Commit 02308d41 authored by kasmiii's avatar kasmiii
Browse files

basic authentication

parent 1dc84f78
package com.example.server.config.security;
import com.example.server.model.user.UserEntity;
import com.example.server.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import java.util.Arrays;
import java.util.List;
@Component
public class MongoUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserEntity user = userRepository.findUserEntityByUserName(username);
if (user == null) {
throw new UsernameNotFoundException("User not found");
}
List<SimpleGrantedAuthority> authorities = Arrays.asList(new SimpleGrantedAuthority("user"));
return new User(user.getUserName(), user.getPassword(), authorities);
}
}
......@@ -3,12 +3,15 @@ package com.example.server.config.security;
import com.example.server.model.user.User;
import com.example.server.model.user.UserEntity;
import com.example.server.utils.Const;
import com.example.server.utils.Encoders;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import java.util.List;
import java.util.stream.Collectors;
......@@ -18,6 +21,10 @@ import java.util.stream.Stream;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
MongoUserDetailsService userDetailsService;
private final List<User> users = Stream.of(
new UserEntity("Diallo", "Mamadou", "greer", "Greer", Const.ADMIN),
new UserEntity("Dupont", "Jean Pierre", "jdupont", "Jdupont", Const.USER),
......@@ -26,15 +33,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
User user = new UserEntity("Diallo", "Mamadou", "greer", "Greer", Const.ADMIN);
auth.inMemoryAuthentication().withUser(user.getUserName())
.password(Encoders.userPasswordEncoder().encode(user.getPassword()))
.roles(user.getRole());
// User user = new UserEntity("Diallo", "Mamadou", "greer", "Greer", Const.ADMIN);
// auth.inMemoryAuthentication().withUser(user.getUserName())
// .password(Encoders.userPasswordEncoder().encode(user.getPassword()))
// .roles(user.getRole());
//
// auth.jdbcAuthentication()
// .dataSource(dataSource)
// .usersByUsernameQuery()
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
http.formLogin().and()
.csrf().disable()
.authorizeRequests()
.antMatchers("/api/admin/**").hasRole(Const.ADMIN)
......@@ -42,9 +54,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/api/user/**").permitAll()
.antMatchers("/api/post/**").permitAll()
.antMatchers("/api/comment/**").permitAll()
.antMatchers("/api/login*").permitAll()
.antMatchers("/api").permitAll()
.anyRequest().authenticated();
.antMatchers("/api/login").permitAll()
.antMatchers("/api").permitAll();
// .anyRequest().authenticated();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
package com.example.server.controller;
import com.example.server.model.Role;
import com.example.server.model.user.UserEntity;
import com.example.server.repository.UserRepository;
import com.example.server.services.user.UserService;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
......@@ -19,7 +22,7 @@ public class UserController {
private final UserService userService;
private final ObjectMapper mapper = new ObjectMapper();
private final UserRepository userRepository;
@PostMapping("/add")
public ResponseEntity<UserEntity> add(@RequestBody JsonNode jsonNode) throws JsonProcessingException {
......@@ -54,4 +57,21 @@ public class UserController {
userService.deleteAll();
return ResponseEntity.ok("All users Deleted successfully");
}
//just for testing...
@PostMapping("/saveUsers")
public void saveUsers(){
UserEntity user1=new UserEntity();
user1.setUserName("mohammed");
user1.setUserName("kasmi");
user1.setRole(Role.USER.name());
UserEntity user2=new UserEntity();
user1.setUserName("mohammed2");
user1.setUserName("kasmi2");
user1.setRole(Role.USER.name());
userRepository.save(user1);
userRepository.save(user2);
}
}
......@@ -4,12 +4,14 @@ package com.example.server.repository;
import com.example.server.model.user.UserEntity;
import org.springframework.data.mongodb.repository.MongoRepository;
import org.springframework.stereotype.Repository;
import org.springframework.web.bind.annotation.RequestParam;
@Repository
public interface UserRepository extends MongoRepository<UserEntity, String> {
UserEntity getUserByUserName(String userName);
// UserEntity getUserByUserName(String userName);
UserEntity findUserEntityByUserName(String userName);
UserEntity getUserById(String id);
UserEntity getUserEntityByUserName(String username);
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment