Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
J
jh-boot
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jan Hrabal
jh-boot
Commits
4a595b2d
Commit
4a595b2d
authored
Aug 02, 2019
by
jhrabal
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
um
parent
450bb536
Show whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
278 additions
and
207 deletions
+278
-207
init.sql
sql/init.sql
+11
-0
AuthService.java
src/main/java/com/jh/common/security/AuthService.java
+5
-8
GrantedRole.java
src/main/java/com/jh/common/security/GrantedRole.java
+21
-0
JhSecurityConfig.java
src/main/java/com/jh/common/security/JhSecurityConfig.java
+15
-18
ResetPassword.java
src/main/java/com/jh/common/security/ResetPassword.java
+0
-61
Signup.java
src/main/java/com/jh/common/security/Signup.java
+0
-75
AuthApiController.java
...in/java/com/jh/common/security/api/AuthApiController.java
+26
-31
ResetPassword.java
src/main/java/com/jh/common/security/api/ResetPassword.java
+46
-0
Signup.java
src/main/java/com/jh/common/security/api/Signup.java
+35
-0
ResetPasswordToken.java
...java/com/jh/common/security/model/ResetPasswordToken.java
+75
-0
AppUserRepository.java
.../com/jh/common/security/repository/AppUserRepository.java
+17
-1
AppUserAuthService.java
...va/com/jh/common/security/service/AppUserAuthService.java
+27
-13
No files found.
sql/init.sql
View file @
4a595b2d
...
@@ -95,3 +95,14 @@ CREATE TABLE APP_USER_ROLE (
...
@@ -95,3 +95,14 @@ CREATE TABLE APP_USER_ROLE (
);
);
CREATE
INDEX
APP_USER_ROLE_IDX
ON
APP_USER_ROLE
(
USER_ID
,
ROLE_ID
);
CREATE
INDEX
APP_USER_ROLE_IDX
ON
APP_USER_ROLE
(
USER_ID
,
ROLE_ID
);
CREATE
TABLE
RESET_PASSWORD_TOKEN
(
ID
INT8
NOT
NULL
,
LOGIN
VARCHAR
(
250
)
NOT
NULL
,
TOKEN
VARCHAR
(
250
)
NOT
NULL
,
USED
BOOLEAN
DEFAULT
FALSE
,
CREATED
TIMESTAMP
,
CONSTRAINT
PK_RESET_PASSWORD_TOKEN
PRIMARY
KEY
(
ID
)
);
CREATE
INDEX
RESET_PASSWORD_TOKEN_LOGIN_IDX
ON
RESET_PASSWORD_TOKEN
(
LOGIN
);
src/main/java/com/jh/common/security/AuthService.java
View file @
4a595b2d
package
com
.
jh
.
common
.
security
;
package
com
.
jh
.
common
.
security
;
import
java.util.List
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.AuthenticationException
;
...
@@ -28,9 +27,8 @@ public interface AuthService {
...
@@ -28,9 +27,8 @@ public interface AuthService {
* Register.
* Register.
*
*
* @param signup the signup
* @param signup the signup
* @return the list
*/
*/
List
<
AuthError
>
register
(
Signup
signup
)
;
void
register
(
String
login
,
String
password
)
throws
AuthenticationException
;
/**
/**
...
@@ -41,15 +39,14 @@ public interface AuthService {
...
@@ -41,15 +39,14 @@ public interface AuthService {
*
*
* @param login
* @param login
*/
*/
void
generateResetToken
(
String
login
);
String
generateResetToken
(
String
login
);
/**
/**
* TODO
* TODO
* @param resetPassword
* @param resetPassword
*
* @throws AuthenticationException TODO
* @return
*/
*/
List
<
AuthError
>
resetPassword
(
ResetPassword
resetPassword
)
;
void
resetPassword
(
String
login
,
String
token
,
String
newPassword
)
throws
AuthenticationException
;
}
}
src/main/java/com/jh/common/security/GrantedRole.java
0 → 100644
View file @
4a595b2d
package
com
.
jh
.
common
.
security
;
import
org.springframework.security.core.GrantedAuthority
;
public
class
GrantedRole
implements
GrantedAuthority
{
private
static
final
long
serialVersionUID
=
1L
;
private
String
role
;
public
GrantedRole
(
String
role
)
{
super
();
this
.
role
=
role
;
}
@Override
public
String
getAuthority
()
{
return
role
;
}
}
src/main/java/com/jh/common/security/JhSecurityConfig.java
View file @
4a595b2d
...
@@ -2,20 +2,17 @@ package com.jh.common.security;
...
@@ -2,20 +2,17 @@ package com.jh.common.security;
import
java.io.IOException
;
import
java.io.IOException
;
import
javax.servlet.ServletException
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.security.authentication.AuthenticationProvider
;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
;
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.AuthenticationException
;
import
org.springframework.security.core.AuthenticationException
;
import
org.springframework.security.web.AuthenticationEntryPoint
;
import
org.springframework.security.web.AuthenticationEntryPoint
;
import
org.springframework.security.web.authentication.AuthenticationSuccessHandler
;
import
org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
;
import
com.jh.common.security.repository.AppUserRepository
;
import
com.jh.common.security.repository.AppUserRepository
;
import
com.jh.common.security.service.AppUserAuthService
;
import
com.jh.common.security.service.AppUserAuthService
;
...
@@ -32,18 +29,21 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -32,18 +29,21 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
*/
*/
@Override
@Override
protected
void
configure
(
HttpSecurity
http
)
throws
Exception
{
protected
void
configure
(
HttpSecurity
http
)
throws
Exception
{
http
HttpSecurity
cfg
=
http
.
authorizeRequests
()
.
authorizeRequests
()
.
antMatchers
(
"/auth/**"
).
permitAll
()
.
antMatchers
(
"/auth/**"
).
permitAll
()
.
anyRequest
().
authenticated
()
.
anyRequest
().
authenticated
()
.
and
()
.
and
()
.
logout
()
.
logout
()
.
clearAuthentication
(
true
)
.
clearAuthentication
(
true
)
.
permitAll
();
.
permitAll
()
.
and
();
cfg
.
httpBasic
();
http
.
csrf
().
disable
();
http
.
csrf
().
disable
();
http
.
exceptionHandling
().
authenticationEntryPoint
(
authenticationEntryPoint
());
http
.
exceptionHandling
().
authenticationEntryPoint
(
authenticationEntryPoint
());
http
.
headers
().
frameOptions
().
sameOrigin
();
http
.
headers
().
frameOptions
().
disable
();
http
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
);
http
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
);
}
}
...
@@ -56,7 +56,7 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -56,7 +56,7 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
*/
*/
@Override
@Override
protected
void
configure
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
protected
void
configure
(
AuthenticationManagerBuilder
auth
)
throws
Exception
{
auth
.
eraseCredentials
(
true
);
auth
.
authenticationProvider
(
authenticationProvider
()
);
}
}
...
@@ -76,20 +76,17 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -76,20 +76,17 @@ public class JhSecurityConfig extends WebSecurityConfigurerAdapter {
};
};
}
}
@Bean
protected
AuthenticationSuccessHandler
authenticationSuccessHandler
()
{
public
AuthenticationProvider
authenticationProvider
()
{
return
new
SimpleUrlAuthenticationSuccessHandler
()
{
return
new
AuthServiceAuthenticationProvider
();
@Override
public
void
onAuthenticationSuccess
(
final
HttpServletRequest
request
,
final
HttpServletResponse
response
,
final
Authentication
authentication
)
throws
ServletException
,
IOException
{
this
.
clearAuthenticationAttributes
(
request
);
}
};
}
}
@Bean
@Bean
public
AuthService
authService
()
{
public
AuthService
authService
()
{
return
new
AppUserAuthService
();
AppUserAuthService
appUserAuthService
=
new
AppUserAuthService
();
appUserAuthService
.
setAppUserRepository
(
appUserRepository
());
return
appUserAuthService
;
}
}
@Bean
@Bean
...
...
src/main/java/com/jh/common/security/ResetPassword.java
deleted
100644 → 0
View file @
450bb536
package
com
.
jh
.
common
.
security
;
/**
* The Class ResetPassword.
*/
public
class
ResetPassword
{
/** The username. */
private
String
username
;
/** The password. */
private
String
password
;
private
String
token
;
/**
* Gets the username.
*
* @return the username
*/
public
String
getUsername
()
{
return
username
;
}
/**
* Sets the username.
*
* @param username the new username
*/
public
void
setUsername
(
String
username
)
{
this
.
username
=
username
;
}
/**
* Gets the password.
*
* @return the password
*/
public
String
getPassword
()
{
return
password
;
}
/**
* Sets the password.
*
* @param password the new password
*/
public
void
setPassword
(
String
password
)
{
this
.
password
=
password
;
}
public
String
getToken
()
{
return
token
;
}
public
void
setToken
(
String
token
)
{
this
.
token
=
token
;
}
}
src/main/java/com/jh/common/security/Signup.java
deleted
100644 → 0
View file @
450bb536
package
com
.
jh
.
common
.
security
;
import
java.util.Locale
;
/**
* The Class Signup.
*/
public
class
Signup
{
/** The username. */
private
String
username
;
/** The password. */
private
String
password
;
/** The locale. */
private
Locale
locale
=
Locale
.
ENGLISH
;
/**
* Gets the username.
*
* @return the username
*/
public
String
getUsername
()
{
return
username
;
}
/**
* Sets the username.
*
* @param username the new username
*/
public
void
setUsername
(
String
username
)
{
this
.
username
=
username
;
}
/**
* Gets the password.
*
* @return the password
*/
public
String
getPassword
()
{
return
password
;
}
/**
* Sets the password.
*
* @param password the new password
*/
public
void
setPassword
(
String
password
)
{
this
.
password
=
password
;
}
/**
* Gets the locale.
*
* @return the locale
*/
public
Locale
getLocale
()
{
return
locale
;
}
/**
* Sets the locale.
*
* @param locale the new locale
*/
public
void
setLocale
(
Locale
locale
)
{
this
.
locale
=
locale
;
}
}
src/main/java/com/jh/common/security/api/AuthApiController.java
View file @
4a595b2d
...
@@ -8,7 +8,6 @@ import java.util.ArrayList;
...
@@ -8,7 +8,6 @@ import java.util.ArrayList;
import
java.util.Base64
;
import
java.util.Base64
;
import
java.util.Collections
;
import
java.util.Collections
;
import
java.util.List
;
import
java.util.List
;
import
java.util.Locale
;
import
javax.servlet.http.HttpSession
;
import
javax.servlet.http.HttpSession
;
...
@@ -30,10 +29,10 @@ import org.springframework.web.bind.annotation.ResponseStatus;
...
@@ -30,10 +29,10 @@ import org.springframework.web.bind.annotation.ResponseStatus;
import
com.jh.common.security.AuthError
;
import
com.jh.common.security.AuthError
;
import
com.jh.common.security.AuthService
;
import
com.jh.common.security.AuthService
;
import
com.jh.common.security.PasswordUtils
;
import
com.jh.common.security.PasswordUtils
;
import
com.jh.common.security.ResetPassword
;
import
com.jh.common.security.Signup
;
import
com.jh.common.utils.Utils
;
import
com.jh.common.utils.Utils
;
import
com.jh.common.web.error.BadRequestException
;
import
com.jh.common.web.error.ErrorMessage
;
import
com.jh.common.web.error.ErrorMessage
;
import
com.jh.common.web.error.NotFoundException
;
import
com.jh.common.web.error.RestApiException
;
import
com.jh.common.web.error.RestApiException
;
/**
/**
...
@@ -101,21 +100,19 @@ public class AuthApiController {
...
@@ -101,21 +100,19 @@ public class AuthApiController {
* @return the response entity
* @return the response entity
*/
*/
@RequestMapping
(
path
=
"/auth/signup"
,
method
=
RequestMethod
.
POST
)
@RequestMapping
(
path
=
"/auth/signup"
,
method
=
RequestMethod
.
POST
)
public
ResponseEntity
<
List
<
AuthError
>>
signup
(
@RequestBody
Signup
signup
,
Locale
locale
)
{
public
@ResponseBody
LoginResponse
signup
(
@RequestBody
Signup
signup
)
{
if
(!
signupEnabled
)
{
if
(!
signupEnabled
)
{
return
ResponseEntity
.
notFound
().
build
();
throw
new
NotFoundException
();
}
}
//validate
//validate
if
(
signup
==
null
)
{
if
(
signup
==
null
)
{
return
new
ResponseEntity
<>(
Collections
.
singletonList
(
new
AuthError
(
null
,
"BadRequest"
)),
HttpStatus
.
BAD_REQUEST
);
throw
new
BadRequestException
(
);
}
}
signup
.
setLocale
(
locale
);
List
<
AuthError
>
errors
=
new
ArrayList
<>();
List
<
AuthError
>
errors
=
new
ArrayList
<>();
//TODO validate email
//TODO validate email
if
(!
StringUtils
.
hasText
(
signup
.
get
Username
()))
{
if
(!
StringUtils
.
hasText
(
signup
.
get
Login
()))
{
errors
.
add
(
new
AuthError
(
"username"
,
"BadUsername"
));
errors
.
add
(
new
AuthError
(
"username"
,
"BadUsername"
));
}
}
...
@@ -123,26 +120,22 @@ public class AuthApiController {
...
@@ -123,26 +120,22 @@ public class AuthApiController {
errors
.
add
(
new
AuthError
(
"password"
,
"BadPassword"
));
errors
.
add
(
new
AuthError
(
"password"
,
"BadPassword"
));
}
}
try
{
if
(!
errors
.
isEmpty
())
{
List
<
AuthError
>
errs
=
authService
.
register
(
signup
);
// throw new BadRequestException(errors);
if
(
errs
==
null
||
errs
.
isEmpty
())
{
throw
new
BadRequestException
();
Authentication
auth
=
authService
.
authenticate
(
signup
.
getUsername
(),
signup
.
getPassword
());
SecurityContextHolder
.
getContext
().
setAuthentication
(
auth
);
}
else
{
errors
.
addAll
(
errs
);
}
}
try
{
authService
.
register
(
signup
.
getLogin
(),
signup
.
getPassword
());
// Authentication auth = authService.authenticate(signup.getLogin(), signup.getPassword());
// SecurityContextHolder.getContext().setAuthentication(auth);
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
e
.
printStackTrace
();
errors
.
add
(
new
AuthError
(
null
,
e
.
getMessage
()));
errors
.
add
(
new
AuthError
(
null
,
e
.
getMessage
()));
}
}
//everything was OK - log user in
return
new
LoginResponse
(
"Authentication"
,
"Basic "
+
Base64
.
getEncoder
().
encodeToString
((
signup
.
getLogin
()
+
":"
+
signup
.
getPassword
()).
getBytes
()));
if
(
errors
.
isEmpty
())
{
//return no errors
return
new
ResponseEntity
<>(
HttpStatus
.
NO_CONTENT
);
}
return
new
ResponseEntity
<>(
errors
,
HttpStatus
.
BAD_REQUEST
);
}
}
...
@@ -151,7 +144,8 @@ public class AuthApiController {
...
@@ -151,7 +144,8 @@ public class AuthApiController {
if
(!
resetEnabled
)
{
if
(!
resetEnabled
)
{
return
ResponseEntity
.
notFound
().
build
();
return
ResponseEntity
.
notFound
().
build
();
}
}
authService
.
generateResetToken
(
request
.
getUsername
());
Utils
.
sleep
(
250
);
authService
.
generateResetToken
(
request
.
getLogin
());
return
ResponseEntity
.
accepted
().
build
();
return
ResponseEntity
.
accepted
().
build
();
}
}
...
@@ -161,6 +155,7 @@ public class AuthApiController {
...
@@ -161,6 +155,7 @@ public class AuthApiController {
if
(!
resetEnabled
)
{
if
(!
resetEnabled
)
{
return
ResponseEntity
.
notFound
().
build
();
return
ResponseEntity
.
notFound
().
build
();
}
}
Utils
.
sleep
(
250
);
String
token
=
resetPassword
.
getToken
();
String
token
=
resetPassword
.
getToken
();
if
(!
StringUtils
.
hasText
(
token
))
{
if
(!
StringUtils
.
hasText
(
token
))
{
return
new
ResponseEntity
<>(
Collections
.
singletonList
(
new
AuthError
(
null
,
"BadRequest"
)),
HttpStatus
.
BAD_REQUEST
);
return
new
ResponseEntity
<>(
Collections
.
singletonList
(
new
AuthError
(
null
,
"BadRequest"
)),
HttpStatus
.
BAD_REQUEST
);
...
@@ -169,13 +164,13 @@ public class AuthApiController {
...
@@ -169,13 +164,13 @@ public class AuthApiController {
List
<
AuthError
>
errors
=
new
ArrayList
<>();
List
<
AuthError
>
errors
=
new
ArrayList
<>();
try
{
try
{
List
<
AuthError
>
errs
=
authService
.
resetPassword
(
resetPassword
);
authService
.
resetPassword
(
resetPassword
.
getLogin
(),
resetPassword
.
getToken
(),
resetPassword
.
getPassword
()
);
if
(
errs
==
null
||
errs
.
isEmpty
())
{
//
if (errs == null || errs.isEmpty()) {
Authentication
auth
=
authService
.
authenticate
(
resetPassword
.
getUsername
(),
resetPassword
.
getPassword
());
// Authentication auth = authService.authenticate(resetPassword.getLogin
(), resetPassword.getPassword());
SecurityContextHolder
.
getContext
().
setAuthentication
(
auth
);
//
SecurityContextHolder.getContext().setAuthentication(auth);
}
else
{
//
} else {
errors
.
addAll
(
errs
);
//
errors.addAll(errs);
}
//
}
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
e
.
printStackTrace
();
errors
.
add
(
new
AuthError
(
null
,
e
.
getMessage
()));
errors
.
add
(
new
AuthError
(
null
,
e
.
getMessage
()));
...
...
src/main/java/com/jh/common/security/api/ResetPassword.java
0 → 100644
View file @
4a595b2d
package
com
.
jh
.
common
.
security
.
api
;
public
class
ResetPassword
{
private
String
login
;
private
String
token
;
private
String
password
;
public
ResetPassword
()
{
super
();
}
public
ResetPassword
(
String
login
,
String
token
,
String
password
)
{
super
();
this
.
login
=
login
;
this
.
token
=
token
;
}
public
String
getLogin
()
{
return
login
;
}
public
void
setLogin
(
String
login
)
{
this
.
login
=
login
;
}
public
String
getToken
()
{
return
token
;
}
public
void
setToken
(
String
password
)
{
this
.
token
=
password
;
}
public
String
getPassword
()
{
return
password
;
}
public
void
setPassword
(
String
password
)
{
this
.
password
=
password
;
}
}
src/main/java/com/jh/common/security/api/Signup.java
0 → 100644
View file @
4a595b2d
package
com
.
jh
.
common
.
security
.
api
;
public
class
Signup
{
private
String
login
;
private
String
password
;
public
Signup
()
{
super
();
}
public
Signup
(
String
login
,
String
password
)
{
super
();
this
.
login
=
login
;
this
.
password
=
password
;
}
public
String
getLogin
()
{
return
login
;
}
public
void
setLogin
(
String
login
)
{
this
.
login
=
login
;
}
public
String
getPassword
()
{
return
password
;
}
public
void
setPassword
(
String
password
)
{
this
.
password
=
password
;
}
}
src/main/java/com/jh/common/security/model/ResetPasswordToken.java
0 → 100644
View file @
4a595b2d
package
com
.
jh
.
common
.
security
.
model
;
import
java.util.Date
;
import
javax.persistence.Column
;
import
javax.persistence.Entity
;
import
javax.persistence.Table
;
import
com.jh.common.jpa.AbstractIdEntity
;
@Entity
@Table
(
name
=
"RESET_PASSWORD_TOKEN"
)
public
class
ResetPasswordToken
extends
AbstractIdEntity
{
private
static
final
long
serialVersionUID
=
1L
;
@Column
(
name
=
"LOGIN"
)
private
String
login
;
@Column
(
name
=
"CREATED"
)
private
Date
created
;
@Column
(
name
=
"TOKEN"
)
private
String
token
;
@Column
(
name
=
"USED"
)
private
Boolean
used
;
public
ResetPasswordToken
()
{
super
();
}
public
ResetPasswordToken
(
String
login
,
Date
created
,
String
token
)
{
super
();
this
.
login
=
login
;
this
.
created
=
created
;
this
.
token
=
token
;
}
public
String
getLogin
()
{
return
login
;
}
public
void
setLogin
(
String
login
)
{
this
.
login
=
login
;
}
public
Date
getCreated
()
{
return
created
;
}
public
void
setCreated
(
Date
created
)
{
this
.
created
=
created
;
}
public
String
getToken
()
{
return
token
;
}
public
void
setToken
(
String
token
)
{
this
.
token
=
token
;
}
public
Boolean
getUsed
()
{
return
used
;
}
public
void
setUsed
(
Boolean
used
)
{
this
.
used
=
used
;
}
}
src/main/java/com/jh/common/security/repository/AppUserRepository.java
View file @
4a595b2d
...
@@ -5,12 +5,14 @@ import javax.persistence.Query;
...
@@ -5,12 +5,14 @@ import javax.persistence.Query;
import
org.springframework.util.StringUtils
;
import
org.springframework.util.StringUtils
;
import
com.jh.common.jpa.AbstractHibernateRepository
;
import
com.jh.common.jpa.AbstractHibernateRepository
;
import
com.jh.common.security.PasswordHash
;
import
com.jh.common.security.PasswordUtils
;
import
com.jh.common.security.model.AppUser
;
import
com.jh.common.security.model.AppUser
;
public
class
AppUserRepository
extends
AbstractHibernateRepository
{
public
class
AppUserRepository
extends
AbstractHibernateRepository
{
public
AppUser
findBy
Username
(
String
username
)
{
public
AppUser
findBy
Login
(
String
username
)
{
if
(!
StringUtils
.
hasText
(
username
))
{
if
(!
StringUtils
.
hasText
(
username
))
{
return
null
;
return
null
;
}
}
...
@@ -19,4 +21,18 @@ public class AppUserRepository extends AbstractHibernateRepository {
...
