Compare commits
No commits in common. "e54fbdb7b7735938109d3b1209041ebaadb4ed4c" and "57619bfefc2090d9ac358ecd9ce412aaeff6e3d2" have entirely different histories.
e54fbdb7b7
...
57619bfefc
39
build.gradle
39
build.gradle
@ -1,6 +1,6 @@
|
||||
plugins {
|
||||
id 'java'
|
||||
id 'org.springframework.boot' version '2.6.3'
|
||||
id 'org.springframework.boot' version '3.0.2'
|
||||
id 'io.spring.dependency-management' version '1.1.0'
|
||||
}
|
||||
|
||||
@ -18,37 +18,22 @@ jar {
|
||||
|
||||
dependencies {
|
||||
annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
|
||||
|
||||
implementation 'org.springframework.boot:spring-boot-starter-web'
|
||||
|
||||
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
|
||||
implementation 'com.h2database:h2:2.1.210'
|
||||
|
||||
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-security'
|
||||
implementation 'com.auth0:java-jwt:4.4.0'
|
||||
|
||||
implementation 'org.hibernate.validator:hibernate-validator'
|
||||
|
||||
implementation 'org.springdoc:springdoc-openapi-ui:1.6.5'
|
||||
|
||||
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6'
|
||||
implementation 'org.springframework.boot:spring-boot-devtools'
|
||||
implementation 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect'
|
||||
implementation 'org.webjars:bootstrap:5.1.3'
|
||||
implementation 'org.webjars:jquery:3.6.0'
|
||||
implementation 'org.webjars:font-awesome:6.1.0'
|
||||
implementation 'com.h2database:h2:2.1.210'
|
||||
implementation 'jakarta.validation:jakarta.validation-api:3.0.0'
|
||||
implementation 'org.hibernate.validator:hibernate-validator:7.0.1.Final'
|
||||
implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5'
|
||||
testImplementation 'org.springframework.boot:spring-boot-starter-test'
|
||||
// annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
|
||||
// implementation 'org.springframework.boot:spring-boot-starter-web'
|
||||
// implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
|
||||
// implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
|
||||
// implementation 'org.springframework.boot:spring-boot-starter-security'
|
||||
// implementation 'com.auth0:java-jwt:4.4.0'
|
||||
// implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6'
|
||||
// implementation 'org.springframework.boot:spring-boot-devtools'
|
||||
// implementation 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect'
|
||||
// implementation 'org.webjars:bootstrap:5.1.3'
|
||||
// implementation 'org.webjars:jquery:3.6.0'
|
||||
// implementation 'org.webjars:font-awesome:6.1.0'
|
||||
// implementation 'com.h2database:h2:2.1.210'
|
||||
// implementation 'jakarta.validation:jakarta.validation-api:3.0.0'
|
||||
// implementation 'org.hibernate.validator:hibernate-validator:7.0.1.Final'
|
||||
// implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.5'
|
||||
// testImplementation 'org.springframework.boot:spring-boot-starter-test'
|
||||
}
|
||||
|
||||
tasks.named('test') {
|
||||
|
BIN
data.mv.db
Normal file
BIN
data.mv.db
Normal file
Binary file not shown.
@ -79,11 +79,6 @@ export default {
|
||||
editedSong: new Song(),
|
||||
}
|
||||
},
|
||||
beforeCreate() {
|
||||
if (localStorage.getItem("token") == null) {
|
||||
this.$router.push("/login");
|
||||
}
|
||||
},
|
||||
methods: {
|
||||
getSongs(){
|
||||
axios.get(this.URL + "song")
|
||||
|
@ -1,5 +1,12 @@
|
||||
package ru.ulstu.is.sbapp.configuration;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.ServletRequest;
|
||||
import jakarta.servlet.ServletResponse;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
@ -7,12 +14,7 @@ import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
import ru.ulstu.is.sbapp.database.service.UserService;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
public class JwtFilter extends GenericFilterBean {
|
||||
|
@ -2,15 +2,15 @@ package ru.ulstu.is.sbapp.configuration;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import ru.ulstu.is.sbapp.controllers.UserController;
|
||||
import ru.ulstu.is.sbapp.database.model.Role;
|
||||
@ -18,17 +18,24 @@ import ru.ulstu.is.sbapp.database.service.UserService;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@EnableMethodSecurity(securedEnabled = true)
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
@EnableMethodSecurity(
|
||||
securedEnabled = true
|
||||
)
|
||||
public class SecurityConfiguration {
|
||||
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
||||
private static final String LOGIN_URL = "/login";
|
||||
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
|
||||
|
||||
private final UserService userService;
|
||||
private final JwtFilter jwtFilter;
|
||||
public SecurityConfiguration(UserService userService) {
|
||||
|
||||
public SecurityConfiguration(UserService userService)
|
||||
{
|
||||
this.userService = userService;
|
||||
this.jwtFilter = new JwtFilter(userService);
|
||||
createAdminOnStartup();
|
||||
}
|
||||
|
||||
private void createAdminOnStartup() {
|
||||
final String admin = "admin";
|
||||
if (userService.findByLogin(admin) == null) {
|
||||
@ -36,35 +43,41 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
userService.addUser(admin, admin, admin, Role.ADMIN);
|
||||
}
|
||||
}
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
log.info("Creating security configuration");
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.cors()
|
||||
.and()
|
||||
.csrf().disable()
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/", SPA_URL_MASK).permitAll()
|
||||
.antMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
|
||||
.authorizeHttpRequests()
|
||||
.requestMatchers("", SPA_URL_MASK).permitAll()
|
||||
.requestMatchers("/", SPA_URL_MASK).permitAll()
|
||||
.requestMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
|
||||
.requestMatchers(HttpMethod.POST, UserController.URL_SIGN_UP).permitAll()
|
||||
.requestMatchers(HttpMethod.POST, UserController.URL_WHO_AM_I).permitAll()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.anonymous();
|
||||
return http.userDetailsService(userService).build();
|
||||
}
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder builder) throws Exception {
|
||||
builder.userDetailsService(userService);
|
||||
}
|
||||
@Override
|
||||
public void configure(WebSecurity web) {
|
||||
web.ignoring()
|
||||
.antMatchers(HttpMethod.OPTIONS, "/**")
|
||||
.antMatchers("/**/*.{js,html,css,png}")
|
||||
.antMatchers("/swagger-ui/index.html")
|
||||
.antMatchers("/webjars/**")
|
||||
.antMatchers("/swagger-resources/**")
|
||||
.antMatchers("/v3/api-docs/**");
|
||||
|
||||
@Bean
|
||||
public WebSecurityCustomizer webSecurityCustomizer() {
|
||||
return (web) -> web.ignoring()
|
||||
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
||||
.requestMatchers("/*.js")
|
||||
.requestMatchers("/*.html")
|
||||
.requestMatchers("/*.css")
|
||||
.requestMatchers("/assets/**")
|
||||
.requestMatchers("/favicon.ico")
|
||||
.requestMatchers("/.js", "/.css")
|
||||
.requestMatchers("/swagger-ui/index.html")
|
||||
.requestMatchers("/webjars/**")
|
||||
.requestMatchers("/swagger-resources/**")
|
||||
.requestMatchers("/v3/api-docs/**")
|
||||
.requestMatchers("/h2-console/**");
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,6 @@
|
||||
package ru.ulstu.is.sbapp.controllers;
|
||||
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||
@ -7,7 +8,6 @@ import ru.ulstu.is.sbapp.database.model.Artist;
|
||||
import ru.ulstu.is.sbapp.database.model.Song;
|
||||
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
||||
|
||||
import javax.validation.Valid;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
package ru.ulstu.is.sbapp.controllers;
|
||||
|
||||
import javax.validation.Valid;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||
import ru.ulstu.is.sbapp.database.service.ArtistService;
|
||||
|
@ -1,6 +1,6 @@
|
||||
package ru.ulstu.is.sbapp.controllers;
|
||||
|
||||
import javax.validation.Valid;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
||||
|
@ -1,6 +1,6 @@
|
||||
package ru.ulstu.is.sbapp.controllers;
|
||||
|
||||
import javax.validation.Valid;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ru.ulstu.is.sbapp.database.model.User;
|
||||
|
@ -1,5 +1,7 @@
|
||||
package ru.ulstu.is.sbapp.controllers;
|
||||
|
||||
import jakarta.validation.constraints.NotBlank;
|
||||
import jakarta.validation.constraints.Size;
|
||||
|
||||
public class UserSignUpDTO {
|
||||
private String login;
|
||||
|
@ -1,7 +1,7 @@
|
||||
package ru.ulstu.is.sbapp.database.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonManagedReference;
|
||||
import javax.persistence.*;
|
||||
import jakarta.persistence.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
|
@ -1,7 +1,8 @@
|
||||
package ru.ulstu.is.sbapp.database.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonBackReference;
|
||||
import javax.persistence.*;
|
||||
import jakarta.persistence.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
@ -1,8 +1,10 @@
|
||||
package ru.ulstu.is.sbapp.database.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonBackReference;
|
||||
import jakarta.persistence.*;
|
||||
import jakarta.validation.constraints.NotBlank;
|
||||
import jakarta.validation.constraints.NotNull;
|
||||
|
||||
import javax.persistence.*;
|
||||
import java.util.Objects;
|
||||
|
||||
@Entity
|
||||
|
@ -1,8 +1,8 @@
|
||||
package ru.ulstu.is.sbapp.database.model;
|
||||
|
||||
import jakarta.persistence.*;
|
||||
import ru.ulstu.is.sbapp.controllers.UserSignUpDTO;
|
||||
|
||||
import javax.persistence.*;
|
||||
import java.util.Objects;
|
||||
|
||||
@Entity
|
||||
|
@ -1,6 +1,9 @@
|
||||
package ru.ulstu.is.sbapp.database.util.validation;
|
||||
|
||||
import javax.validation.*;
|
||||
import jakarta.validation.ConstraintViolation;
|
||||
import jakarta.validation.Validation;
|
||||
import jakarta.validation.Validator;
|
||||
import jakarta.validation.ValidatorFactory;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Set;
|
||||
|
Loading…
Reference in New Issue
Block a user