ttartt/PIbd-22_Artamonova_T.V._IP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lab6 vue

Browse Source
This commit is contained in:
Татьяна Артамонова 2023-06-13 15:18:37 +04:00
parent ad013517ce
commit 57619bfefc
34 changed files with 1082 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
build.gradle
View File

@ -12,16 +12,28 @@ repositories {
mavenCentral() mavenCentral()
} }
jar {
enabled = false
}
dependencies { dependencies {
annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.auth0:java-jwt:4.4.0'
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6'
implementation 'org.springframework.boot:spring-boot-devtools'
implementation 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect'
implementation 'org.webjars:bootstrap:5.1.3'
implementation 'org.webjars:jquery:3.6.0'
implementation 'org.webjars:font-awesome:6.1.0'
implementation 'com.h2database:h2:2.1.210' implementation 'com.h2database:h2:2.1.210'
implementation 'jakarta.validation:jakarta.validation-api:3.0.0'
implementation 'org.hibernate.validator:hibernate-validator:7.0.1.Final'
implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5' implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5'
implementation 'org.jetbrains:annotations:24.0.0' testImplementation 'org.springframework.boot:spring-boot-starter-test'
implementation 'org.jetbrains:annotations:24.0.0'
implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'org.hibernate.validator:hibernate-validator'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
} }
tasks.named('test') { tasks.named('test') {

BIN
data.mv.db
View File

Binary file not shown.

63
front/src/App.vue
View File

@ -1,16 +1,57 @@
<script>
import Header from "./components/Header.vue"
export default {
components:{Header}
}
</script>
<template> <template>
<Header></Header> <Header :user="userFromServer" :role="roleFromServer"></Header>
<div class="container-fluid"> <main class="main mt-2">
<router-view></router-view> <router-view @login="saveServerData"></router-view>
</div> </main>
</template> </template>
<script>
import Header from './components/Header.vue';
export default{
components:{
Header
},
data() {
return {
tokenFromServer: undefined,
userFromServer: undefined,
roleFromServer: undefined,
securityError: false,
}
},
created() {
const self = this
window.addEventListener('storage', function(e){
console.log(e)
if(e.key === "token")
if(this.tokenFromServer !== e.newValue) {
self.storageSecurity()
}
if(e.key === "user")
if(this.userFromServer !== e.newValue) {
self.storageSecurity()
}
if(e.key === "role")
if(this.roleFromServer !== e.newValue) {
self.storageSecurity()
}
})
},
methods: {
storageSecurity(){
localStorage.clear()
this.$router.push("/login")
this.securityError = true
},
saveServerData(data){
this.tokenFromServer = data.token
this.roleFromServer = data.role
this.userFromServer = data.user
},
},
}
</script>
<style> <style>
</style> </style>

12
front/src/components/Header.vue
View File

@ -15,6 +15,12 @@
<li class="nav-item"> <li class="nav-item">
<router-link to="/find" class="nav-link">Поиск</router-link> <router-link to="/find" class="nav-link">Поиск</router-link>
</li> </li>
<li class="nav-item">
<router-link to="/users" class="nav-link">Пользователи</router-link>
</li>
<li class="nav-item">
<router-link to="/login" class="nav-link" @click="logout()">Выход</router-link>
</li>
</ul> </ul>
</div> </div>
</div> </div>
@ -46,6 +52,10 @@
<script> <script>
export default { export default {
methods: {
logout(){
localStorage.clear();
}
}
} }
</script> </script>

9
front/src/pages/error.vue Normal file
View File

@ -0,0 +1,9 @@
<template>
<div>
<a>Ошибка доступа</a>
</div>
</template>
<script>
</script>
<style>
</style>

83
front/src/pages/login.vue Normal file
View File

@ -0,0 +1,83 @@
<template>
<div>
<div class="login">
<form @submit.prevent class="login__form" action="/">
<div class="form__login">
<input class="login-input form-control"
id="login" v-model="newUser.login"
validate="false"
placeholder="Логин"
type="text"
name="Логин">
</div>
<div class="form__password">
<input class="password-input form-control"
id="password" v-model="newUser.password"
validate="false"
placeholder="Пароль"
type="password"
name="Пароль">
</div>
<div class="login__buttons mt-5">
<button type="submit" class="login__confirm" id="login__confirm" @click="login">Войти</button>
<a class="login__registration" href="registration">Регистрация</a>
</div>
</form>
</div>
</div>
</template>
<script>
import axios from 'axios';
export default {
mounted(){
},
data(){
return{
newUser: new Object,
token: '',
user: '',
role: '',
}
},
methods: {
async login() {
await this.getRole()
try {
const response = await axios.post(`http://localhost:8080/jwt/login`, this.newUser);
if (response.status === 200) {
localStorage.setItem("token", response.data);
localStorage.setItem("user", this.newUser.login);
this.token = response.data;
this.user = this.newUser.login;
this.$emit('login', {
token: this.token,
user: this.newUser.login,
role: this.role,
});
this.$router.push("/")
} else {
localStorage.removeItem("token");
localStorage.removeItem("user");
localStorage.removeItem("role");
}
} catch (error) {
console.log(error);
}
},
async getRole(){
await axios.get(`http://localhost:8080/who_am_i?userLogin=${this.newUser.login}`)
.then((response) => {
localStorage.setItem("role", response.data)
this.role = response.data
})
.catch(error => {
console.log(error);
})
}
}
}
</script>
<style>
</style>

46
front/src/pages/registration.vue Normal file
View File

@ -0,0 +1,46 @@
<template>
<div class="registration">
<form @submit.prevent="registration" class="registration__form" action="#">
<div class="form__login">
<input class="login-input form-control" v-model="login" id="login" required="" validate="false" placeholder="Логин" type="text" name="Логин">
</div>
<div class="form__password">
<input class="password-input form-control" v-model="password" id="password" required="" validate="false" placeholder="Пароль" type="password" name="Пароль">
</div>
<div class="registration__buttons">
<button class="registration__confirm" id="reg_btn" type="submit">Зарегестрироваться</button><a class="registration__login" href="/login">Уже есть аккаунт</a>
</div>
</form>
</div>
</template>
<script>
import axios from 'axios';
export default {
data(){
return{
login: "",
password: "",
}
},
methods:{
registration(){
// Отправляем данные формы на сервер
let user = {
login: this.login,
password: this.password,
passwordConfirm: this.password
}
axios.post(`http://localhost:8080/sign_up`, user)
.then((response) => {
if (response.status === 200) {
alert(response.data);
}
})
.catch(error => {
console.log(error);
});
this.$router.push('/login');
}
}
}
</script>

52
front/src/pages/users.vue Normal file
View File

@ -0,0 +1,52 @@
<template >
<table class="table table-striped table-bordered table-hover">
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">Логин</th>
<th scope="col">Роль</th>
</tr>
</thead>
<tbody>
<tr v-for="(user, index) in users" :key="index">
<td>{{ user.id }}</td>
<td>{{ user.login }}</td>
<td>{{ user.role }}</td>
</tr>
</tbody>
</table>
</template>
<script>
import axios from 'axios'
export default {
data(){
return{
users: []
}
},
created(){
const getTokenForHeader = function () {
return "Bearer " + localStorage.getItem("token");
}
const requestParams = {
method: "GET",
headers: {
"Authorization": getTokenForHeader(),
}
};
axios.get(`http://localhost:8080`, requestParams)
.then(response => {
this.users = response.data;
})
.catch(error => {
console.log(error);
});
},
methods:{
}
}
</script>
<style >
</style>

34
front/src/router/index.js
View File

@ -2,14 +2,22 @@ import artists from "../pages/artists.vue"
import albums from "../pages/albums.vue" import albums from "../pages/albums.vue"
import songs from "../pages/songs.vue" import songs from "../pages/songs.vue"
import find from "../pages/find.vue" import find from "../pages/find.vue"
import users from "../pages/users.vue";
import login from "../pages/login.vue";
import registration from "../pages/registration.vue";
import error from "../pages/error.vue";
import {createRouter, createWebHistory} from "vue-router" import {createRouter, createWebHistory} from "vue-router"
const routes = [ const routes = [
{path: '/artists', component: artists}, {path: '/songs', component: songs, meta: { requiresAuth: true }},
{path: '/albums', component: albums}, {path: '/albums', component: albums, meta: { requiresAuth: true }},
{path: '/songs', component: songs}, {path: '/artists', component: artists, meta: { requiresAuth: true }},
{path: '/find', component: find}, {path: '/find', component: find, meta: { requiresAuth: true }},
{ path: "/users", component: users, meta: { requiresAuth: true, requiresAdmin: true }},
{ path: "/login", component: login},
{ path: "/registration", component: registration},
{ path: "/error", component: error, meta: { requiresAuth: true }},
] ]
const router = createRouter({ const router = createRouter({
@ -18,4 +26,22 @@ const router = createRouter({
routes routes
}) })
router.beforeEach((to, from, next) => {
const isAuthenticated = localStorage.getItem("token");
if (to.matched.some((route) => route.meta.requiresAuth)) {
if (!isAuthenticated) {
next("/login");
return;
}
}
const isAdmin = localStorage.getItem("role") === "ADMIN";
if (to.matched.some((route) => route.meta.requiresAdmin)) {
if (!isAdmin) {
next("/error");
return;
}
}
next();
});
export default router; export default router;

8
src/main/java/ru/ulstu/is/sbapp/Repository/IUserRepository.java Normal file
View File

@ -0,0 +1,8 @@
package ru.ulstu.is.sbapp.Repository;
import org.springframework.data.jpa.repository.JpaRepository;
import ru.ulstu.is.sbapp.database.model.User;
public interface IUserRepository extends JpaRepository<User, Long> {
User findOneByLoginIgnoreCase(String login);
}

13
src/main/java/ru/ulstu/is/sbapp/WebConfiguration.java
View File

@ -1,13 +0,0 @@
package ru.ulstu.is.sbapp;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
class WebConfiguration implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("*");
}
}

11
src/main/java/ru/ulstu/is/sbapp/configuration/JwtException.java Normal file
View File

@ -0,0 +1,11 @@
package ru.ulstu.is.sbapp.configuration;
public class JwtException extends RuntimeException {
public JwtException(Throwable throwable) {
super(throwable);
}
public JwtException(String message) {
super(message);
}
}

72
src/main/java/ru/ulstu/is/sbapp/configuration/JwtFilter.java Normal file
View File

@ -0,0 +1,72 @@
package ru.ulstu.is.sbapp.configuration;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.GenericFilterBean;
import ru.ulstu.is.sbapp.database.service.UserService;
import java.io.IOException;
public class JwtFilter extends GenericFilterBean {
private static final String AUTHORIZATION = "Authorization";
public static final String TOKEN_BEGIN_STR = "Bearer ";
private final UserService userService;
public JwtFilter(UserService userService) {
this.userService = userService;
}
private String getTokenFromRequest(HttpServletRequest request) {
String bearer = request.getHeader(AUTHORIZATION);
if (StringUtils.hasText(bearer) && bearer.startsWith(TOKEN_BEGIN_STR)) {
return bearer.substring(TOKEN_BEGIN_STR.length());
}
return null;
}
private void raiseException(ServletResponse response, int status, String message) throws IOException {
if (response instanceof final HttpServletResponse httpResponse) {
httpResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
httpResponse.setStatus(status);
final byte[] body = new ObjectMapper().writeValueAsBytes(message);
response.getOutputStream().write(body);
}
}
@Override
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain) throws IOException, ServletException {
if (request instanceof final HttpServletRequest httpRequest) {
final String token = getTokenFromRequest(httpRequest);
if (StringUtils.hasText(token)) {
try {
final UserDetails user = userService.loadUserByToken(token);
final UsernamePasswordAuthenticationToken auth =
new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
} catch (JwtException e) {
raiseException(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
return;
} catch (Exception e) {
e.printStackTrace();
raiseException(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
String.format("Internal error: %s", e.getMessage()));
return;
}
}
}
chain.doFilter(request, response);
}
}

27
src/main/java/ru/ulstu/is/sbapp/configuration/JwtProperties.java Normal file
View File

@ -0,0 +1,27 @@
package ru.ulstu.is.sbapp.configuration;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
@Configuration
@ConfigurationProperties(prefix = "jwt", ignoreInvalidFields = true)
public class JwtProperties {
private String devToken = "";
private Boolean isDev = true;
public String getDevToken() {
return devToken;
}
public void setDevToken(String devToken) {
this.devToken = devToken;
}
public Boolean isDev() {
return isDev;
}
public void setDev(Boolean dev) {
isDev = dev;
}
}

108
src/main/java/ru/ulstu/is/sbapp/configuration/JwtProvider.java Normal file
View File

@ -0,0 +1,108 @@
package ru.ulstu.is.sbapp.configuration;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.Date;
import java.util.Optional;
import java.util.UUID;
@Component
public class JwtProvider {
private final static Logger LOG = LoggerFactory.getLogger(JwtProvider.class);
private final static byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
private final static String ISSUER = "auth0";
private final Algorithm algorithm;
private final JWTVerifier verifier;
public JwtProvider(JwtProperties jwtProperties) {
if (!jwtProperties.isDev()) {
LOG.info("Generate new JWT key for prod");
try {
final MessageDigest salt = MessageDigest.getInstance("SHA-256");
salt.update(UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));
LOG.info("Use generated JWT key for prod \n{}", bytesToHex(salt.digest()));
algorithm = Algorithm.HMAC256(bytesToHex(salt.digest()));
} catch (NoSuchAlgorithmException e) {
throw new JwtException(e);
}
} else {
LOG.info("Use default JWT key for dev \n{}", jwtProperties.getDevToken());
algorithm = Algorithm.HMAC256(jwtProperties.getDevToken());
}
verifier = JWT.require(algorithm)
.withIssuer(ISSUER)
.build();
}
private static String bytesToHex(byte[] bytes) {
byte[] hexChars = new byte[bytes.length * 2];
for (int j = 0; j < bytes.length; j++) {
int v = bytes[j] & 0xFF;
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
}
return new String(hexChars, StandardCharsets.UTF_8);
}
public String generateToken(String login) {
final Date issueDate = Date.from(LocalDate.now()
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
final Date expireDate = Date.from(LocalDate.now()
.plusDays(15)
.atStartOfDay(ZoneId.systemDefault())
.toInstant());
var temp = JWT.create();
var temp2 = temp.withIssuer(ISSUER);
var temp3 = temp2.withIssuedAt(issueDate);
var temp4 = temp3.withExpiresAt(expireDate);
var temp5 = temp4.withSubject(login);
var temp6 = temp5.sign(algorithm);
return temp6;
}
private DecodedJWT validateToken(String token) {
try {
return verifier.verify(token);
} catch (JWTVerificationException e) {
throw new JwtException(String.format("Token verification error: %s", e.getMessage()));
}
}
public boolean isTokenValid(String token) {
if (!StringUtils.hasText(token)) {
return false;
}
try {
validateToken(token);
return true;
} catch (JwtException e) {
LOG.error(e.getMessage());
return false;
}
}
public Optional<String> getLoginFromToken(String token) {
try {
return Optional.ofNullable(validateToken(token).getSubject());
} catch (JwtException e) {
LOG.error(e.getMessage());
return Optional.empty();
}
}
}

27
src/main/java/ru/ulstu/is/sbapp/configuration/OpenAPI30Configuration.java Normal file
View File

@ -0,0 +1,27 @@
package ru.ulstu.is.sbapp.configuration;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class OpenAPI30Configuration {
public static final String API_PREFIX = "/api/1.0";
@Bean
public OpenAPI customizeOpenAPI() {
final String securitySchemeName = JwtFilter.TOKEN_BEGIN_STR;
return new OpenAPI()
.addSecurityItem(new SecurityRequirement()
.addList(securitySchemeName))
.components(new Components()
.addSecuritySchemes(securitySchemeName, new SecurityScheme()
.name(securitySchemeName)
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")));
}
}

14
src/main/java/ru/ulstu/is/sbapp/configuration/PasswordEncoderConfiguration.java Normal file
View File

@ -0,0 +1,14 @@
package ru.ulstu.is.sbapp.configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class PasswordEncoderConfiguration {
@Bean
public PasswordEncoder createPasswordEncoder() {
return new BCryptPasswordEncoder();
}
}

83
src/main/java/ru/ulstu/is/sbapp/configuration/SecurityConfiguration.java Normal file
View File

@ -0,0 +1,83 @@
package ru.ulstu.is.sbapp.configuration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import ru.ulstu.is.sbapp.controllers.UserController;
import ru.ulstu.is.sbapp.database.model.Role;
import ru.ulstu.is.sbapp.database.service.UserService;
@Configuration
@EnableWebSecurity
@EnableMethodSecurity(
securedEnabled = true
)
public class SecurityConfiguration {
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
private static final String LOGIN_URL = "/login";
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
private final UserService userService;
private final JwtFilter jwtFilter;
public SecurityConfiguration(UserService userService)
{
this.userService = userService;
this.jwtFilter = new JwtFilter(userService);
createAdminOnStartup();
}
private void createAdminOnStartup() {
final String admin = "admin";
if (userService.findByLogin(admin) == null) {
log.info("Admin user successfully created");
userService.addUser(admin, admin, admin, Role.ADMIN);
}
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.cors()
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeHttpRequests()
.requestMatchers("", SPA_URL_MASK).permitAll()
.requestMatchers("/", SPA_URL_MASK).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_SIGN_UP).permitAll()
.requestMatchers(HttpMethod.POST, UserController.URL_WHO_AM_I).permitAll()
.anyRequest()
.authenticated()
.and()
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
.anonymous();
return http.userDetailsService(userService).build();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring()
.requestMatchers(HttpMethod.OPTIONS, "/**")
.requestMatchers("/*.js")
.requestMatchers("/*.html")
.requestMatchers("/*.css")
.requestMatchers("/assets/**")
.requestMatchers("/favicon.ico")
.requestMatchers("/.js", "/.css")
.requestMatchers("/swagger-ui/index.html")
.requestMatchers("/webjars/**")
.requestMatchers("/swagger-resources/**")
.requestMatchers("/v3/api-docs/**")
.requestMatchers("/h2-console/**");
}
}

20
src/main/java/ru/ulstu/is/sbapp/configuration/TypeConfiguration.java
View File

@ -1,20 +0,0 @@
package ru.ulstu.is.sbapp.configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import ru.ulstu.is.sbapp.interfaces.DoubleType;
import ru.ulstu.is.sbapp.interfaces.StringType;
@Configuration
public class TypeConfiguration {
@Bean(value = "str")
public StringType createStrType(){
return new StringType();
}
@Bean(value = "double")
public DoubleType createDoubleType(){
return new DoubleType();
}
}

29
src/main/java/ru/ulstu/is/sbapp/configuration/WebConfiguration.java Normal file
View File

@ -0,0 +1,29 @@
package ru.ulstu.is.sbapp.configuration;
import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebConfiguration implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController(SecurityConfiguration.SPA_URL_MASK).setViewName("forward:/");
registry.addViewController("/notFound").setViewName("forward:/");
}
@Bean
public WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> containerCustomizer() {
return container -> container.addErrorPages(new ErrorPage(HttpStatus.NOT_FOUND, "/notFound"));
}
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("*");
}
}

3
src/main/java/ru/ulstu/is/sbapp/controllers/AlbumController.java
View File

@ -3,6 +3,7 @@ package ru.ulstu.is.sbapp.controllers;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
import ru.ulstu.is.sbapp.database.model.Artist; import ru.ulstu.is.sbapp.database.model.Artist;
import ru.ulstu.is.sbapp.database.model.Song; import ru.ulstu.is.sbapp.database.model.Song;
import ru.ulstu.is.sbapp.database.service.AlbumService; import ru.ulstu.is.sbapp.database.service.AlbumService;
@ -11,7 +12,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
@RestController @RestController
@RequestMapping("/album") @RequestMapping(OpenAPI30Configuration.API_PREFIX + "/album")
public class AlbumController { public class AlbumController {
private final AlbumService albumService; private final AlbumService albumService;

3
src/main/java/ru/ulstu/is/sbapp/controllers/ArtistController.java
View File

@ -2,12 +2,13 @@ package ru.ulstu.is.sbapp.controllers;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
import ru.ulstu.is.sbapp.database.service.ArtistService; import ru.ulstu.is.sbapp.database.service.ArtistService;
import java.util.List; import java.util.List;
@RestController @RestController
@RequestMapping("/artist") @RequestMapping(OpenAPI30Configuration.API_PREFIX + "/artist")
public class ArtistController { public class ArtistController {
private final ArtistService artistService; private final ArtistService artistService;

3
src/main/java/ru/ulstu/is/sbapp/controllers/SearchController.java
View File

@ -4,13 +4,14 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
import ru.ulstu.is.sbapp.database.service.FindByNameService; import ru.ulstu.is.sbapp.database.service.FindByNameService;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@RestController @RestController
@RequestMapping("/find") @RequestMapping(OpenAPI30Configuration.API_PREFIX + "/find")
public class SearchController { public class SearchController {
private final FindByNameService findService; private final FindByNameService findService;

3
src/main/java/ru/ulstu/is/sbapp/controllers/SongController.java
View File

@ -2,13 +2,14 @@ package ru.ulstu.is.sbapp.controllers;
import jakarta.validation.Valid; import jakarta.validation.Valid;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
import ru.ulstu.is.sbapp.database.service.AlbumService; import ru.ulstu.is.sbapp.database.service.AlbumService;
import ru.ulstu.is.sbapp.database.service.SongService; import ru.ulstu.is.sbapp.database.service.SongService;
import java.util.List; import java.util.List;
@RestController @RestController
@RequestMapping("/song") @RequestMapping(OpenAPI30Configuration.API_PREFIX + "/song")
public class SongController { public class SongController {
private final SongService songService; private final SongService songService;
private final AlbumService albumService; private final AlbumService albumService;

64
src/main/java/ru/ulstu/is/sbapp/controllers/UserController.java Normal file
View File

@ -0,0 +1,64 @@
package ru.ulstu.is.sbapp.controllers;
import jakarta.validation.Valid;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.*;
import ru.ulstu.is.sbapp.database.model.User;
import ru.ulstu.is.sbapp.database.model.Role;
import ru.ulstu.is.sbapp.database.service.UserService;
import ru.ulstu.is.sbapp.database.util.validation.ValidationException;
import java.util.List;
@RestController
public class UserController {
public static final String URL_LOGIN = "/jwt/login";
public static final String URL_SIGN_UP = "/sign_up";
public static final String URL_WHO_AM_I = "/who_am_i";
private final UserService userService;
public UserController(UserService userService) {
this.userService = userService;
}
@PostMapping(URL_LOGIN)
public String login(@RequestBody @Valid UserDTO userDto) {
return userService.loginAndGetToken(userDto);
}
@GetMapping(URL_WHO_AM_I)
public String role(@RequestParam("userLogin") String userLogin) {
return userService.findByLogin(userLogin).getUserRole().name();
}
@PostMapping(URL_SIGN_UP)
public String signUp(@RequestBody @Valid UserSignUpDTO userSignupDto) {
try {
final User user = userService.addUser(userSignupDto.getLogin(),
userSignupDto.getPassword(), userSignupDto.getPasswordConfirm(), Role.USER);
return "created " + user.getLogin();
} catch (ValidationException e) {
return e.getMessage();
}
}
@GetMapping("/{id}")
@Secured({Role.AsString.ADMIN})
public UserDTO getUser(@PathVariable Long id) {
return new UserDTO(userService.findUser(id));
}
@GetMapping("/")
@Secured({Role.AsString.ADMIN})
public List<UserDTO> getUsers() {
return userService.findAllUsers().stream()
.map(UserDTO::new)
.toList();
}
@PutMapping("/{id}")
public UserDTO updateUser(@RequestBody @Valid UserDTO userDto){
return new UserDTO(userService.updateUser(userDto));
}
@DeleteMapping("/{id}")
public void deleteUser(@PathVariable Long id) {
userService.deleteUser(id);
}
}

52
src/main/java/ru/ulstu/is/sbapp/controllers/UserDTO.java Normal file
View File

@ -0,0 +1,52 @@
package ru.ulstu.is.sbapp.controllers;
import ru.ulstu.is.sbapp.database.model.User;
import ru.ulstu.is.sbapp.database.model.Role;
public class UserDTO {
private Long id;
private Role role;
private String login;
private String password;
public UserDTO(){}
public UserDTO(User user) {
this.id=user.getId();
this.login= user.getLogin();
this.password = user.getPassword();
this.role = user.getUserRole();
}
public Long getId() {
return id;
}
public String getLogin()
{
return login;
}
public String getPassword()
{
return password;
}
public Role getUserRole() {
return role;
}
public void setId(Long id) {
this.id = id;
}
public void setLogin(String login)
{
this.login = login;
}
public void setPassword(String password)
{
this.password = password;
}
}

36
src/main/java/ru/ulstu/is/sbapp/controllers/UserSignUpDTO.java Normal file
View File

@ -0,0 +1,36 @@
package ru.ulstu.is.sbapp.controllers;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.Size;
public class UserSignUpDTO {
private String login;
private String password;
private String passwordConfirm;
public String getLogin() {
return login;
}
public String getPasswordConfirm() {
return passwordConfirm;
}
public String getPassword() {
return password;
}
public void setLogin(String login) {
this.login = login;
}
public void setPassword(String password) {
this.password = password;
}
public void setPasswordConfirm(String passwordConfirm) {
this.passwordConfirm = passwordConfirm;
}
}

20
src/main/java/ru/ulstu/is/sbapp/database/model/Role.java Normal file
View File

@ -0,0 +1,20 @@
package ru.ulstu.is.sbapp.database.model;
import org.springframework.security.core.GrantedAuthority;
public enum Role implements GrantedAuthority {
ADMIN,
USER;
private static final String PREFIX = "ROLE_";
@Override
public String getAuthority() {
return PREFIX + this.name();
}
public static final class AsString {
public static final String ADMIN = PREFIX + "ADMIN";
public static final String USER = PREFIX + "USER";
}
}

72
src/main/java/ru/ulstu/is/sbapp/database/model/User.java Normal file
View File

@ -0,0 +1,72 @@
package ru.ulstu.is.sbapp.database.model;
import jakarta.persistence.*;
import ru.ulstu.is.sbapp.controllers.UserSignUpDTO;
import java.util.Objects;
@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
private String login;
private String password;
private Role role;
public User(){
}
public User(UserSignUpDTO userDto){
this.login = userDto.getLogin();
this.password = userDto.getPassword();
this.role = Role.USER;
}
public User(String login, String password, Role role){
this.login = login;
this.password = password;
this.role = role;
}
public Long getId(){return id;}
public String getLogin(){return login;}
public void setLogin(String login){this.login = login;}
public String getPassword(){return password;}
public void setPassword(String password){this.password = password;}
public Role getUserRole() {
return role;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
User user = (User) o;
return Objects.equals(id, user.id);
}
@Override
public int hashCode() {
return Objects.hash(id);
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", login='" + login + '\'' +
", password='" + password + '\'' +
'}';
}
}

7
src/main/java/ru/ulstu/is/sbapp/database/service/UserExistsException.java Normal file
View File

@ -0,0 +1,7 @@
package ru.ulstu.is.sbapp.database.service;
public class UserExistsException extends RuntimeException {
public UserExistsException(String login) {
super(String.format("User '%s' already exists", login));
}
}

7
src/main/java/ru/ulstu/is/sbapp/database/service/UserNotFoundException.java Normal file
View File

@ -0,0 +1,7 @@
package ru.ulstu.is.sbapp.database.service;
public class UserNotFoundException extends RuntimeException {
public UserNotFoundException(Long id) {
super(String.format("User not found '%s'", id));
}
}

130
src/main/java/ru/ulstu/is/sbapp/database/service/UserService.java Normal file
View File

@ -0,0 +1,130 @@
package ru.ulstu.is.sbapp.database.service;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Sort;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.StringUtils;
import ru.ulstu.is.sbapp.Repository.IUserRepository;
import ru.ulstu.is.sbapp.configuration.JwtException;
import ru.ulstu.is.sbapp.configuration.JwtProvider;
import ru.ulstu.is.sbapp.controllers.UserDTO;
import ru.ulstu.is.sbapp.controllers.UserSignUpDTO;
import ru.ulstu.is.sbapp.database.model.User;
import ru.ulstu.is.sbapp.database.model.Role;
import ru.ulstu.is.sbapp.database.util.validation.ValidationException;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
@Service
public class UserService implements UserDetailsService {
private final IUserRepository userRepository;
private final PasswordEncoder passwordEncoder;
private final JwtProvider jwtProvider;
public UserService(IUserRepository userRepository,
PasswordEncoder passwordEncoder,
JwtProvider jwtProvider){
this.userRepository = userRepository;
this.passwordEncoder = passwordEncoder;
this.jwtProvider = jwtProvider;
}
public User findByLogin(String login) {
return userRepository.findOneByLoginIgnoreCase(login);
}
public Page<User> findAllPages(int page, int size) {
return userRepository.findAll(PageRequest.of(page - 1, size, Sort.by("id").ascending()));
}
@Transactional
public User addUser(UserSignUpDTO userDto){
final User user = new User(userDto);
userRepository.save(user);
return user;
}
@Transactional
public User addUser(String login, String password,
String passwordConfirm,
Role role){
if (findByLogin(login) != null) {
throw new ValidationException(String.format("User '%s' already exists", login));
}
if (!Objects.equals(password, passwordConfirm)) {
throw new ValidationException("Passwords not equals");
}
final User user = new User(login,passwordEncoder.encode(password),role);
return userRepository.save(user);
}
@Transactional(readOnly = true)
public User findUser(Long id) {
final Optional<User> user = userRepository.findById(id);
return user.orElseThrow(() -> new UserNotFoundException(id));
}
@Transactional(readOnly = true)
public List<User> findAllUsers() {
return userRepository.findAll();
}
@Transactional
public User updateUser(UserDTO userDto) {
final User currentUser = findUser(userDto.getId());
currentUser.setLogin(userDto.getLogin());
currentUser.setPassword(userDto.getPassword());
return userRepository.save(currentUser);
}
@Transactional
public User updateUser(Long id,String login, String password) {
if (!StringUtils.hasText(login) || !StringUtils.hasText(password)) {
throw new IllegalArgumentException("User name, login or password is null or empty");
}
final User currentUser = findUser(id);
currentUser.setLogin(login);
currentUser.setPassword(password);
return userRepository.save(currentUser);
}
@Transactional
public void deleteUser(Long id) {
userRepository.deleteById(id);
}
@Transactional
public void deleteAllUsers() {
userRepository.deleteAll();
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final User userEntity = findByLogin(username);
if (userEntity == null) {
throw new UsernameNotFoundException(username);
}
return new org.springframework.security.core.userdetails.User(
userEntity.getLogin(), userEntity.getPassword(), Collections.singleton(userEntity.getUserRole()));
}
public String loginAndGetToken(UserDTO userDto) {
final User user = findByLogin(userDto.getLogin());
if (user == null) {
throw new UserNotFoundException(userDto.getId());
}
if (!passwordEncoder.matches(userDto.getPassword(), user.getPassword())) {
throw new UserNotFoundException(user.getId());
}
return jwtProvider.generateToken(user.getLogin());
}
public UserDetails loadUserByToken(String token) throws UsernameNotFoundException {
if (!jwtProvider.isTokenValid(token)) {
throw new JwtException("Bad token");
}
final String userLogin = jwtProvider.getLoginFromToken(token)
.orElseThrow(() -> new JwtException("Token is not contain Login"));
return loadUserByUsername(userLogin);
}
}

3
src/main/java/ru/ulstu/is/sbapp/database/util/validation/ValidationException.java
View File

@ -3,6 +3,9 @@ package ru.ulstu.is.sbapp.database.util.validation;
import java.util.Set; import java.util.Set;
public class ValidationException extends RuntimeException { public class ValidationException extends RuntimeException {
public ValidationException(String message) {
super(message);
}
public ValidationException(Set<String> errors) { public ValidationException(Set<String> errors) {
super(String.join("\n", errors)); super(String.join("\n", errors));
} }

5
src/main/resources/application.properties
View File

@ -1,5 +1,5 @@
spring.main.banner-mode=off spring.main.banner-mode=off
#server.port=8080 server.port=8080
spring.datasource.url=jdbc:h2:file:./data spring.datasource.url=jdbc:h2:file:./data
spring.datasource.driverClassName=org.h2.Driver spring.datasource.driverClassName=org.h2.Driver
spring.datasource.username=sa spring.datasource.username=sa
@ -9,3 +9,6 @@ spring.jpa.hibernate.ddl-auto=update
spring.h2.console.enabled=true spring.h2.console.enabled=true
spring.h2.console.settings.trace=false spring.h2.console.settings.trace=false
spring.h2.console.settings.web-allow-others=false spring.h2.console.settings.web-allow-others=false
jwt.dev-token=my-secret-jwt
jwt.dev=true
jwt.secret = my-secret-jwt