Merge
This commit is contained in:
parent
c42861fa1c
commit
51e6bb1f90
2 changed files with 36 additions and 21 deletions
|
@ -50,17 +50,19 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
.disable()
|
||||
// dont authenticate this particular request
|
||||
.authorizeRequests()
|
||||
.antMatchers("/auth/login")
|
||||
.antMatchers(
|
||||
"/auth/login",
|
||||
"/auth/register",
|
||||
"/swagger-ui.html",
|
||||
"/register",
|
||||
"/register/confirm-account",
|
||||
"/v2/api-docs",
|
||||
"/webjars/**",
|
||||
"/swagger-resources/**",
|
||||
"/csrf")
|
||||
.permitAll()
|
||||
.antMatchers("/auth/register")
|
||||
.permitAll()
|
||||
.antMatchers("/register")
|
||||
.permitAll()
|
||||
.antMatchers("/register/confirm-account")
|
||||
.permitAll()
|
||||
.
|
||||
// all other requests need to be authenticated
|
||||
anyRequest()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.
|
||||
|
|
|
@ -5,9 +5,9 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTRequest;
|
|||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTResponse;
|
||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.UserUpdateRequest;
|
||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
||||
import io.swagger.annotations.Authorization;
|
||||
import java.security.Principal;
|
||||
import javax.validation.Valid;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
|
@ -21,18 +21,28 @@ import org.springframework.web.bind.annotation.*;
|
|||
@RequestMapping("/auth")
|
||||
public class AuthenticationController {
|
||||
|
||||
@Autowired private AuthenticationManager authenticationManager;
|
||||
private final AuthenticationManager authenticationManager;
|
||||
|
||||
@Autowired private UserRepository userRepository;
|
||||
private final UserRepository userRepository;
|
||||
|
||||
@Autowired private JWTTokenUtil jwtTokenUtil;
|
||||
private final JWTTokenUtil jwtTokenUtil;
|
||||
|
||||
@Autowired private JWTUserDetailsService userDetailsService;
|
||||
|
||||
@Autowired private UserRepository users;
|
||||
private final JWTUserDetailsService userDetailsService;
|
||||
|
||||
private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||
|
||||
public AuthenticationController(
|
||||
AuthenticationManager authenticationManager,
|
||||
UserRepository userRepository,
|
||||
JWTTokenUtil jwtTokenUtil,
|
||||
JWTUserDetailsService userDetailsService,
|
||||
UserRepository users) {
|
||||
this.authenticationManager = authenticationManager;
|
||||
this.userRepository = userRepository;
|
||||
this.jwtTokenUtil = jwtTokenUtil;
|
||||
this.userDetailsService = userDetailsService;
|
||||
}
|
||||
|
||||
@PostMapping("/login")
|
||||
public JWTResponse login(@RequestBody JWTRequest authenticationRequest) throws Exception {
|
||||
authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword());
|
||||
|
@ -42,15 +52,18 @@ public class AuthenticationController {
|
|||
return new JWTResponse(token);
|
||||
}
|
||||
|
||||
@Authorization(value = "Bearer")
|
||||
@PatchMapping("/update")
|
||||
public User update(@Valid @RequestBody final UserUpdateRequest u, final Principal principal) {
|
||||
public User update(
|
||||
@Valid @RequestBody final UserUpdateRequest userData, final Principal principal) {
|
||||
final User oldUser = userRepository.findByUsername(principal.getName());
|
||||
if (u.getName() != null) oldUser.setName(u.getName());
|
||||
if (u.getEmail() != null) {
|
||||
oldUser.setEmail(u.getEmail());
|
||||
if (userData.getName() != null) oldUser.setName(userData.getName());
|
||||
if (userData.getEmail() != null) {
|
||||
oldUser.setEmail(userData.getEmail());
|
||||
// TODO: handle email verification
|
||||
}
|
||||
if (u.getPassword() != null) oldUser.setPassword(encoder.encode(u.getPassword()));
|
||||
if (userData.getPassword() != null)
|
||||
oldUser.setPassword(encoder.encode(userData.getPassword()));
|
||||
return userRepository.save(oldUser);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue