Merge
This commit is contained in:
parent
c42861fa1c
commit
51e6bb1f90
2 changed files with 36 additions and 21 deletions
|
|
@ -50,17 +50,19 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
.disable()
|
.disable()
|
||||||
// dont authenticate this particular request
|
// dont authenticate this particular request
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers("/auth/login")
|
.antMatchers(
|
||||||
|
"/auth/login",
|
||||||
|
"/auth/register",
|
||||||
|
"/swagger-ui.html",
|
||||||
|
"/register",
|
||||||
|
"/register/confirm-account",
|
||||||
|
"/v2/api-docs",
|
||||||
|
"/webjars/**",
|
||||||
|
"/swagger-resources/**",
|
||||||
|
"/csrf")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.antMatchers("/auth/register")
|
|
||||||
.permitAll()
|
|
||||||
.antMatchers("/register")
|
|
||||||
.permitAll()
|
|
||||||
.antMatchers("/register/confirm-account")
|
|
||||||
.permitAll()
|
|
||||||
.
|
|
||||||
// all other requests need to be authenticated
|
// all other requests need to be authenticated
|
||||||
anyRequest()
|
.anyRequest()
|
||||||
.authenticated()
|
.authenticated()
|
||||||
.and()
|
.and()
|
||||||
.
|
.
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,9 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTResponse;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTResponse;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.UserUpdateRequest;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.UserUpdateRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
||||||
|
import io.swagger.annotations.Authorization;
|
||||||
import java.security.Principal;
|
import java.security.Principal;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.BadCredentialsException;
|
import org.springframework.security.authentication.BadCredentialsException;
|
||||||
import org.springframework.security.authentication.DisabledException;
|
import org.springframework.security.authentication.DisabledException;
|
||||||
|
|
@ -21,18 +21,28 @@ import org.springframework.web.bind.annotation.*;
|
||||||
@RequestMapping("/auth")
|
@RequestMapping("/auth")
|
||||||
public class AuthenticationController {
|
public class AuthenticationController {
|
||||||
|
|
||||||
@Autowired private AuthenticationManager authenticationManager;
|
private final AuthenticationManager authenticationManager;
|
||||||
|
|
||||||
@Autowired private UserRepository userRepository;
|
private final UserRepository userRepository;
|
||||||
|
|
||||||
@Autowired private JWTTokenUtil jwtTokenUtil;
|
private final JWTTokenUtil jwtTokenUtil;
|
||||||
|
|
||||||
@Autowired private JWTUserDetailsService userDetailsService;
|
private final JWTUserDetailsService userDetailsService;
|
||||||
|
|
||||||
@Autowired private UserRepository users;
|
|
||||||
|
|
||||||
private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||||
|
|
||||||
|
public AuthenticationController(
|
||||||
|
AuthenticationManager authenticationManager,
|
||||||
|
UserRepository userRepository,
|
||||||
|
JWTTokenUtil jwtTokenUtil,
|
||||||
|
JWTUserDetailsService userDetailsService,
|
||||||
|
UserRepository users) {
|
||||||
|
this.authenticationManager = authenticationManager;
|
||||||
|
this.userRepository = userRepository;
|
||||||
|
this.jwtTokenUtil = jwtTokenUtil;
|
||||||
|
this.userDetailsService = userDetailsService;
|
||||||
|
}
|
||||||
|
|
||||||
@PostMapping("/login")
|
@PostMapping("/login")
|
||||||
public JWTResponse login(@RequestBody JWTRequest authenticationRequest) throws Exception {
|
public JWTResponse login(@RequestBody JWTRequest authenticationRequest) throws Exception {
|
||||||
authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword());
|
authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword());
|
||||||
|
|
@ -42,15 +52,18 @@ public class AuthenticationController {
|
||||||
return new JWTResponse(token);
|
return new JWTResponse(token);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Authorization(value = "Bearer")
|
||||||
@PatchMapping("/update")
|
@PatchMapping("/update")
|
||||||
public User update(@Valid @RequestBody final UserUpdateRequest u, final Principal principal) {
|
public User update(
|
||||||
|
@Valid @RequestBody final UserUpdateRequest userData, final Principal principal) {
|
||||||
final User oldUser = userRepository.findByUsername(principal.getName());
|
final User oldUser = userRepository.findByUsername(principal.getName());
|
||||||
if (u.getName() != null) oldUser.setName(u.getName());
|
if (userData.getName() != null) oldUser.setName(userData.getName());
|
||||||
if (u.getEmail() != null) {
|
if (userData.getEmail() != null) {
|
||||||
oldUser.setEmail(u.getEmail());
|
oldUser.setEmail(userData.getEmail());
|
||||||
// TODO: handle email verification
|
// TODO: handle email verification
|
||||||
}
|
}
|
||||||
if (u.getPassword() != null) oldUser.setPassword(encoder.encode(u.getPassword()));
|
if (userData.getPassword() != null)
|
||||||
|
oldUser.setPassword(encoder.encode(userData.getPassword()));
|
||||||
return userRepository.save(oldUser);
|
return userRepository.save(oldUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue