NotScream/IP_PIbd-21_Sergeev_N.I.
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Реакт

Browse Source
This commit is contained in:
Nikita Sergeev 2023-05-14 13:53:12 +04:00
parent 52a842d8c9
commit 5dd9a0d2e1
42 changed files with 1518 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
build.gradle
View File

@ -18,6 +18,7 @@ jar {
dependencies {
implementation(project(':front'))
annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'com.h2database:h2:2.1.210'
@ -27,6 +28,9 @@ dependencies {
implementation 'org.springdoc:springdoc-openapi-ui:1.6.5'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.auth0:java-jwt:4.4.0'
}
tasks.named('test') {

1
front/index.html
View File

@ -2,7 +2,6 @@
<html lang="ru">
<head>
<meta charset="UTF-8"/>
<link rel="icon" type="image/svg+xml" href="/favicon.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<script src="/node_modules/bootstrap/dist/js/bootstrap.min.js"></script>
<script

103
front/src/App.jsx
View File

@ -1,12 +1,22 @@
import './App.css';
import { useRoutes, Outlet, BrowserRouter } from 'react-router-dom';
import Header from './components/common/Header';
import "./App.css";
import {
useRoutes,
Outlet,
BrowserRouter,
Routes,
Route,
} from "react-router-dom";
import Header from "./components/common/Header";
import PrivateRoute from "./components/common/PrivateRoute";
import Footer from "./components/common/Footer";
import CatalogStudents from './components/catalogs/CatalogStudents';
import Menu from './components/catalogs/Menu';
import Basket from './components/catalogs/Basket';
import History from './components/catalogs/History';
import { useState } from 'react';
import CatalogStudents from "./components/catalogs/CatalogStudents";
import Menu from "./components/catalogs/Menu";
import Basket from "./components/catalogs/Basket";
import History from "./components/catalogs/History";
import Registration from "./components/catalogs/Registration";
import { useState } from "react";
import Login from "./components/catalogs/Login";
import Users from "./components/catalogs/Users";
function Router(props) {
return useRoutes(props.rootRoute);
@ -16,31 +26,66 @@ export default function App() {
const [product, setProduct] = useState([]);
const routes = [
{ index: true, element: <CatalogStudents /> },
{ path: "catalogs/menu", element: <Menu product={product} setProduct={setProduct}/>, label: "Меню" },
{ path: "catalogs/component", element: <CatalogStudents />, label: "Компоненты" },
{ path: "catalogs/basket", element: <Basket product={product} setProduct={setProduct}/>, label: "Корзина" },
{ path: "catalogs/history", element: <History />, label: "История" }
{
path: "catalogs/menu",
label: "Меню",
},
{
path: "catalogs/component",
label: "Компоненты",
role: "ADMIN",
},
{
path: "catalogs/basket",
label: "Корзина",
},
{ path: "catalogs/history", label: "История" },
{
path: "catalogs/users",
label: "Пользователи",
role: "ADMIN",
},
{
path: "catalogs/registration",
label: "Регистрация",
},
{
path: "catalogs/login",
label: "Вход в систему",
},
];
const links = routes.filter(route => route.hasOwnProperty('label'));
const rootRoute = [
{ path: '/', element: render(links), children: routes }
];
function render(links) {
return (
<>
<Header links={links} />
<div className="container-fluid p-0">
<Outlet />
</div>
<Footer></Footer>
</>
);
}
const links = routes.filter((route) => route.hasOwnProperty("label"));
return (
<BrowserRouter>
<Router rootRoute={ rootRoute } />
<Header links={links} />
<div className="content-div">
<Routes>
<Route element={<PrivateRoute role="USER" />}>
<Route
element={<Menu product={product} setProduct={setProduct} />}
path="/catalogs/menu"
exact
/>
<Route
element={<Menu product={product} setProduct={setProduct} />}
path="*"
/>
<Route
element={<Basket product={product} setProduct={setProduct} />}
path="/catalogs/basket"
/>
<Route element={<History />} path="/catalogs/history" />
</Route>
<Route element={<PrivateRoute role="ADMIN" />}>
<Route element={<CatalogStudents />} path="/catalogs/component" />
<Route element={<Users />} path="/catalogs/users" />
</Route>
<Route element={<Login />} path="/catalogs/login" />
<Route element={<Registration />} path="/catalogs/registration" />
</Routes>
</div>
<Footer />
</BrowserRouter>
);
}

2
front/src/components/catalogs/CatalogHistory.jsx
View File

@ -16,7 +16,7 @@ export default function CatalogHistory(props) {
}, []);
function loadItems() {
DataService.readAll(props.getAllUrl, props.transformer)
DataService.readAllOrders(props.getAllUrl+`/all/${localStorage.getItem("user")}`, props.transformer)
.then(data => setItems(data));
}

109
front/src/components/catalogs/Login.jsx Normal file
View File

@ -0,0 +1,109 @@
import { useState, useEffect } from "react";
import { Link, useNavigate } from 'react-router-dom';
import { useRef } from "react";
export default function Login(props) {
const [login, setLogin] = useState("");
const [password, setPassword] = useState("");
const navigate = useNavigate();
useEffect(() => {
}, []);
const loginsystem = async function (login, password) {
const requestParams = {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({login: login, password: password}),
};
const response = await fetch("http://localhost:8080/jwt/login", requestParams);
const result = await response.text();
if (response.status === 200) {
localStorage.setItem("token", result);
localStorage.setItem("user", login);
getRole(result);
} else {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
}
}
const getRole = async function (token) {
const requestParams = {
method: "GET",
headers: {
"Content-Type": "application/json"
}
};
const requestUrl = `http://localhost:8080/user?token=${token}`;
const response = await fetch(requestUrl, requestParams);
const result = await response.text();
localStorage.setItem("role", result);
window.dispatchEvent(new Event("storage"));
navigate("/main");
}
const loginFormOnSubmit = function (event) {
event.preventDefault();
loginsystem(login, password);
};
return (
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<h1 className="my-5 ms-5 ">
<b>Вход в систему</b>
</h1>
<form className="row g-3" onSubmit={loginFormOnSubmit}>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="login">
Логин
</label>
<div className="form-outline col-sm-10">
<input
placeholder="Логин"
className="form-control w-50"
type="text"
id="login"
name="login"
value={login}
onChange={(e) => setLogin(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="password">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Пароль"
className="form-control w-50"
type="password"
id="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
<h2>
<button className="btn btn-success ms-5" style={{ color: "black" }}>
Войти
</button>
</h2>
</form>
</main>
);
}

115
front/src/components/catalogs/Registration.jsx Normal file
View File

@ -0,0 +1,115 @@
import { useState } from "react";
import { useNavigate } from "react-router-dom";
import { useEffect } from "react";
import { Link } from 'react-router-dom';
import { useRef } from "react";
export default function Registration(props) {
const [login, setLogin] = useState("");
const [password, setPassword] = useState("");
const [passwordConfirm, setPasswordConfirm] = useState("");
const navigate = useNavigate();
useEffect(() => {}, []);
async function signup() {
const requestParams = {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
login: login,
password: password,
passwordConfirm: passwordConfirm,
}),
};
const response = await fetch(
"http://localhost:8080/jwt/signup",
requestParams
);
const result = await response.json();
if (response.status === 200) {
localStorage.setItem("token", result.token);
localStorage.setItem("user", result.login);
localStorage.setItem("role", result.role);
window.dispatchEvent(new Event("storage"));
navigate("/catalogs/menu");
} else {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
alert(result);
}
}
const signupFormOnSubmit = function (event) {
event.preventDefault();
signup({
login: login,
password: password,
passwordConfirm: passwordConfirm
});
};
return (
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<h1 className="my-5 ms-5 ">
<b>Регистрация</b>
</h1>
<form className="row g-3" onSubmit={signupFormOnSubmit}>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="login">
Логин
</label>
<div className="form-outline col-sm-10">
<input
placeholder="Логин"
className="form-control w-50"
type="text"
id="login"
name="login"
value={login}
onChange={(e) => setLogin(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="password">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Пароль"
className="form-control w-50"
type="password"
id="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
<div className="mb-3 row ms-5">
<label className="col-sm-2 col-form-label" htmlFor="passwordConfirm">
Пароль
</label>
<div className="col-sm-10">
<input
placeholder="Подтверждение пароля"
className="form-control w-50"
type="password"
id="passwordConfirm"
value={passwordConfirm}
onChange={(e) => setPasswordConfirm(e.target.value)}
/>
</div>
</div>
<h2>
<button className="btn btn-success ms-5" style={{ color: "black" }}>
Зарегистрироваться
</button>
</h2>
</form>
</main>
);
}

76
front/src/components/catalogs/Users.jsx Normal file
View File

@ -0,0 +1,76 @@
import { useState } from "react";
import { useEffect } from "react";
import DataService from "../../services/DataService";
export default function Users(props) {
const [users, setUsers] = useState([]);
const [pageNumbers, setPageNumbers] = useState([]);
const [pageNumber, setPageNumber] = useState();
const usersUrl = "/users";
const host = "http://localhost:8080";
useEffect(() => {
DataService.readUsersPage(host, usersUrl, 1).then((data) => {
setUsers(data.users.content);
setPageNumbers(data.pageNumbers);
setPageNumber(1);
});
}, []);
const pageButtonOnClick = function (page) {
DataService.readUsersPage(host, usersUrl, page).then((data) => {
setUsers(data.users.content);
setPageNumber(page);
});
};
return (
<>
<main className="flex-shrink-0" style={{ backgroundColor: "white" }}>
<div className="table-shell mb-3">
<table className="table">
<thead>
<tr>
<th style={{ width: "15%" }} scope="col">
ID
</th>
<th style={{ width: "30%" }} scope="col">
Логин
</th>
<th style={{ width: "15%" }} scope="col">
Роль
</th>
</tr>
</thead>
<tbody>
{users.map((user, index) => (
<tr key={index}>
<td style={{ width: "15%" }}>{user.id}</td>
<td style={{ width: "30%" }}>{user.login}</td>
<td style={{ width: "15%" }}>{user.role}</td>
</tr>
))}
</tbody>
</table>
</div>
<div>
<p>Pages:</p>
<nav>
<ul className="pagination" style={{ backgroundColor: "white" }}>
{pageNumbers.map((number, index) => (
<li key={index}
className={`page-item ${
number === pageNumber ? "active" : ""
}`}
onClick={() => pageButtonOnClick(number)}
>
<a className="page-link" >
{number}
</a>
</li>
))}
</ul>
</nav>
</div>
</main>
</>
);
}

9
front/src/components/common/Card.jsx
View File

@ -8,9 +8,9 @@ export default function Card(props) {
props.onRemove(id);
}
async function mess(id) {
let currentProduct = props.product.filter(x => x.id == id.id);
let currentProduct = props.product.filter((x) => x.id == id.id);
if (currentProduct.length != 0) {
let temp = props.product.filter(x => x.id != id.id);
let temp = props.product.filter((x) => x.id != id.id);
currentProduct[0].count++;
temp.push(currentProduct[0]);
await props.setProduct(temp);
@ -39,6 +39,8 @@ export default function Card(props) {
</div>
<div className="card-body">
<h5 className="card-title text-center fs-1">{item["price"]}</h5>
{localStorage.getItem("role") == "ADMIN" && (
<>
<a
href="#"
className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5"
@ -56,6 +58,8 @@ export default function Card(props) {
>
Изменить
</a>
</>
)}
<a
type="button"
className="btn btn-outline-dark text-center d-flex justify-content-md-center mx-5"
@ -70,4 +74,3 @@ export default function Card(props) {
</div>
);
}

40
front/src/components/common/Header.jsx
View File

@ -1,6 +1,27 @@
import { NavLink } from "react-router-dom";
import {NavLink, useNavigate} from "react-router-dom";
import {useEffect, useState} from "react";
export default function Header(props) {
const [userRole, setUserRole] = useState("");
const navigate = useNavigate();
useEffect(() => {
window.addEventListener("storage", () => {
getUserRole();
});
getUserRole();
}, []);
const getUserRole = function () {
const role = localStorage.getItem("role") || "NONE";
setUserRole(role);
};
const handlelogout = function () {
window.location.reload();
navigate("/catalogs/login");
localStorage.removeItem("role");
localStorage.removeItem("user");
localStorage.removeItem("token");
}
return (
<nav className="navbar navbar-expand-lg">
<div className="container-fluid">
@ -20,15 +41,26 @@ export default function Header(props) {
</button>
<div className="collapse navbar-collapse" id="navbarSupportedContent">
<ul className="navbar-nav me-auto mb-2 mb-lg-0">
{props.links.map((route) => (
{props.links.map((route) => {
if (route.role == userRole || route.role == undefined) {
return (
<li key={route.path} className="nav-item">
<NavLink className="nav-link fs-4" to={route.path}>
<NavLink className="nav-link" to={route.path}>
{route.label}
</NavLink>
</li>
))}
);
}
})}
</ul>
</div>
<span className="col text-end">
{localStorage.getItem("role") !== null &&
<a className="nav-link" onClick={handlelogout}>
{"Выход(" + localStorage.getItem("user") + ")"}
</a>
}
</span>
</div>
</nav>
);

45
front/src/components/common/PrivateRoute.jsx Normal file
View File

@ -0,0 +1,45 @@
import { Outlet, Navigate, useNavigate } from "react-router-dom";
import { useEffect, useState } from "react";
export default function PrivateRoute(props) {
const navigate = useNavigate();
useEffect(() => {
window.addEventListener("storage", () => {
let token = localStorage.getItem("token");
if (token) {
getRole(token).then((role) => {
if (localStorage.getItem("role") != role) {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
window.dispatchEvent(new Event("storage"));
navigate("/catalog/main");
}
});
}
});
}, []);
const getRole = async function (token) {
const requestParams = {
method: "GET",
headers: {
"Content-Type": "application/json",
},
};
const requestUrl = `http://localhost:8080/user?token=${token}`;
const response = await fetch(requestUrl, requestParams);
const result = await response.text();
return result;
};
let isAllowed = false;
let userRole = localStorage.getItem("role");
if (
props.role === userRole || userRole == "ADMIN"
) {
isAllowed = true;
}
return isAllowed ? <Outlet /> : <Navigate to="/catalogs/login" />;
}

2
front/src/components/common/TableOrder.jsx
View File

@ -44,7 +44,7 @@ export default function TableOrder(props) {
}
}
async function acceptOrder(){
await DataService.create("/order",{...order, ["price"]:cost, ["status"]: "1"} ).then(data => {
await DataService.create("/order",{...order, ["price"]:cost, ["status"]: "1", ["user"]:localStorage.getItem("user")} ).then(data => {
props.setProduct([]);
setCost(0);
});

6
front/src/components/common/ToolbarProduct.jsx
View File

@ -3,7 +3,10 @@ export default function ToolbarProduct(props) {
props.onAdd();
}
return (
<>
<div className="btn-group mt-2" role="group">
{localStorage.getItem("role") == "ADMIN" &&
<button
type="button"
className={`btn btn-outline-dark text-center d-flex justify-content-md-center mx-5 mb-3`}
@ -11,7 +14,8 @@ export default function ToolbarProduct(props) {
>
Добавить
</button>
}
</div>
</>
);
}

1
front/src/models/Order.js
View File

@ -5,5 +5,6 @@ export default class Order {
this.price = data?.price || 0;
this.productDTOList = data?.productDTOList || [];
this.status = data?.status || "0";
this.user = data?.user || "";
}
}

7
front/src/models/User.js Normal file
View File

@ -0,0 +1,7 @@
export default class User {
constructor(data) {
this.id = data?.id;
this.login = data?.login || "";
this.role = data?.role || "";
}
}

42
front/src/services/DataService.js
View File

@ -4,13 +4,32 @@ export default class DataService {
static dataUrlPrefix = 'http://localhost:8080';
static async readAll(url, transformer) {
const response = await fetch(this.dataUrlPrefix + url);
const response = await fetch(this.dataUrlPrefix + url, {headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
const data = await response.json();
return data.map(item => transformer(item));
}
static async readUsersPage(dataUrlPrefix, url, page) {
const response = await axios.get(dataUrlPrefix + url + `?page=${page}`,{
headers:{
"Authorization": "Bearer " + localStorage.getItem("token")
}
});
return response.data;
}
static async readUser(dataUrlPrefix, url, login){
const response = await axios.get(dataUrlPrefix + url + `/${login}`);
return response.data;
}
static async read(url, transformer) {
const response = await axios.get(this.dataUrlPrefix + url);
const response = await axios.get(this.dataUrlPrefix + url,{headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
return transformer(response.data);
}
@ -30,6 +49,7 @@ export default class DataService {
method: "PUT",
headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
},
body: JSON.stringify(data),
};
@ -38,7 +58,23 @@ export default class DataService {
}
static async delete(url) {
const response = await axios.delete(this.dataUrlPrefix + url);
const response = await axios.delete(this.dataUrlPrefix + url,{headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
return response.data.id;
}
static async readUser(url, data) {
const response = await axios.get(this.dataUrlPrefix + url + `/${data}`);
return response.data;
}
static async readAllOrders(url, transformer) {
const response = await fetch(this.dataUrlPrefix + url, {headers: {
"Content-Type": "application/json",
"Authorization": "Bearer " + localStorage.getItem("token")
}});
const data = await response.json();
return data.map(item => transformer(item));
}
}

2
src/main/java/ip/labwork/LabworkApplication.java
View File

@ -2,10 +2,8 @@ package ip.labwork;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
@RestController
public class LabworkApplication {
public static void main(String[] args) {
SpringApplication.run(LabworkApplication.class, args);

28
src/main/java/ip/labwork/configuration/OpenAPI30Configuration.java Normal file
View File

@ -0,0 +1,28 @@
package ip.labwork.configuration;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import ip.labwork.configuration.jwt.JwtFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class OpenAPI30Configuration {
public static final String API_PREFIX = "/api/1.0";
@Bean
public OpenAPI customizeOpenAPI() {
final String securitySchemeName = JwtFilter.TOKEN_BEGIN_STR;
return new OpenAPI()
.addSecurityItem(new SecurityRequirement()
.addList(securitySchemeName))
.components(new Components()
.addSecuritySchemes(securitySchemeName, new SecurityScheme()
.name(securitySchemeName)
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")));
}
}

14
src/main/java/ip/labwork/configuration/PasswordEncoderConfiguration.java Normal file
View File

@ -0,0 +1,14 @@
package ip.labwork.configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class PasswordEncoderConfiguration {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

92
src/main/java/ip/labwork/configuration/SecurityConfiguration.java Normal file
View File

@ -0,0 +1,92 @@
package ip.labwork.configuration;
import ip.labwork.configuration.jwt.JwtFilter;
import ip.labwork.user.controller.UserController;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
public class SecurityConfiguration {
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
private final UserService userService;
private final JwtFilter jwtFilter;
public SecurityConfiguration(UserService userService) {
this.userService = userService;
this.jwtFilter = new JwtFilter(userService);
createAdminOnStartup();
}
private void createAdminOnStartup() {
final String admin = "admin";
if (userService.findByLogin(admin) == null) {
log.info("Admin user successfully created");
userService.createUser(admin, admin, admin, UserRole.ADMIN);
}
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
log.info("Creating security configuration");
http.cors()
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeHttpRequests()
.requestMatchers("/", SPA_URL_MASK).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_SIGNUP).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
.requestMatchers(HttpMethod.GET, "/users/*").permitAll()
.requestMatchers(HttpMethod.GET, "/h2-console").permitAll()
.anyRequest()
.authenticated()
.and()
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
.anonymous();
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(HttpSecurity http, PasswordEncoderConfiguration bCryptPasswordEncoder)
throws Exception {
return http.getSharedObject(AuthenticationManagerBuilder.class)
.userDetailsService(userService)
.passwordEncoder(bCryptPasswordEncoder.passwordEncoder())
.and()
.build();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring()
.requestMatchers(HttpMethod.OPTIONS, "/**")
.requestMatchers("/*.js")
.requestMatchers("/*.png")
.requestMatchers("/*.jpg")
.requestMatchers("/*.html")
.requestMatchers("/*.css")
.requestMatchers("/assets/**")
.requestMatchers("/favicon.ico")
.requestMatchers("/.js", "/.css")
.requestMatchers("/swagger-ui/index.html")
.requestMatchers("/webjars/**")
.requestMatchers("/swagger-resources/**")
.requestMatchers("/v3/api-docs/**");
}
}

9
src/main/java/ip/labwork/WebConfiguration.java → src/main/java/ip/labwork/configuration/WebConfiguration.java
View File

@ -1,15 +1,15 @@
package ip.labwork;
package ip.labwork.configuration;
import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
class WebConfiguration implements WebMvcConfigurer {
@ -17,8 +17,11 @@ class WebConfiguration implements WebMvcConfigurer {
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("*");
}
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController(SecurityConfiguration.SPA_URL_MASK).setViewName("forward:/");
registry.addViewController("/notFound").setViewName("forward:/");
ViewControllerRegistration registration = registry.addViewController("/notFound");
registration.setViewName("forward:/index.html");
registration.setStatusCode(HttpStatus.OK);

11
src/main/java/ip/labwork/configuration/jwt/JwtException.java Normal file
View File

@ -0,0 +1,11 @@
package ip.labwork.configuration.jwt;
public class JwtException extends RuntimeException {
public JwtException(Throwable throwable) {
super(throwable);
}
public JwtException(String message) {
super(message);
}
}

72
src/main/java/ip/labwork/configuration/jwt/JwtFilter.java Normal file
View File

@ -0,0 +1,72 @@
package ip.labwork.configuration.jwt;
import com.fasterxml.jackson.databind.ObjectMapper;
import ip.labwork.user.service.UserService;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.GenericFilterBean;
import java.io.IOException;
public class JwtFilter extends GenericFilterBean {
private static final String AUTHORIZATION = "Authorization";
public static final String TOKEN_BEGIN_STR = "Bearer ";
private final UserService userService;
public JwtFilter(UserService userService) {
this.userService = userService;
}
private String getTokenFromRequest(HttpServletRequest request) {
String bearer = request.getHeader(AUTHORIZATION);
if (StringUtils.hasText(bearer) && bearer.startsWith(TOKEN_BEGIN_STR)) {
return bearer.substring(TOKEN_BEGIN_STR.length());
}
return null;
}
private void raiseException(ServletResponse response, int status, String message) throws IOException {
if (response instanceof final HttpServletResponse httpResponse) {
httpResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
httpResponse.setStatus(status);
final byte[] body = new ObjectMapper().writeValueAsBytes(message);
response.getOutputStream().write(body);
}
}
@Override
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain) throws IOException, ServletException {
if (request instanceof final HttpServletRequest httpRequest) {
final String token = getTokenFromRequest(httpRequest);
if (StringUtils.hasText(token)) {
try {
final UserDetails user = userService.loadUserByToken(token);
final UsernamePasswordAuthenticationToken auth =
new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
} catch (JwtException e) {
raiseException(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
return;
} catch (Exception e) {
e.printStackTrace();
raiseException(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
String.format("Internal error: %s", e.getMessage()));
return;
}
}
}
chain.doFilter(request, response);
}
}

27
src/main/java/ip/labwork/configuration/jwt/JwtProperties.java Normal file
View File

@ -0,0 +1,27 @@
package ip.labwork.configuration.jwt;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
@Configuration
@ConfigurationProperties(prefix = "jwt", ignoreInvalidFields = true)
public class JwtProperties {
private String devToken = "";
private Boolean isDev = true;
public String getDevToken() {
return devToken;
}
public void setDevToken(String devToken) {
this.devToken = devToken;
}
public Boolean isDev() {
return isDev;
}
public void setDev(Boolean dev) {
isDev = dev;
}
}

107
src/main/java/ip/labwork/configuration/jwt/JwtProvider.java Normal file
View File

@ -0,0 +1,107 @@
package ip.labwork.configuration.jwt;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.Date;
import java.util.Optional;
import java.util.UUID;
@Component
public class JwtProvider {
private final static Logger LOG = LoggerFactory.getLogger(JwtProvider.class);
private final static byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
private final static String ISSUER = "auth0";
private final Algorithm algorithm;
private final JWTVerifier verifier;
public JwtProvider(JwtProperties jwtProperties) {
if (!jwtProperties.isDev()) {
LOG.info("Generate new JWT key for prod");
try {
final MessageDigest salt = MessageDigest.getInstance("SHA-256");
salt.update(UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));
LOG.info("Use generated JWT key for prod \n{}", bytesToHex(salt.digest()));
algorithm = Algorithm.HMAC256(bytesToHex(salt.digest()));
} catch (NoSuchAlgorithmException e) {
throw new JwtException(e);
}
} else {
LOG.info("Use default JWT key for dev \n{}", jwtProperties.getDevToken());
algorithm = Algorithm.HMAC256(jwtProperties.getDevToken());
}
verifier = JWT.require(algorithm)
.withIssuer(ISSUER)
.build();
}
private static String bytesToHex(byte[] bytes) {
byte[] hexChars = new byte[bytes.length * 2];
for (int j = 0; j < bytes.length; j++) {
int v = bytes[j] & 0xFF;
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
}
return new String(hexChars, StandardCharsets.UTF_8);
}
public String generateToken(String login) {
final Date issueDate = Date.from(LocalDate.now()
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
final Date expireDate = Date.from(LocalDate.now()
.plusDays(15)
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
return JWT.create()
.withIssuer(ISSUER)
.withIssuedAt(issueDate)
.withExpiresAt(expireDate)
.withSubject(login)
.sign(algorithm);
}
private DecodedJWT validateToken(String token) {
try {
return verifier.verify(token);
} catch (JWTVerificationException e) {
throw new JwtException(String.format("Token verification error: %s", e.getMessage()));
}
}
public boolean isTokenValid(String token) {
if (!StringUtils.hasText(token)) {
return false;
}
try {
validateToken(token);
return true;
} catch (JwtException e) {
LOG.error(e.getMessage());
return false;
}
}
public Optional<String> getLoginFromToken(String token) {
try {
return Optional.ofNullable(validateToken(token).getSubject());
} catch (JwtException e) {
LOG.error(e.getMessage());
return Optional.empty();
}
}
}

8
src/main/java/ip/labwork/shop/controller/ComponentController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller;
import ip.labwork.shop.service.ComponentService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@ -17,31 +19,37 @@ public class ComponentController {
}
@PostMapping
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO createComponent(@RequestBody @Valid ComponentDTO componentDTO) {
return componentService.create(componentDTO);
}
@PutMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO updateComponent(@PathVariable Long id, @RequestBody @Valid ComponentDTO componentDTO) {
return componentService.updateComponent(id, componentDTO);
}
@DeleteMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO removeComponent(@PathVariable Long id) {
return componentService.deleteComponent(id);
}
@DeleteMapping
@Secured({UserRole.AsString.ADMIN})
public void removeAllComponent() {
componentService.deleteAllComponent();
}
@GetMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ComponentDTO findComponent(@PathVariable Long id) {
return new ComponentDTO(componentService.findComponent(id));
}
@GetMapping
@Secured({UserRole.AsString.ADMIN})
public List<ComponentDTO> findAllComponent() {
return componentService.findAllComponent();
}

17
src/main/java/ip/labwork/shop/controller/OrderController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller;
import ip.labwork.shop.service.OrderService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@ -10,32 +12,47 @@ import java.util.List;
@RequestMapping("/order")
public class OrderController {
private final OrderService orderService;
public OrderController(OrderService orderService) {
this.orderService = orderService;
}
@PostMapping
@Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public OrderDTO createOrder(@RequestBody @Valid OrderDTO orderDTO) {
return orderService.create(orderDTO);
}
@PutMapping("/{id}")
public OrderDTO updateOrder(@PathVariable Long id, @RequestBody @Valid OrderDTO orderDTO) {
return orderService.update(id, orderDTO);
}
@DeleteMapping("/{id}")
public OrderDTO removeOrder(@PathVariable Long id) {
return orderService.deleteOrder(id);
}
@DeleteMapping
public void removeAllOrder() {
orderService.deleteAllOrder();
}
@GetMapping("/{id}")
@Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public OrderDTO findOrder(@PathVariable Long id) {
return new OrderDTO(orderService.findOrder(id));
}
@GetMapping
@Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public List<OrderDTO> findAllOrder() {
return orderService.findAllOrder();
}
@GetMapping("/all/{login}")
@Secured({UserRole.AsString.USER, UserRole.AsString.ADMIN})
public List<OrderDTO> findFiltredOrder(@PathVariable String login) {
return orderService.findFiltredOrder(login);
}
}

20
src/main/java/ip/labwork/shop/controller/OrderDTO.java
View File

@ -11,8 +11,11 @@ public class OrderDTO {
private long id;
private Date date = new Date();
private int price;
private long user_id;
private String user;
private OrderStatus status = OrderStatus.Неизвестен;
private List<ProductDTO> productDTOList;
public OrderDTO(Order order) {
this.id = order.getId();
this.date = order.getDate();
@ -22,6 +25,7 @@ public class OrderDTO {
.map(y -> new ProductDTO(y.getProduct(), y.getCount()))
.toList();
this.status = Objects.equals(order.getStatus().toString(), "") ? OrderStatus.Неизвестен : order.getStatus();
this.user_id = order.getUser_id() == null ? -1 : order.getUser_id();
}
public OrderDTO() {
@ -55,6 +59,22 @@ public class OrderDTO {
this.status = status;
}
public long getUser_id() {
return user_id;
}
public void setUser_id(long user_id) {
this.user_id = user_id;
}
public String getUser() {
return user;
}
public void setUser(String user) {
this.user = user;
}
public List<ProductDTO> getProductDTOList() {
return productDTOList;
}

13
src/main/java/ip/labwork/shop/controller/ProductController.java
View File

@ -1,7 +1,9 @@
package ip.labwork.shop.controller;
import ip.labwork.shop.service.ProductService;
import ip.labwork.user.model.UserRole;
import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@ -16,26 +18,37 @@ public class ProductController {
}
@PostMapping
@Secured({UserRole.AsString.ADMIN})
public ProductDTO createProduct(@RequestBody @Valid ProductDTO productDTO) {
return productService.create(productDTO);
}
@PutMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ProductDTO updateProduct(@PathVariable Long id, @RequestBody @Valid ProductDTO productDTO) {
return productService.updateProduct(id, productDTO);
}
@DeleteMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ProductDTO removeProduct(@PathVariable Long id) {
return productService.deleteProduct(id);
}
@DeleteMapping
@Secured({UserRole.AsString.ADMIN})
public void removeAllProduct() {
productService.deleteAllProduct();
}
@GetMapping("/{id}")
@Secured({UserRole.AsString.ADMIN})
public ProductDTO findProduct(@PathVariable Long id) {
return new ProductDTO(productService.findProduct(id));
}
@GetMapping
@Secured({UserRole.AsString.ADMIN})
public List<ProductDTO> findAllProduct() {
return productService.findAllProduct();
}

17
src/main/java/ip/labwork/shop/model/Order.java
View File

@ -20,16 +20,19 @@ public class Order {
@NotNull(message = "Price can't be null or empty")
@Column(name = "price")
private Integer price;
private Long user_id;
@OneToMany(mappedBy = "order", cascade = CascadeType.ALL, fetch = FetchType.EAGER)
private List<OrderProducts> products;
private OrderStatus status;
public Order() {
}
public Order(Date date, Integer price, OrderStatus status) {
public Order(Date date, Integer price, OrderStatus status, Long user_id) {
this.date = date;
this.price = price;
this.user_id = user_id;
this.status = status;
}
@ -56,6 +59,7 @@ public class Order {
public void setPrice(Integer price) {
this.price = price;
}
public List<OrderProducts> getProducts() {
return products;
}
@ -71,6 +75,7 @@ public class Order {
if (!products.contains(orderProducts))
this.products.add(orderProducts);
}
public void removeProducts(OrderProducts orderProducts) {
if (products.contains(orderProducts))
this.products.remove(orderProducts);
@ -84,11 +89,19 @@ public class Order {
this.status = status;
}
public Long getUser_id() {
return user_id;
}
public void setUser_id(Long user_id) {
this.user_id = user_id;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!(o instanceof Order order)) return false;
return Objects.equals(getId(), order.getId()) && Objects.equals(getDate(), order.getDate()) && Objects.equals(getPrice(), order.getPrice());
return Objects.equals(getId(), order.getId()) && Objects.equals(getDate(), order.getDate()) && Objects.equals(getPrice(), order.getPrice()) && Objects.equals(getUser_id(), order.getUser_id()) && Objects.equals(getProducts(), order.getProducts()) && getStatus() == order.getStatus();
}
@Override

25
src/main/java/ip/labwork/shop/service/OrderService.java
View File

@ -1,9 +1,12 @@
package ip.labwork.shop.service;
import ip.labwork.shop.controller.OrderDTO;
import ip.labwork.shop.model.*;
import ip.labwork.shop.model.Order;
import ip.labwork.shop.model.OrderProducts;
import ip.labwork.shop.model.Product;
import ip.labwork.shop.repository.OrderRepository;
import ip.labwork.shop.repository.ProductRepository;
import ip.labwork.user.service.UserService;
import ip.labwork.util.validation.ValidatorUtil;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@ -14,21 +17,24 @@ import java.util.*;
public class OrderService {
private final OrderRepository orderRepository;
private final ProductRepository productRepository;
private final UserService userService;
private final ValidatorUtil validatorUtil;
public OrderService(OrderRepository orderRepository,
ValidatorUtil validatorUtil, ProductRepository productRepository) {
ValidatorUtil validatorUtil, ProductRepository productRepository, UserService userService) {
this.orderRepository = orderRepository;
this.validatorUtil = validatorUtil;
this.productRepository = productRepository;
this.userService = userService;
}
@Transactional
public OrderDTO create(OrderDTO orderDTO) {
int price = 0;
for (int i = 0; i < orderDTO.getProductDTOList().size(); i++) {
price += orderDTO.getProductDTOList().get(i).getPrice() * orderDTO.getProductDTOList().get(i).getCount();
}
final Order order = new Order(new Date(), price, orderDTO.getStatus());
final Order order = new Order(new Date(), price, orderDTO.getStatus(), userService.findByLogin(orderDTO.getUser()).getId());
validatorUtil.validate(order);
orderRepository.save(order);
for (int i = 0; i < orderDTO.getProductDTOList().size(); i++) {
@ -38,15 +44,23 @@ public class OrderService {
orderRepository.save(order);
return new OrderDTO(findOrder(order.getId()));
}
@Transactional(readOnly = true)
public Order findOrder(Long id) {
final Optional<Order> order = orderRepository.findById(id);
return order.orElseThrow(() -> new OrderNotFoundException(id));
}
@Transactional(readOnly = true)
public List<OrderDTO> findAllOrder() {
return orderRepository.findAll().stream().map(x -> new OrderDTO(x)).toList();
}
@Transactional(readOnly = true)
public List<OrderDTO> findFiltredOrder(String login) {
return orderRepository.findAll().stream().filter(x -> Objects.equals(x.getUser_id(), userService.findByLogin(login).getId())).map(x -> new OrderDTO(x)).toList();
}
@Transactional
public OrderDTO update(Long id, OrderDTO orderDTO) {
final Order currentOrder = findOrder(id);
@ -68,8 +82,7 @@ public class OrderService {
product_id = product_id.stream().filter(x -> !Objects.equals(x, newProducts.get(finalI).getId())).toList();
orderProducts.setCount(orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount());
orderRepository.saveAndFlush(currentOrder);
}
else {
} else {
final OrderProducts orderProducts = new OrderProducts(currentOrder, newProducts.get(i), orderDTO.getProductDTOList().stream().filter(x -> x.getId() == currentId).toList().get(0).getCount());
currentOrder.addProduct(orderProducts);
orderRepository.saveAndFlush(currentOrder);
@ -82,6 +95,7 @@ public class OrderService {
orderRepository.saveAndFlush(currentOrder);
return new OrderDTO(currentOrder);
}
@Transactional
public OrderDTO deleteOrder(Long id) {
final Order currentOrder = findOrder(id);
@ -94,6 +108,7 @@ public class OrderService {
orderRepository.delete(currentOrder);
return new OrderDTO(currentOrder);
}
@Transactional
public void deleteAllOrder() {
orderRepository.deleteAll();

64
src/main/java/ip/labwork/user/controller/UserController.java Normal file
View File

@ -0,0 +1,64 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.service.UserService;
import jakarta.validation.Valid;
import org.springframework.data.domain.Page;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;
import java.util.List;
import java.util.stream.IntStream;
@RestController
public class UserController {
public static final String URL_LOGIN = "/jwt/login";
public static final String URL_SIGNUP = "/jwt/signup";
private final UserService userService;
public UserController(UserService userService) {
this.userService = userService;
}
@PostMapping(URL_LOGIN)
public String login(@RequestBody @Valid UserDto userDto) {
return userService.loginAndGetToken(userDto);
}
@PostMapping(URL_SIGNUP)
public UserInfoDto signup(@RequestBody @Valid UserDto userDto) {
return userService.signupAndGetToken(userDto);
}
@GetMapping("/users/{login}")
public UserDetails getCurrentUser(@PathVariable String login) {
try {
return userService.loadUserByUsername(login);
} catch (Exception e) {
return null;
}
}
@GetMapping("/user")
public String findUser(@RequestParam("token") String token) {
UserDetails userDetails = userService.loadUserByToken(token);
User user = userService.findByLogin(userDetails.getUsername());
return user.getRole().toString();
}
@GetMapping("/users")
@Secured({UserRole.AsString.ADMIN})
public UsersPageDTO getUsers(@RequestParam(defaultValue = "1") int page,
@RequestParam(defaultValue = "5") int size) {
final Page<UserDto> users = userService.findAllPages(page, size)
.map(UserDto::new);
final int totalPages = users.getTotalPages();
final List<Integer> pageNumbers = IntStream.rangeClosed(1, totalPages)
.boxed()
.toList();
return new UsersPageDTO(users, pageNumbers, totalPages);
}
}

44
src/main/java/ip/labwork/user/controller/UserDto.java Normal file
View File

@ -0,0 +1,44 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import jakarta.validation.constraints.NotEmpty;
public class UserDto {
private long id;
@NotEmpty
private String login;
@NotEmpty
private String password;
private String passwordConfirm;
private UserRole role;
public UserDto() {
}
public UserDto(User user) {
this.id = user.getId();
this.login = user.getLogin();
this.role = user.getRole();
}
public long getId() {
return id;
}
public String getLogin() {
return login;
}
public String getPassword() {
return password;
}
public String getPasswordConfirm() {
return passwordConfirm;
}
public UserRole getRole() {
return role;
}
}

34
src/main/java/ip/labwork/user/controller/UserInfoDto.java Normal file
View File

@ -0,0 +1,34 @@
package ip.labwork.user.controller;
import ip.labwork.user.model.UserRole;
import jakarta.validation.constraints.NotEmpty;
public class UserInfoDto {
@NotEmpty
private String token;
@NotEmpty
private String login;
@NotEmpty
private UserRole role;
public UserInfoDto(String token, String login, UserRole role) {
this.token = token;
this.login = login;
this.role = role;
}
public UserInfoDto() {
}
public String getToken() {
return token;
}
public String getLogin() {
return login;
}
public UserRole getRole() {
return role;
}
}

29
src/main/java/ip/labwork/user/controller/UsersPageDTO.java Normal file
View File

@ -0,0 +1,29 @@
package ip.labwork.user.controller;
import org.springframework.data.domain.Page;
import java.util.List;
public class UsersPageDTO {
private Page<UserDto> users;
private List<Integer> pageNumbers;
private int totalPages;
public UsersPageDTO(Page<UserDto> users, List<Integer> pageNumbers, int totalPages) {
this.users = users;
this.pageNumbers = pageNumbers;
this.totalPages = totalPages;
}
public Page<UserDto> getUsers() {
return users;
}
public List<Integer> getPageNumbers() {
return pageNumbers;
}
public int getTotalPages() {
return totalPages;
}
}

83
src/main/java/ip/labwork/user/model/User.java Normal file
View File

@ -0,0 +1,83 @@
package ip.labwork.user.model;
import jakarta.persistence.*;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.Size;
import java.util.Objects;
@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false, unique = true, length = 64)
@NotBlank
@Size(min = 3, max = 64)
private String login;
@Column(nullable = false, length = 64)
@NotBlank
@Size(min = 6, max = 64)
private String password;
private UserRole role;
public User() {
}
public User(String login, String password) {
this(login, password, UserRole.USER);
}
public User(String login, String password, UserRole role) {
this.login = login;
this.password = password;
this.role = role;
}
public Long getId() {
return id;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public UserRole getRole() {
return role;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
User user = (User) o;
return Objects.equals(id, user.id);
}
@Override
public int hashCode() {
return Objects.hash(id);
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", login='" + login + '\'' +
", password='" + password + '\'' +
'}';
}
}

20
src/main/java/ip/labwork/user/model/UserRole.java Normal file
View File

@ -0,0 +1,20 @@
package ip.labwork.user.model;
import org.springframework.security.core.GrantedAuthority;
public enum UserRole implements GrantedAuthority {
ADMIN,
USER;
private static final String PREFIX = "ROLE_";
@Override
public String getAuthority() {
return PREFIX + this.name();
}
public static final class AsString {
public static final String ADMIN = PREFIX + "ADMIN";
public static final String USER = PREFIX + "USER";
}
}

8
src/main/java/ip/labwork/user/repository/UserRepository.java Normal file
View File

@ -0,0 +1,8 @@
package ip.labwork.user.repository;
import ip.labwork.user.model.User;
import org.springframework.data.jpa.repository.JpaRepository;
public interface UserRepository extends JpaRepository<User, Long> {
User findOneByLoginIgnoreCase(String login);
}

7
src/main/java/ip/labwork/user/service/UserExistsException.java Normal file
View File

@ -0,0 +1,7 @@
package ip.labwork.user.service;
public class UserExistsException extends RuntimeException {
public UserExistsException(String login) {
super(String.format("User '%s' already exists", login));
}
}

7
src/main/java/ip/labwork/user/service/UserNotFoundException.java Normal file
View File

@ -0,0 +1,7 @@
package ip.labwork.user.service;
public class UserNotFoundException extends RuntimeException {
public UserNotFoundException(String login) {
super(String.format("User not found '%s'", login));
}
}

99
src/main/java/ip/labwork/user/service/UserService.java Normal file
View File

@ -0,0 +1,99 @@
package ip.labwork.user.service;
import ip.labwork.configuration.jwt.JwtException;
import ip.labwork.configuration.jwt.JwtProvider;
import ip.labwork.user.controller.UserDto;
import ip.labwork.user.controller.UserInfoDto;
import ip.labwork.user.model.User;
import ip.labwork.user.model.UserRole;
import ip.labwork.user.repository.UserRepository;
import ip.labwork.util.validation.ValidationException;
import ip.labwork.util.validation.ValidatorUtil;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Sort;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.Objects;
@Service
public class UserService implements UserDetailsService {
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder;
private final ValidatorUtil validatorUtil;
private final JwtProvider jwtProvider;
public UserService(UserRepository userRepository,
PasswordEncoder passwordEncoder,
ValidatorUtil validatorUtil,
JwtProvider jwtProvider) {
this.userRepository = userRepository;
this.passwordEncoder = passwordEncoder;
this.validatorUtil = validatorUtil;
this.jwtProvider = jwtProvider;
}
public Page<User> findAllPages(int page, int size) {
return userRepository.findAll(PageRequest.of(page - 1, size, Sort.by("id").ascending()));
}
public User findByLogin(String login) {
return userRepository.findOneByLoginIgnoreCase(login);
}
public User createUser(String login, String password, String passwordConfirm) {
return createUser(login, password, passwordConfirm, UserRole.USER);
}
public User createUser(String login, String password, String passwordConfirm, UserRole role) {
if (findByLogin(login) != null) {
throw new UserExistsException(login);
}
final User user = new User(login, passwordEncoder.encode(password), role);
validatorUtil.validate(user);
if (!Objects.equals(password, passwordConfirm)) {
throw new ValidationException("Passwords not equals");
}
return userRepository.save(user);
}
public String loginAndGetToken(UserDto userDto) {
final User user = findByLogin(userDto.getLogin());
if (user == null) {
throw new UserNotFoundException(userDto.getLogin());
}
if (!passwordEncoder.matches(userDto.getPassword(), user.getPassword())) {
throw new UserNotFoundException(user.getLogin());
}
return jwtProvider.generateToken(user.getLogin());
}
public UserInfoDto signupAndGetToken(UserDto userDto) {
final User user = createUser(userDto.getLogin(), userDto.getPassword(), userDto.getPasswordConfirm(), UserRole.USER);
return new UserInfoDto(jwtProvider.generateToken(user.getLogin()), user.getLogin(), UserRole.USER);
}
public UserDetails loadUserByToken(String token) throws UsernameNotFoundException {
if (!jwtProvider.isTokenValid(token)) {
throw new JwtException("Bad token");
}
final String userLogin = jwtProvider.getLoginFromToken(token)
.orElseThrow(() -> new JwtException("Token is not contain Login"));
return loadUserByUsername(userLogin);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final User userEntity = findByLogin(username);
if (userEntity == null) {
throw new UsernameNotFoundException(username);
}
return new org.springframework.security.core.userdetails.User(
userEntity.getLogin(), userEntity.getPassword(), Collections.singleton(userEntity.getRole()));
}
}

4
src/main/java/ip/labwork/util/validation/ValidationException.java
View File

@ -3,6 +3,10 @@ package ip.labwork.util.validation;
import java.util.Set;
public class ValidationException extends RuntimeException {
public ValidationException(String message) {
super(message);
}
public ValidationException(Set<String> errors) {
super(String.join("\n", errors));
}

2
src/main/resources/application.properties
View File

@ -9,3 +9,5 @@ spring.jpa.hibernate.ddl-auto=update
spring.h2.console.enabled=true
spring.h2.console.settings.trace=false
spring.h2.console.settings.web-allow-others=false
jwt.dev-token=my-secret-jwt
jwt.dev=true