lab6 react
This commit is contained in:
parent
8834071b09
commit
299a62b364
@ -29,6 +29,7 @@ dependencies {
|
|||||||
|
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-security'
|
implementation 'org.springframework.boot:spring-boot-starter-security'
|
||||||
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5'
|
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5'
|
||||||
|
implementation 'com.auth0:java-jwt:4.4.0'
|
||||||
|
|
||||||
implementation 'org.springdoc:springdoc-openapi-ui:1.6.5'
|
implementation 'org.springdoc:springdoc-openapi-ui:1.6.5'
|
||||||
|
|
||||||
|
BIN
data.mv.db
BIN
data.mv.db
Binary file not shown.
@ -0,0 +1,28 @@
|
|||||||
|
package ru.ip.labs.labs.configuration;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.models.Components;
|
||||||
|
import io.swagger.v3.oas.models.OpenAPI;
|
||||||
|
import io.swagger.v3.oas.models.security.SecurityRequirement;
|
||||||
|
import io.swagger.v3.oas.models.security.SecurityScheme;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import ru.ip.labs.labs.configuration.jwt.JwtFilter;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
public class OpenAPI30Configuration {
|
||||||
|
public static final String API_PREFIX = "/api/1.0";
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public OpenAPI customizeOpenAPI() {
|
||||||
|
final String securitySchemeName = JwtFilter.TOKEN_BEGIN_STR;
|
||||||
|
return new OpenAPI()
|
||||||
|
.addSecurityItem(new SecurityRequirement()
|
||||||
|
.addList(securitySchemeName))
|
||||||
|
.components(new Components()
|
||||||
|
.addSecuritySchemes(securitySchemeName, new SecurityScheme()
|
||||||
|
.name(securitySchemeName)
|
||||||
|
.type(SecurityScheme.Type.HTTP)
|
||||||
|
.scheme("bearer")
|
||||||
|
.bearerFormat("JWT")));
|
||||||
|
}
|
||||||
|
}
|
@ -8,7 +8,7 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
|||||||
@Configuration
|
@Configuration
|
||||||
public class PasswordEncoderConfiguration {
|
public class PasswordEncoderConfiguration {
|
||||||
@Bean
|
@Bean
|
||||||
public PasswordEncoder createPasswordEncoder() {
|
public PasswordEncoder passwordEncoder() {
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -5,25 +5,28 @@ import org.slf4j.LoggerFactory;
|
|||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import ru.ip.labs.labs.films.controller.UserSignupMvcController;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
|
import ru.ip.labs.labs.configuration.jwt.JwtFilter;
|
||||||
|
import ru.ip.labs.labs.films.controller.UserController;
|
||||||
import ru.ip.labs.labs.films.models.UserRole;
|
import ru.ip.labs.labs.films.models.UserRole;
|
||||||
import ru.ip.labs.labs.films.service.UserService;
|
import ru.ip.labs.labs.films.service.UserService;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
|
||||||
@EnableGlobalMethodSecurity(securedEnabled = true)
|
|
||||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||||
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
||||||
private static final String LOGIN_URL = "/login";
|
|
||||||
|
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
|
||||||
|
|
||||||
private final UserService userService;
|
private final UserService userService;
|
||||||
|
private final JwtFilter jwtFilter;
|
||||||
|
|
||||||
public SecurityConfiguration(UserService userService) {
|
public SecurityConfiguration(UserService userService) {
|
||||||
this.userService = userService;
|
this.userService = userService;
|
||||||
|
this.jwtFilter = new JwtFilter(userService);
|
||||||
createAdminOnStartup();
|
createAdminOnStartup();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -37,31 +40,37 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http.headers().frameOptions().sameOrigin().and()
|
log.info("Creating security configuration");
|
||||||
.cors().and()
|
http.cors()
|
||||||
|
.and()
|
||||||
.csrf().disable()
|
.csrf().disable()
|
||||||
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||||
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers(UserSignupMvcController.SIGNUP_URL).permitAll()
|
.antMatchers("/", SPA_URL_MASK).permitAll()
|
||||||
.antMatchers(HttpMethod.GET, LOGIN_URL).permitAll()
|
.antMatchers(HttpMethod.POST, UserController.URL_SIGNUP).permitAll()
|
||||||
.anyRequest().authenticated()
|
.antMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
|
||||||
|
.anyRequest()
|
||||||
|
.authenticated()
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
|
||||||
.loginPage(LOGIN_URL).permitAll()
|
.anonymous();
|
||||||
.and()
|
|
||||||
.logout().permitAll();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
protected void configure(AuthenticationManagerBuilder builder) throws Exception {
|
||||||
auth.userDetailsService(userService);
|
builder.userDetailsService(userService);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(WebSecurity web) {
|
public void configure(WebSecurity web) {
|
||||||
web.ignoring()
|
web
|
||||||
.antMatchers("/css/**")
|
.ignoring()
|
||||||
.antMatchers("/js/**")
|
.antMatchers(HttpMethod.OPTIONS, "/**")
|
||||||
.antMatchers("/templates/**")
|
.antMatchers("/**/*.{js,html,css,png}")
|
||||||
.antMatchers("/webjars/**");
|
.antMatchers("/swagger-ui/index.html")
|
||||||
|
.antMatchers("/webjars/**")
|
||||||
|
.antMatchers("/swagger-resources/**")
|
||||||
|
.antMatchers("/v3/api-docs/**");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,11 @@
|
|||||||
package ru.ip.labs.labs.configuration;
|
package ru.ip.labs.labs.configuration;
|
||||||
|
|
||||||
|
import org.springframework.boot.web.server.ErrorPage;
|
||||||
|
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
|
||||||
|
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||||
@ -17,6 +22,12 @@ public class WebConfiguration implements WebMvcConfigurer {
|
|||||||
registry.addViewController("catalogs");
|
registry.addViewController("catalogs");
|
||||||
registry.addViewController("login");
|
registry.addViewController("login");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> containerCustomizer() {
|
||||||
|
return container -> container.addErrorPages(new ErrorPage(HttpStatus.NOT_FOUND, "/notFound"));
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
public void addCorsMappings(CorsRegistry registry) {
|
||||||
registry.addMapping("/**").allowedMethods("*");
|
registry.addMapping("/**").allowedMethods("*");
|
||||||
|
@ -0,0 +1,11 @@
|
|||||||
|
package ru.ip.labs.labs.configuration.jwt;
|
||||||
|
|
||||||
|
public class JwtException extends RuntimeException {
|
||||||
|
public JwtException(Throwable throwable) {
|
||||||
|
super(throwable);
|
||||||
|
}
|
||||||
|
|
||||||
|
public JwtException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,72 @@
|
|||||||
|
package ru.ip.labs.labs.configuration.jwt;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
import org.springframework.web.filter.GenericFilterBean;
|
||||||
|
import ru.ip.labs.labs.films.service.UserService;
|
||||||
|
|
||||||
|
import javax.servlet.FilterChain;
|
||||||
|
import javax.servlet.ServletException;
|
||||||
|
import javax.servlet.ServletRequest;
|
||||||
|
import javax.servlet.ServletResponse;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
public class JwtFilter extends GenericFilterBean {
|
||||||
|
private static final String AUTHORIZATION = "Authorization";
|
||||||
|
public static final String TOKEN_BEGIN_STR = "Bearer ";
|
||||||
|
|
||||||
|
private final UserService userService;
|
||||||
|
|
||||||
|
public JwtFilter(UserService userService) {
|
||||||
|
this.userService = userService;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getTokenFromRequest(HttpServletRequest request) {
|
||||||
|
String bearer = request.getHeader(AUTHORIZATION);
|
||||||
|
if (StringUtils.hasText(bearer) && bearer.startsWith(TOKEN_BEGIN_STR)) {
|
||||||
|
return bearer.substring(TOKEN_BEGIN_STR.length());
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void raiseException(ServletResponse response, int status, String message) throws IOException {
|
||||||
|
if (response instanceof final HttpServletResponse httpResponse) {
|
||||||
|
httpResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
||||||
|
httpResponse.setStatus(status);
|
||||||
|
final byte[] body = new ObjectMapper().writeValueAsBytes(message);
|
||||||
|
response.getOutputStream().write(body);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void doFilter(ServletRequest request,
|
||||||
|
ServletResponse response,
|
||||||
|
FilterChain chain) throws IOException, ServletException {
|
||||||
|
if (request instanceof final HttpServletRequest httpRequest) {
|
||||||
|
final String token = getTokenFromRequest(httpRequest);
|
||||||
|
if (StringUtils.hasText(token)) {
|
||||||
|
try {
|
||||||
|
final UserDetails user = userService.loadUserByToken(token);
|
||||||
|
final UsernamePasswordAuthenticationToken auth =
|
||||||
|
new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
|
||||||
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
|
} catch (JwtException e) {
|
||||||
|
raiseException(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
|
||||||
|
return;
|
||||||
|
} catch (Exception e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
raiseException(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
|
||||||
|
String.format("Internal error: %s", e.getMessage()));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
chain.doFilter(request, response);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,27 @@
|
|||||||
|
package ru.ip.labs.labs.configuration.jwt;
|
||||||
|
|
||||||
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@ConfigurationProperties(prefix = "jwt", ignoreInvalidFields = true)
|
||||||
|
public class JwtProperties {
|
||||||
|
private String devToken = "";
|
||||||
|
private Boolean isDev = true;
|
||||||
|
|
||||||
|
public String getDevToken() {
|
||||||
|
return devToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDevToken(String devToken) {
|
||||||
|
this.devToken = devToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Boolean isDev() {
|
||||||
|
return isDev;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDev(Boolean dev) {
|
||||||
|
isDev = dev;
|
||||||
|
}
|
||||||
|
}
|
107
src/main/java/ru/ip/labs/labs/configuration/jwt/JwtProvider.java
Normal file
107
src/main/java/ru/ip/labs/labs/configuration/jwt/JwtProvider.java
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
package ru.ip.labs.labs.configuration.jwt;
|
||||||
|
|
||||||
|
import com.auth0.jwt.JWT;
|
||||||
|
import com.auth0.jwt.algorithms.Algorithm;
|
||||||
|
import com.auth0.jwt.exceptions.JWTVerificationException;
|
||||||
|
import com.auth0.jwt.interfaces.DecodedJWT;
|
||||||
|
import com.auth0.jwt.interfaces.JWTVerifier;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.MessageDigest;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.time.LocalDate;
|
||||||
|
import java.time.ZoneId;
|
||||||
|
import java.util.Date;
|
||||||
|
import java.util.Optional;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
|
@Component
|
||||||
|
public class JwtProvider {
|
||||||
|
private final static Logger LOG = LoggerFactory.getLogger(JwtProvider.class);
|
||||||
|
|
||||||
|
private final static byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
|
||||||
|
private final static String ISSUER = "auth0";
|
||||||
|
|
||||||
|
private final Algorithm algorithm;
|
||||||
|
private final JWTVerifier verifier;
|
||||||
|
|
||||||
|
public JwtProvider(JwtProperties jwtProperties) {
|
||||||
|
if (!jwtProperties.isDev()) {
|
||||||
|
LOG.info("Generate new JWT key for prod");
|
||||||
|
try {
|
||||||
|
final MessageDigest salt = MessageDigest.getInstance("SHA-256");
|
||||||
|
salt.update(UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));
|
||||||
|
LOG.info("Use generated JWT key for prod \n{}", bytesToHex(salt.digest()));
|
||||||
|
algorithm = Algorithm.HMAC256(bytesToHex(salt.digest()));
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
throw new JwtException(e);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
LOG.info("Use default JWT key for dev \n{}", jwtProperties.getDevToken());
|
||||||
|
algorithm = Algorithm.HMAC256(jwtProperties.getDevToken());
|
||||||
|
}
|
||||||
|
verifier = JWT.require(algorithm)
|
||||||
|
.withIssuer(ISSUER)
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String bytesToHex(byte[] bytes) {
|
||||||
|
byte[] hexChars = new byte[bytes.length * 2];
|
||||||
|
for (int j = 0; j < bytes.length; j++) {
|
||||||
|
int v = bytes[j] & 0xFF;
|
||||||
|
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
|
||||||
|
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
|
||||||
|
}
|
||||||
|
return new String(hexChars, StandardCharsets.UTF_8);
|
||||||
|
}
|
||||||
|
|
||||||
|
public String generateToken(String login) {
|
||||||
|
final Date issueDate = Date.from(LocalDate.now()
|
||||||
|
.atStartOfDay(ZoneId.systemDefault())
|
||||||
|
.toInstant());
|
||||||
|
final Date expireDate = Date.from(LocalDate.now()
|
||||||
|
.plusDays(15)
|
||||||
|
.atStartOfDay(ZoneId.systemDefault())
|
||||||
|
.toInstant());
|
||||||
|
return JWT.create()
|
||||||
|
.withIssuer(ISSUER)
|
||||||
|
.withIssuedAt(issueDate)
|
||||||
|
.withExpiresAt(expireDate)
|
||||||
|
.withSubject(login)
|
||||||
|
.sign(algorithm);
|
||||||
|
}
|
||||||
|
|
||||||
|
private DecodedJWT validateToken(String token) {
|
||||||
|
try {
|
||||||
|
return verifier.verify(token);
|
||||||
|
} catch (JWTVerificationException e) {
|
||||||
|
throw new JwtException(String.format("Token verification error: %s", e.getMessage()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isTokenValid(String token) {
|
||||||
|
if (!StringUtils.hasText(token)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
validateToken(token);
|
||||||
|
return true;
|
||||||
|
} catch (JwtException e) {
|
||||||
|
LOG.error(e.getMessage());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public Optional<String> getLoginFromToken(String token) {
|
||||||
|
try {
|
||||||
|
return Optional.ofNullable(validateToken(token).getSubject());
|
||||||
|
} catch (JwtException e) {
|
||||||
|
LOG.error(e.getMessage());
|
||||||
|
return Optional.empty();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,39 @@
|
|||||||
|
package ru.ip.labs.labs.films.controller;
|
||||||
|
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
import ru.ip.labs.labs.films.dto.UserDto;
|
||||||
|
import ru.ip.labs.labs.films.dto.UserInfoDTO;
|
||||||
|
import ru.ip.labs.labs.films.models.User;
|
||||||
|
import ru.ip.labs.labs.films.service.UserService;
|
||||||
|
|
||||||
|
import javax.validation.Valid;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
public class UserController {
|
||||||
|
public static final String URL_LOGIN = "/jwt/login";
|
||||||
|
public static final String URL_SIGNUP = "/jwt/signup";
|
||||||
|
|
||||||
|
private final UserService userService;
|
||||||
|
|
||||||
|
public UserController(UserService userService) {
|
||||||
|
this.userService = userService;
|
||||||
|
}
|
||||||
|
|
||||||
|
@GetMapping("/user")
|
||||||
|
public String findUser(@RequestParam("token") String token) {
|
||||||
|
UserDetails userDetails = userService.loadUserByToken(token);
|
||||||
|
User user = userService.findByLogin(userDetails.getUsername());
|
||||||
|
return user.getRole().toString();
|
||||||
|
}
|
||||||
|
|
||||||
|
@PostMapping(URL_SIGNUP)
|
||||||
|
public UserInfoDTO signup(@RequestBody @Valid UserDto userDto) {
|
||||||
|
return userService.signupAndGetToken(userDto);
|
||||||
|
}
|
||||||
|
|
||||||
|
@PostMapping(URL_LOGIN)
|
||||||
|
public String login(@RequestBody @Valid UserDto userDto) {
|
||||||
|
return userService.loginAndGetToken(userDto);
|
||||||
|
}
|
||||||
|
}
|
@ -1,42 +0,0 @@
|
|||||||
package ru.ip.labs.labs.films.controller;
|
|
||||||
|
|
||||||
import org.springframework.data.domain.Page;
|
|
||||||
import org.springframework.security.access.annotation.Secured;
|
|
||||||
import org.springframework.stereotype.Controller;
|
|
||||||
import org.springframework.ui.Model;
|
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
|
||||||
import org.springframework.web.bind.annotation.RequestParam;
|
|
||||||
import ru.ip.labs.labs.films.dto.UserDto;
|
|
||||||
import ru.ip.labs.labs.films.models.UserRole;
|
|
||||||
import ru.ip.labs.labs.films.service.UserService;
|
|
||||||
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.stream.IntStream;
|
|
||||||
|
|
||||||
@Controller
|
|
||||||
@RequestMapping("/users")
|
|
||||||
public class UserMvcController {
|
|
||||||
private final UserService userService;
|
|
||||||
|
|
||||||
public UserMvcController(UserService userService) {
|
|
||||||
this.userService = userService;
|
|
||||||
}
|
|
||||||
|
|
||||||
@GetMapping
|
|
||||||
@Secured({UserRole.AsString.ADMIN})
|
|
||||||
public String getUsers(@RequestParam(defaultValue = "1") int page,
|
|
||||||
@RequestParam(defaultValue = "5") int size,
|
|
||||||
Model model) {
|
|
||||||
final Page<UserDto> users = userService.findAllPages(page, size)
|
|
||||||
.map(UserDto::new);
|
|
||||||
model.addAttribute("users", users);
|
|
||||||
final int totalPages = users.getTotalPages();
|
|
||||||
final List<Integer> pageNumbers = IntStream.rangeClosed(1, totalPages)
|
|
||||||
.boxed()
|
|
||||||
.toList();
|
|
||||||
model.addAttribute("pages", pageNumbers);
|
|
||||||
model.addAttribute("totalPages", totalPages);
|
|
||||||
return "users";
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,51 +0,0 @@
|
|||||||
package ru.ip.labs.labs.films.controller;
|
|
||||||
|
|
||||||
import org.springframework.stereotype.Controller;
|
|
||||||
import org.springframework.ui.Model;
|
|
||||||
import org.springframework.validation.BindingResult;
|
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
|
||||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
|
||||||
import ru.ip.labs.labs.films.models.User;
|
|
||||||
import ru.ip.labs.labs.films.models.UserSignupDto;
|
|
||||||
import ru.ip.labs.labs.films.service.UserService;
|
|
||||||
import ru.ip.labs.labs.films.util.validation.ValidationException;
|
|
||||||
|
|
||||||
import javax.validation.Valid;
|
|
||||||
|
|
||||||
@Controller
|
|
||||||
@RequestMapping(UserSignupMvcController.SIGNUP_URL)
|
|
||||||
public class UserSignupMvcController {
|
|
||||||
public static final String SIGNUP_URL = "/signup";
|
|
||||||
|
|
||||||
private final UserService userService;
|
|
||||||
|
|
||||||
public UserSignupMvcController(UserService userService) {
|
|
||||||
this.userService = userService;
|
|
||||||
}
|
|
||||||
|
|
||||||
@GetMapping
|
|
||||||
public String showSignupForm(Model model) {
|
|
||||||
model.addAttribute("userDto", new UserSignupDto());
|
|
||||||
return "signup";
|
|
||||||
}
|
|
||||||
|
|
||||||
@PostMapping
|
|
||||||
public String signup(@ModelAttribute("userDto") @Valid UserSignupDto userSignupDto,
|
|
||||||
BindingResult bindingResult,
|
|
||||||
Model model) {
|
|
||||||
if (bindingResult.hasErrors()) {
|
|
||||||
model.addAttribute("errors", bindingResult.getAllErrors());
|
|
||||||
return "signup";
|
|
||||||
}
|
|
||||||
try {
|
|
||||||
final User user = userService.createUser(
|
|
||||||
userSignupDto.getLogin(), userSignupDto.getPassword(), userSignupDto.getPasswordConfirm());
|
|
||||||
return "redirect:/login?created=" + user.getLogin();
|
|
||||||
} catch (ValidationException e) {
|
|
||||||
model.addAttribute("errors", e.getMessage());
|
|
||||||
return "signup";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,28 +1,24 @@
|
|||||||
package ru.ip.labs.labs.films.dto;
|
package ru.ip.labs.labs.films.dto;
|
||||||
|
|
||||||
import ru.ip.labs.labs.films.models.User;
|
import javax.validation.constraints.NotEmpty;
|
||||||
import ru.ip.labs.labs.films.models.UserRole;
|
|
||||||
|
|
||||||
public class UserDto {
|
public class UserDto {
|
||||||
private final long id;
|
@NotEmpty
|
||||||
private final String login;
|
private String login;
|
||||||
private final UserRole role;
|
@NotEmpty
|
||||||
|
private String password;
|
||||||
|
private String passwordConfirm;
|
||||||
|
|
||||||
public UserDto(User user) {
|
|
||||||
this.id = user.getId();
|
|
||||||
this.login = user.getLogin();
|
|
||||||
this.role = user.getRole();
|
|
||||||
}
|
|
||||||
|
|
||||||
public long getId() {
|
|
||||||
return id;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getLogin() {
|
public String getLogin() {
|
||||||
return login;
|
return login;
|
||||||
}
|
}
|
||||||
|
|
||||||
public UserRole getRole() {
|
public String getPassword() {
|
||||||
return role;
|
return password;
|
||||||
}
|
}
|
||||||
|
public String getPasswordConfirm() {
|
||||||
|
return passwordConfirm;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
27
src/main/java/ru/ip/labs/labs/films/dto/UserInfoDTO.java
Normal file
27
src/main/java/ru/ip/labs/labs/films/dto/UserInfoDTO.java
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
package ru.ip.labs.labs.films.dto;
|
||||||
|
|
||||||
|
|
||||||
|
import ru.ip.labs.labs.films.models.UserRole;
|
||||||
|
|
||||||
|
public class UserInfoDTO {
|
||||||
|
private final String token;
|
||||||
|
private String login;
|
||||||
|
private final UserRole role;
|
||||||
|
public UserInfoDTO(String token, String login, UserRole role) {
|
||||||
|
this.token = token;
|
||||||
|
this.login = login;
|
||||||
|
this.role = role;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getToken() {
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserRole getRole() {
|
||||||
|
|
||||||
|
return role;
|
||||||
|
}
|
||||||
|
public String getLogin() {
|
||||||
|
return login;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,7 @@
|
|||||||
|
package ru.ip.labs.labs.films.service;
|
||||||
|
|
||||||
|
public class UserExistsException extends RuntimeException {
|
||||||
|
public UserExistsException(String login) {
|
||||||
|
super(String.format("User '%s' already exists", login));
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,7 @@
|
|||||||
|
package ru.ip.labs.labs.films.service;
|
||||||
|
|
||||||
|
public class UserNotFoundException extends RuntimeException {
|
||||||
|
public UserNotFoundException(String login) {
|
||||||
|
super(String.format("User not found '%s'", login));
|
||||||
|
}
|
||||||
|
}
|
@ -8,6 +8,10 @@ import org.springframework.security.core.userdetails.UserDetailsService;
|
|||||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
import ru.ip.labs.labs.configuration.jwt.JwtException;
|
||||||
|
import ru.ip.labs.labs.configuration.jwt.JwtProvider;
|
||||||
|
import ru.ip.labs.labs.films.dto.UserDto;
|
||||||
|
import ru.ip.labs.labs.films.dto.UserInfoDTO;
|
||||||
import ru.ip.labs.labs.films.models.User;
|
import ru.ip.labs.labs.films.models.User;
|
||||||
import ru.ip.labs.labs.films.models.UserRole;
|
import ru.ip.labs.labs.films.models.UserRole;
|
||||||
import ru.ip.labs.labs.films.repository.UserRepository;
|
import ru.ip.labs.labs.films.repository.UserRepository;
|
||||||
@ -22,13 +26,16 @@ public class UserService implements UserDetailsService {
|
|||||||
private final UserRepository userRepository;
|
private final UserRepository userRepository;
|
||||||
private final PasswordEncoder passwordEncoder;
|
private final PasswordEncoder passwordEncoder;
|
||||||
private final ValidatorUtil validatorUtil;
|
private final ValidatorUtil validatorUtil;
|
||||||
|
private final JwtProvider jwtProvider;
|
||||||
|
|
||||||
public UserService(UserRepository userRepository,
|
public UserService(UserRepository userRepository,
|
||||||
PasswordEncoder passwordEncoder,
|
PasswordEncoder passwordEncoder,
|
||||||
ValidatorUtil validatorUtil) {
|
ValidatorUtil validatorUtil,
|
||||||
|
JwtProvider jwtProvider) {
|
||||||
this.userRepository = userRepository;
|
this.userRepository = userRepository;
|
||||||
this.passwordEncoder = passwordEncoder;
|
this.passwordEncoder = passwordEncoder;
|
||||||
this.validatorUtil = validatorUtil;
|
this.validatorUtil = validatorUtil;
|
||||||
|
this.jwtProvider = jwtProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Page<User> findAllPages(int page, int size) {
|
public Page<User> findAllPages(int page, int size) {
|
||||||
@ -45,7 +52,7 @@ public class UserService implements UserDetailsService {
|
|||||||
|
|
||||||
public User createUser(String login, String password, String passwordConfirm, UserRole role) {
|
public User createUser(String login, String password, String passwordConfirm, UserRole role) {
|
||||||
if (findByLogin(login) != null) {
|
if (findByLogin(login) != null) {
|
||||||
throw new ValidationException(String.format("User '%s' already exists", login));
|
throw new UserExistsException(login);
|
||||||
}
|
}
|
||||||
final User user = new User(login, passwordEncoder.encode(password), role);
|
final User user = new User(login, passwordEncoder.encode(password), role);
|
||||||
validatorUtil.validate(user);
|
validatorUtil.validate(user);
|
||||||
@ -55,6 +62,26 @@ public class UserService implements UserDetailsService {
|
|||||||
return userRepository.save(user);
|
return userRepository.save(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String loginAndGetToken(UserDto userDto) {
|
||||||
|
final User user = findByLogin(userDto.getLogin());
|
||||||
|
if (user == null) {
|
||||||
|
throw new UserNotFoundException(userDto.getLogin());
|
||||||
|
}
|
||||||
|
if (!passwordEncoder.matches(userDto.getPassword(), user.getPassword())) {
|
||||||
|
throw new UserNotFoundException(user.getLogin());
|
||||||
|
}
|
||||||
|
return jwtProvider.generateToken(user.getLogin());
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserDetails loadUserByToken(String token) throws UsernameNotFoundException {
|
||||||
|
if (!jwtProvider.isTokenValid(token)) {
|
||||||
|
throw new JwtException("Bad token");
|
||||||
|
}
|
||||||
|
final String userLogin = jwtProvider.getLoginFromToken(token)
|
||||||
|
.orElseThrow(() -> new JwtException("Token is not contain Login"));
|
||||||
|
return loadUserByUsername(userLogin);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||||
final User userEntity = findByLogin(username);
|
final User userEntity = findByLogin(username);
|
||||||
@ -64,4 +91,9 @@ public class UserService implements UserDetailsService {
|
|||||||
return new org.springframework.security.core.userdetails.User(
|
return new org.springframework.security.core.userdetails.User(
|
||||||
userEntity.getLogin(), userEntity.getPassword(), Collections.singleton(userEntity.getRole()));
|
userEntity.getLogin(), userEntity.getPassword(), Collections.singleton(userEntity.getRole()));
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
public UserInfoDTO signupAndGetToken(UserDto userDto) {
|
||||||
|
final User user = createUser(userDto.getLogin(), userDto.getPassword(), userDto.getPasswordConfirm(), UserRole.USER);
|
||||||
|
return new UserInfoDTO(jwtProvider.generateToken(user.getLogin()), user.getLogin(), UserRole.USER);
|
||||||
|
}
|
||||||
|
}
|
@ -9,3 +9,5 @@ spring.jpa.hibernate.ddl-auto=update
|
|||||||
spring.h2.console.enabled=true
|
spring.h2.console.enabled=true
|
||||||
spring.h2.console.settings.trace=false
|
spring.h2.console.settings.trace=false
|
||||||
spring.h2.console.settings.web-allow-others=false
|
spring.h2.console.settings.web-allow-others=false
|
||||||
|
jwt.dev-token=my-secret-jwt
|
||||||
|
jwt.dev=true
|
||||||
|
Loading…
Reference in New Issue
Block a user