
private String devToken = "";
private Boolean isDev = true;
public String getDevToken() {
return devToken;
}
public void setDevToken(String devToken) {
this.devToken = devToken;
}
public Boolean isDev() {
return isDev;
}
public void setDev(Boolean dev) {
isDev = dev;
}
}

107
src/main/java/ip/labwork/configuration/jwt/JwtProvider.java Normal file
View File

@ -0,0 +1,107 @@
package ip.labwork.configuration.jwt;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.Date;
import java.util.Optional;
import java.util.UUID;
@Component
public class JwtProvider {
private final static Logger LOG = LoggerFactory.getLogger(JwtProvider.class);
private final static byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
private final static String ISSUER = "auth0";
private final Algorithm algorithm;
private final JWTVerifier verifier;
public JwtProvider(JwtProperties jwtProperties) {
if (!jwtProperties.isDev()) {
LOG.info("Generate new JWT key for prod");
try {
final MessageDigest salt = MessageDigest.getInstance("SHA-256");
salt.update(UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));
LOG.info("Use generated JWT key for prod \n{}", bytesToHex(salt.digest()));
algorithm = Algorithm.HMAC256(bytesToHex(salt.digest()));
} catch (NoSuchAlgorithmException e) {
throw new JwtException(e);
}
} else {
LOG.info("Use default JWT key for dev \n{}", jwtProperties.getDevToken());
algorithm = Algorithm.HMAC256(jwtProperties.getDevToken());
}
verifier = JWT.require(algorithm)
.withIssuer(ISSUER)
.build();
}
private static String bytesToHex(byte[] bytes) {
byte[] hexChars = new byte[bytes.length * 2];
for (int j = 0; j < bytes.length; j++) {
int v = bytes[j] & 0xFF;
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
}
return new String(hexChars, StandardCharsets.UTF_8);
}
public String generateToken(String login) {
final Date issueDate = Date.from(LocalDate.now()
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
final Date expireDate = Date.from(LocalDate.now()
.plusDays(15)
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
return JWT.create()
.withIssuer(ISSUER)
.withIssuedAt(issueDate)
.withExpiresAt(expireDate)
.withSubject(login)
.sign(algorithm);
}
private DecodedJWT validateToken(String token) {
try {
return verifier.verify(token);
} catch (JWTVerificationException e) {
throw new JwtException(String.format("Token verification error: %s", e.getMessage()));
}
}
public boolean isTokenValid(String token) {
if (!StringUtils.hasText(token)) {
return false;
}
try {
validateToken(token);
return true;
} catch (JwtException e) {
LOG.error(e.getMessage());
return false;
}
}
public Optional<String> getLoginFromToken(String token) {
try {
return Optional.ofNullable(validateToken(token).getSubject());
} catch (JwtException e) {
LOG.error(e.getMessage());
return Optional.empty();
}
}
}

12
src/main/java/ip/labwork/shop/controller/ComponentController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller; package ip.labwork.shop.controller;
import ip.labwork.shop.service.ComponentService; import ip.labwork.shop.service.ComponentService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
@ -17,31 +19,37 @@ public class ComponentController {
} }
@PostMapping @PostMapping
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO createComponent(@RequestBody @Valid ComponentDTO componentDTO) { public ComponentDTO createComponent(@RequestBody @Valid ComponentDTO componentDTO) {
return componentService.create(componentDTO); return componentService.create(componentDTO);
} }
@PutMapping("/{id}") @PutMapping("/{id}")
public ComponentDTO updateComponent(@PathVariable Long id,@RequestBody @Valid ComponentDTO componentDTO) { @Secured({UserRole.AsString.ADMIN})
return componentService.updateComponent(id,componentDTO); public ComponentDTO updateComponent(@PathVariable Long id, @RequestBody @Valid ComponentDTO componentDTO) {
return componentService.updateComponent(id, componentDTO);
} }
@DeleteMapping("/{id}") @DeleteMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO removeComponent(@PathVariable Long id) { public ComponentDTO removeComponent(@PathVariable Long id) {
return componentService.deleteComponent(id); return componentService.deleteComponent(id);
} }
@DeleteMapping @DeleteMapping
@Secured({UserRole.AsString.ADMIN})
public void removeAllComponent() { public void removeAllComponent() {
componentService.deleteAllComponent(); componentService.deleteAllComponent();
} }
@GetMapping("/{id}") @GetMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO findComponent(@PathVariable Long id) { public ComponentDTO findComponent(@PathVariable Long id) {
return new ComponentDTO(componentService.findComponent(id)); return new ComponentDTO(componentService.findComponent(id));
} }
@GetMapping @GetMapping
@Secured({UserRole.AsString.ADMIN})
public List<ComponentDTO> findAllComponent() { public List<ComponentDTO> findAllComponent() {
return componentService.findAllComponent(); return componentService.findAllComponent();
} }

29
src/main/java/ip/labwork/shop/controller/OrderController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller; package ip.labwork.shop.controller;
import ip.labwork.shop.service.OrderService; import ip.labwork.shop.service.OrderService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
@ -10,32 +12,47 @@ import java.util.List;
@RequestMapping("/order") @RequestMapping("/order")
public class OrderController { public class OrderController {
private final OrderService orderService; private final OrderService orderService;
public OrderController(OrderService orderService) { public OrderController(OrderService orderService) {
this.orderService = orderService; this.orderService = orderService;
} }
@PostMapping @PostMapping
public OrderDTO createOrder(@RequestBody @Valid OrderDTO orderDTO){ @Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public OrderDTO createOrder(@RequestBody @Valid OrderDTO orderDTO) {
return orderService.create(orderDTO); return orderService.create(orderDTO);
} }
@PutMapping("/{id}") @PutMapping("/{id}")
public OrderDTO updateOrder(@PathVariable Long id, @RequestBody @Valid OrderDTO orderDTO){ public OrderDTO updateOrder(@PathVariable Long id, @RequestBody @Valid OrderDTO orderDTO) {
return orderService.update(id, orderDTO); return orderService.update(id, orderDTO);
} }
@DeleteMapping("/{id}") @DeleteMapping("/{id}")
public OrderDTO removeOrder(@PathVariable Long id){ public OrderDTO removeOrder(@PathVariable Long id) {
return orderService.deleteOrder(id); return orderService.deleteOrder(id);
} }
@DeleteMapping @DeleteMapping
public void removeAllOrder(){ public void removeAllOrder() {
orderService.deleteAllOrder(); orderService.deleteAllOrder();
} }
@GetMapping("/{id}") @GetMapping("/{id}")
public OrderDTO findOrder(@PathVariable Long id){ @Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public OrderDTO findOrder(@PathVariable Long id) {
return new OrderDTO(orderService.findOrder(id)); return new OrderDTO(orderService.findOrder(id));
} }
@GetMapping @GetMapping
public List<OrderDTO> findAllOrder(){ @Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public List<OrderDTO> findAllOrder() {
return orderService.findAllOrder(); return orderService.findAllOrder();
} }
@GetMapping("/all/{login}")
@Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public List<OrderDTO> findFiltredOrder(@PathVariable String login) {
return orderService.findFiltredOrder(login);
}
} }

20
src/main/java/ip/labwork/shop/controller/OrderDTO.java
View File

@ -11,8 +11,11 @@ public class OrderDTO {
private long id; private long id;
private Date date = new Date(); private Date date = new Date();
private int price; private int price;
private long user_id;
private String user;
private OrderStatus status = OrderStatus.Неизвестен; private OrderStatus status = OrderStatus.Неизвестен;
private List<ProductDTO> productDTOList; private List<ProductDTO> productDTOList;
public OrderDTO(Order order) { public OrderDTO(Order order) {
this.id = order.getId(); this.id = order.getId();
this.date = order.getDate(); this.date = order.getDate();
@ -22,6 +25,7 @@ public class OrderDTO {
.map(y -> new ProductDTO(y.getProduct(), y.getCount())) .map(y -> new ProductDTO(y.getProduct(), y.getCount()))
.toList(); .toList();
this.status = Objects.equals(order.getStatus().toString(), "") ? OrderStatus.Неизвестен : order.getStatus(); this.status = Objects.equals(order.getStatus().toString(), "") ? OrderStatus.Неизвестен : order.getStatus();
this.user_id = order.getUser_id() == null ? -1 : order.getUser_id();
} }
public OrderDTO() { public OrderDTO() {
@ -55,6 +59,22 @@ public class OrderDTO {
this.status = status; this.status = status;
} }
public long getUser_id() {
return user_id;
}
public void setUser_id(long user_id) {
this.user_id = user_id;
}
public String getUser() {
return user;
}
public void setUser(String user) {
this.user = user;
}
public List<ProductDTO> getProductDTOList() { public List<ProductDTO> getProductDTOList() {
return productDTOList; return productDTOList;
} }

25
src/main/java/ip/labwork/shop/controller/ProductController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller; package ip.labwork.shop.controller;
import ip.labwork.shop.service.ProductService; import ip.labwork.shop.service.ProductService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
@ -16,27 +18,38 @@ public class ProductController {
} }
@PostMapping @PostMapping
public ProductDTO createProduct(@RequestBody @Valid ProductDTO productDTO){ @Secured({UserRole.AsString.ADMIN})
public ProductDTO createProduct(@RequestBody @Valid ProductDTO productDTO) {
return productService.create(productDTO); return productService.create(productDTO);
} }
@PutMapping("/{id}") @PutMapping("/{id}")
public ProductDTO updateProduct(@PathVariable Long id,@RequestBody @Valid ProductDTO productDTO){ @Secured({UserRole.AsString.ADMIN})
public ProductDTO updateProduct(@PathVariable Long id, @RequestBody @Valid ProductDTO productDTO) {
return productService.updateProduct(id, productDTO); return productService.updateProduct(id, productDTO);
} }
@DeleteMapping("/{id}") @DeleteMapping("/{id}")
public ProductDTO removeProduct(@PathVariable Long id){ @Secured({UserRole.AsString.ADMIN})
public ProductDTO removeProduct(@PathVariable Long id) {
return productService.deleteProduct(id); return productService.deleteProduct(id);
} }
@DeleteMapping @DeleteMapping
public void removeAllProduct(){ @Secured({UserRole.AsString.ADMIN})
public void removeAllProduct() {
productService.deleteAllProduct(); productService.deleteAllProduct();
} }
@GetMapping("/{id}") @GetMapping("/{id}")
public ProductDTO findProduct(@PathVariable Long id){ @Secured({UserRole.AsString.ADMIN})
public ProductDTO findProduct(@PathVariable Long id) {
return new ProductDTO(productService.findProduct(id)); return new ProductDTO(productService.findProduct(id));
} }
@GetMapping @GetMapping
public List<ProductDTO> findAllProduct(){ @Secured({UserRole.AsString.ADMIN})
public List<ProductDTO> findAllProduct() {
return productService.findAllProduct(); return productService.findAllProduct();
} }
} }

25
src/main/java/ip/labwork/shop/model/Order.java
View File

@ -20,16 +20,19 @@ public class Order {
@NotNull(message = "Price can't be null or empty") @NotNull(message = "Price can't be null or empty")
@Column(name = "price") @Column(name = "price")
private Integer price; private Integer price;
private Long user_id;
@OneToMany(mappedBy = "order", cascade = CascadeType.ALL, fetch = FetchType.EAGER) @OneToMany(mappedBy = "order", cascade = CascadeType.ALL, fetch = FetchType.EAGER)
private List<OrderProducts> products; private List<OrderProducts> products;
private OrderStatus status; private OrderStatus status;
public Order(){
public Order() {
} }
public Order(Date date, Integer price, OrderStatus status) { public Order(Date date, Integer price, OrderStatus status, Long user_id) {
this.date = date; this.date = date;
this.price = price; this.price = price;
this.user_id = user_id;
this.status = status; this.status = status;
} }
@ -56,6 +59,7 @@ public class Order {
public void setPrice(Integer price) { public void setPrice(Integer price) {
this.price = price; this.price = price;
} }
public List<OrderProducts> getProducts() { public List<OrderProducts> getProducts() {
return products; return products;
} }
@ -64,14 +68,15 @@ public class Order {
this.products = products; this.products = products;
} }
public void addProduct(OrderProducts orderProducts){ public void addProduct(OrderProducts orderProducts) {
if (products == null){ if (products == null) {
this.products = new ArrayList<>(); this.products = new ArrayList<>();
} }
if (!products.contains(orderProducts)) if (!products.contains(orderProducts))
this.products.add(orderProducts); this.products.add(orderProducts);
} }
public void removeProducts(OrderProducts orderProducts){
public void removeProducts(OrderProducts orderProducts) {
if (products.contains(orderProducts)) if (products.contains(orderProducts))
this.products.remove(orderProducts); this.products.remove(orderProducts);
} }
@ -84,11 +89,19 @@ public class Order {
this.status = status; this.status = status;
} }
public Long getUser_id() {
return user_id;
}
public void setUser_id(Long user_id) {
this.user_id = user_id;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) return true; if (this == o) return true;
if (!(o instanceof Order order)) return false; if (!(o instanceof Order order)) return false;
return Objects.equals(getId(), order.getId()) && Objects.equals(getDate(), order.getDate()) && Objects.equals(getPrice(), order.getPrice()); return Objects.equals(getId(), order.getId()) && Objects.equals(getDate(), order.getDate()) && Objects.equals(getPrice(), order.getPrice()) && Objects.equals(getUser_id(), order.getUser_id()) && Objects.equals(getProducts(), order.getProducts()) && getStatus() == order.getStatus();
} }
@Override @Override

27
src/main/java/ip/labwork/shop/service/OrderService.java
View File

@ -1,9 +1,12 @@
package ip.labwork.shop.service; package ip.labwork.shop.service;
import ip.labwork.shop.controller.OrderDTO; import ip.labwork.shop.controller.OrderDTO;
import ip.labwork.shop.model.*; import ip.labwork.shop.model.Order;
import ip.labwork.shop.model.OrderProducts;
import ip.labwork.shop.model.Product;
import ip.labwork.shop.repository.OrderRepository; import ip.labwork.shop.repository.OrderRepository;
import ip.labwork.shop.repository.ProductRepository; import ip.labwork.shop.repository.ProductRepository;
import ip.labwork.user.service.UserService;
import ip.labwork.util.validation.ValidatorUtil; import ip.labwork.util.validation.ValidatorUtil;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
@ -14,21 +17,24 @@ import java.util.*;
public class OrderService { public class OrderService {
private final OrderRepository orderRepository; private final OrderRepository orderRepository;
private final ProductRepository productRepository; private final ProductRepository productRepository;
private final UserService userService;
private final ValidatorUtil validatorUtil; private final ValidatorUtil validatorUtil;
public OrderService(OrderRepository orderRepository, public OrderService(OrderRepository orderRepository,
ValidatorUtil validatorUtil, ProductRepository productRepository) { ValidatorUtil validatorUtil, ProductRepository productRepository, UserService userService) {
this.orderRepository = orderRepository; this.orderRepository = orderRepository;
this.validatorUtil = validatorUtil; this.validatorUtil = validatorUtil;
this.productRepository = productRepository; this.productRepository = productRepository;
this.userService = userService;
} }
@Transactional @Transactional
public OrderDTO create(OrderDTO orderDTO) { public OrderDTO create(OrderDTO orderDTO) {
int price = 0; int price = 0;
for(int i = 0; i < orderDTO.getProductDTOList().size(); i++){ for (int i = 0; i < orderDTO.getProductDTOList().size(); i++) {
price += orderDTO.getProductDTOList().get(i).getPrice() * orderDTO.getProductDTOList().get(i).getCount(); price += orderDTO.getProductDTOList().get(i).getPrice() * orderDTO.getProductDTOList().get(i).getCount();
} }
final Order order = new Order(new Date(), price, orderDTO.getStatus()); final Order order = new Order(new Date(), price, orderDTO.getStatus(), userService.findByLogin(orderDTO.getUser()).getId());
validatorUtil.validate(order); validatorUtil.validate(order);
orderRepository.save(order); orderRepository.save(order);
for (int i = 0; i < orderDTO.getProductDTOList().size(); i++) { for (int i = 0; i < orderDTO.getProductDTOList().size(); i++) {
@ -38,15 +44,23 @@ public class OrderService {
orderRepository.save(order); orderRepository.save(order);
return new OrderDTO(findOrder(order.getId())); return new OrderDTO(findOrder(order.getId()));
} }
@Transactional(readOnly = true) @Transactional(readOnly = true)
public Order findOrder(Long id) { public Order findOrder(Long id) {
final Optional<Order> order = orderRepository.findById(id); final Optional<Order> order = orderRepository.findById(id);
return order.orElseThrow(() -> new OrderNotFoundException(id)); return order.orElseThrow(() -> new OrderNotFoundException(id));
} }
@Transactional(readOnly = true) @Transactional(readOnly = true)
public List<OrderDTO> findAllOrder() { public List<OrderDTO> findAllOrder() {
return orderRepository.findAll().stream().map(x -> new OrderDTO(x)).toList(); return orderRepository.findAll().stream().map(x -> new OrderDTO(x)).toList();
} }
@Transactional(readOnly = true)
public List<OrderDTO> findFiltredOrder(String login) {
return orderRepository.findAll().stream().filter(x -> Objects.equals(x.getUser_id(), userService.findByLogin(login).getId())).map(x -> new OrderDTO(x)).toList();
}
@Transactional @Transactional
public OrderDTO update(Long id, OrderDTO orderDTO) { public OrderDTO update(Long id, OrderDTO orderDTO) {
final Order currentOrder = findOrder(id); final Order currentOrder = findOrder(id);
@ -68,8 +82,7 @@ public class OrderService {
product_id = product_id.stream().filter(x -> !Objects.equals(x, newProducts.get(finalI).getId())).toList(); product_id = product_id.stream().filter(x -> !Objects.equals(x, newProducts.get(finalI).getId())).toList();
orderProducts.setCount(orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount()); orderProducts.setCount(orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount());
orderRepository.saveAndFlush(currentOrder); orderRepository.saveAndFlush(currentOrder);
} } else {
else {
final OrderProducts orderProducts = new OrderProducts(currentOrder, newProducts.get(i), orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount()); final OrderProducts orderProducts = new OrderProducts(currentOrder, newProducts.get(i), orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount());
currentOrder.addProduct(orderProducts); currentOrder.addProduct(orderProducts);
orderRepository.saveAndFlush(currentOrder); orderRepository.saveAndFlush(currentOrder);
@ -82,6 +95,7 @@ public class OrderService {
orderRepository.saveAndFlush(currentOrder); orderRepository.saveAndFlush(currentOrder);
return new OrderDTO(currentOrder); return new OrderDTO(currentOrder);
} }
@Transactional @Transactional
public OrderDTO deleteOrder(Long id) { public OrderDTO deleteOrder(Long id) {
final Order currentOrder = findOrder(id); final Order currentOrder = findOrder(id);
@ -94,6 +108,7 @@ public class OrderService {
orderRepository.delete(currentOrder); orderRepository.delete(currentOrder);
return new OrderDTO(currentOrder); return new OrderDTO(currentOrder);
} }
@Transactional @Transactional
public void deleteAllOrder() { public void deleteAllOrder() {
orderRepository.deleteAll(); orderRepository.deleteAll();

64
src/main/java/ip/labwork/user/controller/UserController.java Normal file
View File

@ -0,0 +1,64 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.service.UserService;
import jakarta.validation.Valid;
import org.springframework.data.domain.Page;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;
import java.util.List;
import java.util.stream.IntStream;
@RestController
public class UserController {
public static final String URL_LOGIN = "/jwt/login";
public static final String URL_SIGNUP = "/jwt/signup";
private final UserService userService;
public UserController(UserService userService) {
this.userService = userService;
}
@PostMapping(URL_LOGIN)
public String login(@RequestBody @Valid UserDto userDto) {
return userService.loginAndGetToken(userDto);
}
@PostMapping(URL_SIGNUP)
public UserInfoDto signup(@RequestBody @Valid UserDto userDto) {
return userService.signupAndGetToken(userDto);
}
@GetMapping("/users/{login}")
public UserDetails getCurrentUser(@PathVariable String login) {
try {
return userService.loadUserByUsername(login);
} catch (Exception e) {
return null;
}
}
@GetMapping("/user")
public String findUser(@RequestParam("token") String token) {
UserDetails userDetails = userService.loadUserByToken(token);
User user = userService.findByLogin(userDetails.getUsername());
return user.getRole().toString();
}
@GetMapping("/users")
@Secured({UserRole.AsString.ADMIN})
public UsersPageDTO getUsers(@RequestParam(defaultValue = "1") int page,
@RequestParam(defaultValue = "5") int size) {
final Page<UserDto> users = userService.findAllPages(page, size)
.map(UserDto::new);
final int totalPages = users.getTotalPages();
final List<Integer> pageNumbers = IntStream.rangeClosed(1, totalPages)
.boxed()
.toList();
return new UsersPageDTO(users, pageNumbers, totalPages);
}
}

44
src/main/java/ip/labwork/user/controller/UserDto.java Normal file
View File

@ -0,0 +1,44 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import jakarta.validation.constraints.NotEmpty;
public class UserDto {
private long id;
@NotEmpty
private String login;
@NotEmpty
private String password;
private String passwordConfirm;
private UserRole role;
public UserDto() {
}
public UserDto(User user) {
this.id = user.getId();
this.login = user.getLogin();
this.role = user.getRole();
}
public long getId() {
return id;
}
public String getLogin() {
return login;
}
public String getPassword() {
return password;
}
public String getPasswordConfirm() {
return passwordConfirm;
}
public UserRole getRole() {
return role;
}
}

34
src/main/java/ip/labwork/user/controller/UserInfoDto.java Normal file
View File

@ -0,0 +1,34 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.UserRole;
import jakarta.validation.constraints.NotEmpty;
public class UserInfoDto {
@NotEmpty
private String token;
@NotEmpty
private String login;
@NotEmpty
private UserRole role;
public UserInfoDto(String token, String login, UserRole role) {
this.token = token;
this.login = login;
this.role = role;
}
public UserInfoDto() {
}
public String getToken() {
return token;
}
public String getLogin() {
return login;
}
public UserRole getRole() {
return role;
}
}

29
src/main/java/ip/labwork/user/controller/UsersPageDTO.java Normal file
View File

@ -0,0 +1,29 @@
package ip.labwork.user.controller;
import org.springframework.data.domain.Page;
import java.util.List;
public class UsersPageDTO {
private Page<UserDto> users;
private List<Integer> pageNumbers;
private int totalPages;
public UsersPageDTO(Page<UserDto> users, List<Integer> pageNumbers, int totalPages) {
this.users = users;
this.pageNumbers = pageNumbers;
this.totalPages = totalPages;
}
public Page<UserDto> getUsers() {
return users;
}
public List<Integer> getPageNumbers() {
return pageNumbers;
}
public int getTotalPages() {
return totalPages;
}
}

83
src/main/java/ip/labwork/user/model/User.java Normal file
View File

@ -0,0 +1,83 @@
package ip.labwork.user.model;
import jakarta.persistence.*;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.Size;
import java.util.Objects;
@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false, unique = true, length = 64)
@NotBlank
@Size(min = 3, max = 64)
private String login;
@Column(nullable = false, length = 64)
@NotBlank
@Size(min = 6, max = 64)
private String password;
private UserRole role;
public User() {
}
public User(String login, String password) {
this(login, password, UserRole.USER);
}
public User(String login, String password, UserRole role) {
this.login = login;
this.password = password;
this.role = role;
}
public Long getId() {
return id;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public UserRole getRole() {
return role;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
User user = (User) o;
return Objects.equals(id, user.id);
}
@Override
public int hashCode() {
return Objects.hash(id);
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", login='" + login + '\'' +
", password='" + password + '\'' +
'}';
}
}

20
src/main/java/ip/labwork/user/model/UserRole.java Normal file
View File

@ -0,0 +1,20 @@
package ip.labwork.user.model;
import org.springframework.security.core.GrantedAuthority;
public enum UserRole implements GrantedAuthority {
ADMIN,
USER;
private static final String PREFIX = "ROLE_";
@Override
public String getAuthority() {
return PREFIX + this.name();
}
public static final class AsString {
public static final String ADMIN = PREFIX + "ADMIN";
public static final String USER = PREFIX + "USER";
}
}

8
src/main/java/ip/labwork/user/repository/UserRepository.java Normal file
View File

@ -0,0 +1,8 @@
package ip.labwork.user.repository;
import ip.labwork.user.model.User;
import org.springframework.data.jpa.repository.JpaRepository;
public interface UserRepository extends JpaRepository<User, Long> {
User findOneByLoginIgnoreCase(String login);
}

7
src/main/java/ip/labwork/user/service/UserExistsException.java Normal file
View File

@ -0,0 +1,7 @@
package ip.labwork.user.service;
public class UserExistsException extends RuntimeException {
public UserExistsException(String login) {
super(String.format("User '%s' already exists", login));
}
}

7
src/main/java/ip/labwork/user/service/UserNotFoundException.java Normal file
View File

@ -0,0 +1,7 @@
package ip.labwork.user.service;
public class UserNotFoundException extends RuntimeException {
public UserNotFoundException(String login) {
super(String.format("User not found '%s'", login));
}
}

99
src/main/java/ip/labwork/user/service/UserService.java Normal file
View File

@ -0,0 +1,99 @@
package ip.labwork.user.service;
import ip.labwork.configuration.jwt.JwtException;
import ip.labwork.configuration.jwt.JwtProvider;
import ip.labwork.user.controller.UserDto;
import ip.labwork.user.controller.UserInfoDto;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.repository.UserRepository;
import ip.labwork.util.validation.ValidationException;
import ip.labwork.util.validation.ValidatorUtil;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Sort;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.Objects;
@Service
public class UserService implements UserDetailsService {
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder;
private final ValidatorUtil validatorUtil;
private final JwtProvider jwtProvider;
public UserService(UserRepository userRepository,
PasswordEncoder passwordEncoder,
ValidatorUtil validatorUtil,
JwtProvider jwtProvider) {
this.userRepository = userRepository;
this.passwordEncoder = passwordEncoder;
this.validatorUtil = validatorUtil;
this.jwtProvider = jwtProvider;
}
public Page<User> findAllPages(int page, int size) {
return userRepository.findAll(PageRequest.of(page - 1, size, Sort.by("id").ascending()));
}
public User findByLogin(String login) {
return userRepository.findOneByLoginIgnoreCase(login);
}
public User createUser(String login, String password, String passwordConfirm) {
return createUser(login, password, passwordConfirm, UserRole.USER);
}
public User createUser(String login, String password, String passwordConfirm, UserRole role) {
if (findByLogin(login) != null) {
throw new UserExistsException(login);
}
final User user = new User(login, passwordEncoder.encode(password), role);
validatorUtil.validate(user);
if (!Objects.equals(password, passwordConfirm)) {
throw new ValidationException("Passwords not equals");
}
return userRepository.save(user);
}
public String loginAndGetToken(UserDto userDto) {
final User user = findByLogin(userDto.getLogin());
if (user == null) {
throw new UserNotFoundException(userDto.getLogin());
}
if (!passwordEncoder.matches(userDto.getPassword(), user.getPassword())) {
throw new UserNotFoundException(user.getLogin());
}
return jwtProvider.generateToken(user.getLogin());
}
public UserInfoDto signupAndGetToken(UserDto userDto) {
final User user = createUser(userDto.getLogin(), userDto.getPassword(), userDto.getPasswordConfirm(), UserRole.USER);
return new UserInfoDto(jwtProvider.generateToken(user.getLogin()), user.getLogin(), UserRole.USER);
}
public UserDetails loadUserByToken(String token) throws UsernameNotFoundException {
if (!jwtProvider.isTokenValid(token)) {
throw new JwtException("Bad token");
}
final String userLogin = jwtProvider.getLoginFromToken(token)
.orElseThrow(() -> new JwtException("Token is not contain Login"));
return loadUserByUsername(userLogin);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final User userEntity = findByLogin(username);
if (userEntity == null) {
throw new UsernameNotFoundException(username);
}
return new org.springframework.security.core.userdetails.User(
userEntity.getLogin(), userEntity.getPassword(), Collections.singleton(userEntity.getRole()));
}
}

4
src/main/java/ip/labwork/util/validation/ValidationException.java
View File

@ -3,6 +3,10 @@ package ip.labwork.util.validation;
import java.util.Set; import java.util.Set;
public class ValidationException extends RuntimeException { public class ValidationException extends RuntimeException {
public ValidationException(String message) {
super(message);
}
public ValidationException(Set<String> errors) { public ValidationException(Set<String> errors) {
super(String.join("\n", errors)); super(String.join("\n", errors));
} }

2
src/main/resources/application.properties
View File

@ -9,3 +9,5 @@ spring.jpa.hibernate.ddl-auto=update
spring.h2.console.enabled=true spring.h2.console.enabled=true
spring.h2.console.settings.trace=false spring.h2.console.settings.trace=false
spring.h2.console.settings.web-allow-others=false spring.h2.console.settings.web-allow-others=false
jwt.dev-token=my-secret-jwt
jwt.dev=true