@@ -19,4 +21,18 @@ public class AppUserRepository extends AbstractHibernateRepository {
return
singleResult
(
q
);
return
singleResult
(
q
);
}
}
public
AppUser
registerUser
(
String
username
,
String
password
)
{
AppUser
user
=
new
AppUser
();
user
.
setEmail
(
username
);
PasswordHash
hash
=
PasswordUtils
.
hashPassword
(
password
);
user
.
setPassword
(
hash
.
getHash
());
user
.
setPasswordSalt
(
hash
.
getSalt
());
entityManager
.
persist
(
user
);
return
user
;
}
}
}
src/main/java/com/jh/common/security/service/AppUserAuthService.java
View file @
4a595b2d
package
com
.
jh
.
common
.
security
.
service
;
package
com
.
jh
.
common
.
security
.
service
;
import
java.util.List
;
import
java.util.HashSet
;
import
java.util.Set
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.AuthenticationException
;
import
org.springframework.transaction.annotation.Transactional
;
import
org.springframework.transaction.annotation.Transactional
;
import
org.springframework.util.StringUtils
;
import
com.jh.common.security.AuthError
;
import
com.jh.common.security.AuthService
;
import
com.jh.common.security.AuthService
;
import
com.jh.common.security.GrantedRole
;
import
com.jh.common.security.PasswordUtils
;
import
com.jh.common.security.PasswordUtils
;
import
com.jh.common.security.ResetPassword
;
import
com.jh.common.security.Signup
;
import
com.jh.common.security.model.AppUser
;
import
com.jh.common.security.model.AppUser
;
import
com.jh.common.security.repository.AppUserRepository
;
import
com.jh.common.security.repository.AppUserRepository
;
...
@@ -25,30 +26,43 @@ public class AppUserAuthService implements AuthService {
...
@@ -25,30 +26,43 @@ public class AppUserAuthService implements AuthService {
@Override
@Override
@Transactional
@Transactional
public
Authentication
authenticate
(
String
username
,
String
password
)
throws
BadCredentialsException
{
public
Authentication
authenticate
(
String
login
,
String
password
)
throws
BadCredentialsException
{
AppUser
user
=
appUserRepository
.
findBy
Username
(
username
);
AppUser
user
=
appUserRepository
.
findBy
Login
(
login
);
if
(
user
==
null
)
{
if
(
user
==
null
)
{
throw
new
BadCredentialsException
(
"User not found"
);
throw
new
BadCredentialsException
(
"User not found"
);
}
}
if
(!
PasswordUtils
.
checkPassword
(
password
,
user
.
getPassword
(),
user
.
getPasswordSalt
()))
{
if
(!
PasswordUtils
.
checkPassword
(
password
,
user
.
getPassword
(),
user
.
getPasswordSalt
()))
{
throw
new
BadCredentialsException
(
"Bad password"
);
throw
new
BadCredentialsException
(
"Bad password"
);
}
}
return
new
UsernamePasswordAuthenticationToken
(
user
.
getEmail
(),
user
.
getPassword
());
Set
<
GrantedRole
>
roles
=
new
HashSet
<>();
UsernamePasswordAuthenticationToken
auth
=
new
UsernamePasswordAuthenticationToken
(
user
.
getEmail
(),
user
.
getPassword
(),
roles
);
return
auth
;
}
}
@Override
@Override
public
List
<
AuthError
>
register
(
Signup
signup
)
{
@Transactional
return
null
;
public
void
register
(
String
login
,
String
password
)
throws
AuthenticationException
{
AppUser
user
=
appUserRepository
.
findByLogin
(
login
);
if
(
user
!=
null
)
{
throw
new
BadCredentialsException
(
"User already exists"
);
}
if
(!
StringUtils
.
hasText
(
login
)
||
!
StringUtils
.
hasText
(
password
))
{
throw
new
BadCredentialsException
(
"Bad username or password"
);
}
appUserRepository
.
registerUser
(
login
,
password
);
}
}
@Override
@Override
public
void
generateResetToken
(
String
login
)
{
@Transactional
public
String
generateResetToken
(
String
login
)
{
return
"TOKEN"
;
}
}
@Override
@Override
public
List
<
AuthError
>
resetPassword
(
ResetPassword
resetPassword
)
{
@Transactional
return
null
;
public
void
resetPassword
(
String
login
,
String
token
,
String
newPassword
)
throws
AuthenticationException
{
}
}
@Autowired
(
required
=
false
)
@Autowired
(
required
=
false
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment