Revize d411f143
Přidáno uživatelem Vojtěch Danišík před asi 4 roky(ů)
| src/main/java/vldc/aswi/configuration/AppConfig.java | ||
|---|---|---|
| 6 | 6 |
import org.springframework.context.annotation.Bean; |
| 7 | 7 |
import org.springframework.context.annotation.ComponentScan; |
| 8 | 8 |
import org.springframework.context.annotation.Configuration; |
| 9 |
import org.springframework.http.HttpMethod; |
|
| 9 | 10 |
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
| 10 | 11 |
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
| 11 | 12 |
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
| 12 | 13 |
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
| 13 | 14 |
import org.springframework.security.core.userdetails.UserDetailsService; |
| 14 | 15 |
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
| 16 |
import org.springframework.security.crypto.password.DelegatingPasswordEncoder; |
|
| 17 |
import org.springframework.security.crypto.password.NoOpPasswordEncoder; |
|
| 15 | 18 |
import org.springframework.security.crypto.password.PasswordEncoder; |
| 19 |
import org.springframework.security.web.util.matcher.RegexRequestMatcher; |
|
| 16 | 20 |
import org.springframework.web.servlet.config.annotation.EnableWebMvc; |
| 17 | 21 |
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; |
| 18 | 22 |
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; |
| ... | ... | |
| 69 | 73 |
return viewResolver; |
| 70 | 74 |
} |
| 71 | 75 |
|
| 76 |
|
|
| 72 | 77 |
@Bean |
| 73 | 78 |
public PasswordEncoder passwordEncoder() {
|
| 74 | 79 |
return new BCryptPasswordEncoder(); |
| ... | ... | |
| 76 | 81 |
|
| 77 | 82 |
@Override |
| 78 | 83 |
protected void configure(HttpSecurity http) throws Exception {
|
| 79 |
/* |
|
| 80 | 84 |
http |
| 81 | 85 |
.authorizeRequests() |
| 82 | 86 |
.mvcMatchers("/login").permitAll()
|
| ... | ... | |
| 86 | 90 |
.formLogin() |
| 87 | 91 |
.loginPage("/login")
|
| 88 | 92 |
.permitAll() |
| 89 |
.defaultSuccessUrl("/")
|
|
| 93 |
.defaultSuccessUrl("/", true)
|
|
| 90 | 94 |
.and() |
| 91 | 95 |
.logout() |
| 92 | 96 |
.logoutRequestMatcher(new RegexRequestMatcher("/logout", "GET"))
|
| 93 | 97 |
.invalidateHttpSession(true) |
| 94 | 98 |
.deleteCookies("JSESSIONID")
|
| 95 | 99 |
.permitAll(); |
| 96 |
*/ |
|
| 97 | 100 |
} |
| 98 | 101 |
|
| 99 | 102 |
@Override |
| ... | ... | |
| 108 | 111 |
registry |
| 109 | 112 |
.addResourceHandler("/css/**")
|
| 110 | 113 |
.addResourceLocations("/css/");
|
| 111 |
|
|
| 112 | 114 |
registry |
| 113 |
.addResourceHandler("/js/**")
|
|
| 114 |
.addResourceLocations("/js/");
|
|
| 115 |
.addResourceHandler("/js/**")
|
|
| 116 |
.addResourceLocations("/js/");
|
|
| 115 | 117 |
registry |
| 116 | 118 |
.addResourceHandler("/webfonts/**")
|
| 117 | 119 |
.addResourceLocations("/webfonts/");
|
| src/main/java/vldc/aswi/dao/UserRepository.java | ||
|---|---|---|
| 16 | 16 |
* @return User if ID is present in database. |
| 17 | 17 |
*/ |
| 18 | 18 |
User getById(Long Id); |
| 19 |
|
|
| 20 |
/** |
|
| 21 |
* Find User by his username. |
|
| 22 |
* @param username user's username. |
|
| 23 |
* @return User if username is presented in database. |
|
| 24 |
*/ |
|
| 25 |
User findByUsername(String username); |
|
| 19 | 26 |
} |
| src/main/java/vldc/aswi/domain/User.java | ||
|---|---|---|
| 27 | 27 |
private String password; |
| 28 | 28 |
|
| 29 | 29 |
/** Role of user. */ |
| 30 |
@ManyToOne(fetch=FetchType.LAZY)
|
|
| 30 |
@ManyToOne(fetch=FetchType.EAGER)
|
|
| 31 | 31 |
@JoinColumn(name = "role_id") |
| 32 | 32 |
private Role role; |
| 33 | 33 |
|
| src/main/java/vldc/aswi/model/login/WebCredentials.java | ||
|---|---|---|
| 1 |
package vldc.aswi.model.login; |
|
| 2 |
|
|
| 3 |
import java.util.Collection; |
|
| 4 |
import java.util.LinkedList; |
|
| 5 |
import java.util.stream.Collectors; |
|
| 6 |
|
|
| 7 |
import org.springframework.security.core.GrantedAuthority; |
|
| 8 |
import org.springframework.security.core.authority.SimpleGrantedAuthority; |
|
| 9 |
import org.springframework.security.core.userdetails.UserDetails; |
|
| 10 |
|
|
| 11 |
/** |
|
| 12 |
* Model used in spring security representing user credentials saved in session. |
|
| 13 |
*/ |
|
| 14 |
public class WebCredentials implements UserDetails {
|
|
| 15 |
|
|
| 16 |
private static final long serialVersionUID = 26298569253774237L; |
|
| 17 |
|
|
| 18 |
private final String username; |
|
| 19 |
private final String password; |
|
| 20 |
private Collection<String> roles; |
|
| 21 |
|
|
| 22 |
/** |
|
| 23 |
* Constructor. |
|
| 24 |
* @param username Username of user. |
|
| 25 |
* @param password Password of user. |
|
| 26 |
*/ |
|
| 27 |
public WebCredentials(String username, String password) {
|
|
| 28 |
this.username = username; |
|
| 29 |
this.password = password; |
|
| 30 |
this.roles = new LinkedList<>(); |
|
| 31 |
} |
|
| 32 |
|
|
| 33 |
/** |
|
| 34 |
* Get authorities for logged User. |
|
| 35 |
* @return List of roles. |
|
| 36 |
*/ |
|
| 37 |
@Override |
|
| 38 |
public Collection<? extends GrantedAuthority> getAuthorities() {
|
|
| 39 |
return this.roles |
|
| 40 |
.stream() |
|
| 41 |
.map(SimpleGrantedAuthority::new) |
|
| 42 |
.collect(Collectors.toList()); |
|
| 43 |
} |
|
| 44 |
|
|
| 45 |
/** |
|
| 46 |
* Get logged user password. |
|
| 47 |
* @return User password. |
|
| 48 |
*/ |
|
| 49 |
@Override |
|
| 50 |
public String getPassword() {
|
|
| 51 |
return this.password; |
|
| 52 |
} |
|
| 53 |
|
|
| 54 |
/** |
|
| 55 |
* Get logged user username. |
|
| 56 |
* @return User username. |
|
| 57 |
*/ |
|
| 58 |
@Override |
|
| 59 |
public String getUsername() {
|
|
| 60 |
return this.username; |
|
| 61 |
} |
|
| 62 |
|
|
| 63 |
/** |
|
| 64 |
* Check if account is non expired. |
|
| 65 |
* @return True. |
|
| 66 |
*/ |
|
| 67 |
@Override |
|
| 68 |
public boolean isAccountNonExpired() {
|
|
| 69 |
return true; |
|
| 70 |
} |
|
| 71 |
|
|
| 72 |
/** |
|
| 73 |
* Check if account is non locked. |
|
| 74 |
* @return True. |
|
| 75 |
*/ |
|
| 76 |
@Override |
|
| 77 |
public boolean isAccountNonLocked() {
|
|
| 78 |
return true; |
|
| 79 |
} |
|
| 80 |
|
|
| 81 |
/** |
|
| 82 |
* Check if Credentials non expired. |
|
| 83 |
* @return True. |
|
| 84 |
*/ |
|
| 85 |
@Override |
|
| 86 |
public boolean isCredentialsNonExpired() {
|
|
| 87 |
return true; |
|
| 88 |
} |
|
| 89 |
|
|
| 90 |
/** |
|
| 91 |
* Check if user is enabled. |
|
| 92 |
* @return True. |
|
| 93 |
*/ |
|
| 94 |
@Override |
|
| 95 |
public boolean isEnabled() {
|
|
| 96 |
return true; |
|
| 97 |
} |
|
| 98 |
|
|
| 99 |
/** |
|
| 100 |
* Add role for user in webcredentials object. |
|
| 101 |
* @param role new role for user. |
|
| 102 |
*/ |
|
| 103 |
public void addRole(String role) {
|
|
| 104 |
this.roles.add(role); |
|
| 105 |
} |
|
| 106 |
|
|
| 107 |
} |
|
| src/main/java/vldc/aswi/service/UserManager.java | ||
|---|---|---|
| 21 | 21 |
* @param password - password for user. |
| 22 | 22 |
* @return ID of newly created user. |
| 23 | 23 |
*/ |
| 24 |
Long addUser(String username, String password); |
|
| 24 |
Long addUser(String username, String password, Long roleId);
|
|
| 25 | 25 |
} |
| src/main/java/vldc/aswi/service/UserManagerImpl.java | ||
|---|---|---|
| 5 | 5 |
import org.springframework.context.event.ContextRefreshedEvent; |
| 6 | 6 |
import org.springframework.context.event.EventListener; |
| 7 | 7 |
import org.springframework.core.annotation.Order; |
| 8 |
import org.springframework.security.core.userdetails.UserDetails; |
|
| 9 |
import org.springframework.security.core.userdetails.UserDetailsService; |
|
| 10 |
import org.springframework.security.core.userdetails.UsernameNotFoundException; |
|
| 11 |
import org.springframework.security.crypto.password.PasswordEncoder; |
|
| 8 | 12 |
import org.springframework.stereotype.Service; |
| 9 | 13 |
import vldc.aswi.dao.RoleRepository; |
| 10 | 14 |
import vldc.aswi.dao.UserRepository; |
| 11 | 15 |
import vldc.aswi.domain.User; |
| 16 |
import vldc.aswi.model.login.WebCredentials; |
|
| 12 | 17 |
|
| 13 | 18 |
import javax.transaction.Transactional; |
| 14 | 19 |
import java.util.LinkedList; |
| ... | ... | |
| 19 | 24 |
*/ |
| 20 | 25 |
@Service |
| 21 | 26 |
@Slf4j |
| 22 |
public class UserManagerImpl implements UserManager {
|
|
| 27 |
public class UserManagerImpl implements UserManager, UserDetailsService {
|
|
| 28 |
|
|
| 29 |
@Autowired |
|
| 30 |
private PasswordEncoder encoder; |
|
| 23 | 31 |
|
| 24 | 32 |
/** Autowired user repository. */ |
| 25 | 33 |
@Autowired |
| ... | ... | |
| 32 | 40 |
/** |
| 33 | 41 |
* Initialization setup for user manager. Check if user repository contains records and if not, initialize default values. |
| 34 | 42 |
*/ |
| 35 |
/* |
|
| 36 | 43 |
@EventListener(classes = {
|
| 37 | 44 |
ContextRefreshedEvent.class |
| 38 | 45 |
}) |
| ... | ... | |
| 40 | 47 |
@Transactional |
| 41 | 48 |
public void setup() {
|
| 42 | 49 |
if (this.userRepository.count() == 0) {
|
| 43 |
log.info("No user present, creating 'admin', 'referentka', 'prorektor'.");
|
|
| 44 |
Long idAdmin = this.addUser("admin", "admin");
|
|
| 45 |
Long idReferentka = this.addUser("referentka", "referentka");
|
|
| 46 |
Long idProrektor = this.addUser("prorektor", "prorektor");
|
|
| 47 |
|
|
| 48 |
User admin = this.userRepository.getById(idAdmin); |
|
| 49 |
User referentka = this.userRepository.getById(idReferentka); |
|
| 50 |
User prorektor = this.userRepository.getById(idProrektor); |
|
| 51 |
|
|
| 52 |
//admin.setRole(); |
|
| 50 |
log.info("No user present");
|
|
| 51 |
/* |
|
| 52 |
this.addUser("administrator", "demo", (long) 1);
|
|
| 53 |
this.addUser("fakulta", "demo", (long) 2);
|
|
| 54 |
this.addUser("referentka", "demo", (long) 3);
|
|
| 55 |
this.addUser("prorektor", "demo", (long) 4);
|
|
| 56 |
*/ |
|
| 53 | 57 |
} |
| 54 | 58 |
} |
| 59 |
|
|
| 60 |
/** |
|
| 61 |
* Load user details by his username. |
|
| 62 |
* @param username Username of user. |
|
| 63 |
* @return UserDetails of user. |
|
| 64 |
* @throws UsernameNotFoundException Exception. |
|
| 55 | 65 |
*/ |
| 66 |
@Override |
|
| 67 |
@Transactional |
|
| 68 |
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
|
| 69 |
User user = this.userRepository.findByUsername(username); |
|
| 70 |
if (user == null) {
|
|
| 71 |
throw new UsernameNotFoundException("Invalid username!");
|
|
| 72 |
} |
|
| 73 |
|
|
| 74 |
WebCredentials credentials = new WebCredentials(user.getUsername(), user.getPassword()); |
|
| 75 |
credentials.addRole(user.getRole().getName()); |
|
| 76 |
|
|
| 77 |
return credentials; |
|
| 78 |
} |
|
| 56 | 79 |
|
| 57 | 80 |
/** |
| 58 | 81 |
* Get all users from database. |
| ... | ... | |
| 72 | 95 |
* @return ID of newly created user. |
| 73 | 96 |
*/ |
| 74 | 97 |
@Override |
| 75 |
public Long addUser(String username, String password) {
|
|
| 76 |
User user = new User(username, password); |
|
| 98 |
public Long addUser(String username, String password, Long roleId) {
|
|
| 99 |
String hashed = this.encoder.encode(password); |
|
| 100 |
User user = new User(username, hashed); |
|
| 101 |
user.setRole(this.roleRepository.getById(roleId)); |
|
| 77 | 102 |
this.userRepository.save(user); |
| 78 | 103 |
return user.getId(); |
| 79 | 104 |
} |
| src/main/java/vldc/aswi/service/parameter/ParameterManagerImpl.java | ||
|---|---|---|
| 231 | 231 |
* @param parameterValuesList - List of updated parameters. |
| 232 | 232 |
*/ |
| 233 | 233 |
private void updateParameters(List<Parameter> parameterValuesList) {
|
| 234 |
for (Parameter parameterValues : parameterValuesList) {
|
|
| 234 |
for (Parameter parameterWithValues : parameterValuesList) {
|
|
| 235 |
List<ParameterValue> values = new ArrayList<>(parameterWithValues.getParameterValues()); |
|
| 236 |
|
|
| 235 | 237 |
// Get current parameter from database. |
| 236 |
Parameter parameter = this.parameterRepository.getById(parameterValues.getId()); |
|
| 238 |
Parameter parameter = this.parameterRepository.getById(parameterWithValues.getId());
|
|
| 237 | 239 |
// Update current parameter values. |
| 238 |
parameter.setName(parameterValues.getName()); |
|
| 239 |
parameter.setParameterOrder(parameterValues.getParameterOrder()); |
|
| 240 |
parameter.setNameOfSelect(parameterValues.getNameOfSelect()); |
|
| 241 |
parameter.setAssembly(this.assemblyRepository.getById(parameterValues.getAssembly().getId())); |
|
| 242 |
parameter.setParameterType(this.parameterTypeRepository.getById(parameterValues.getParameterType().getId())); |
|
| 243 |
parameter.setDefaultValue(parameterValues.getDefaultValue()); |
|
| 240 |
parameter.setName(parameterWithValues.getName());
|
|
| 241 |
parameter.setParameterOrder(parameterWithValues.getParameterOrder());
|
|
| 242 |
parameter.setNameOfSelect(parameterWithValues.getNameOfSelect());
|
|
| 243 |
parameter.setAssembly(this.assemblyRepository.getById(parameterWithValues.getAssembly().getId()));
|
|
| 244 |
parameter.setParameterType(this.parameterTypeRepository.getById(parameterWithValues.getParameterType().getId()));
|
|
| 245 |
parameter.setDefaultValue(parameterWithValues.getDefaultValue());
|
|
| 244 | 246 |
|
| 245 | 247 |
// Insert changes into database. |
| 246 | 248 |
this.parameterRepository.save(parameter); |
| 247 | 249 |
|
| 248 | 250 |
// Update parameter values, locations, functions and operators. |
| 249 |
if (parameter.getParameterType().equals("Výčet")) {
|
|
| 250 |
updateParameterValues(parameterValues.getId(), parameterValues.getParameterValues());
|
|
| 251 |
if (parameter.getParameterType().getName().equals("Výčet")) {
|
|
| 252 |
updateParameterValues(parameterWithValues.getId(), values);
|
|
| 251 | 253 |
} |
| 252 | 254 |
|
| 253 |
updateParameterLocations(parameterValues.getId(), parameterValues.getLocations());
|
|
| 254 |
updateParameterFunctions(parameterValues.getId(), parameterValues.getFunctions());
|
|
| 255 |
updateParameterOperators(parameterValues.getId(), parameterValues.getOperators());
|
|
| 255 |
updateParameterLocations(parameterWithValues.getId(), parameterWithValues.getLocations());
|
|
| 256 |
updateParameterFunctions(parameterWithValues.getId(), parameterWithValues.getFunctions());
|
|
| 257 |
updateParameterOperators(parameterWithValues.getId(), parameterWithValues.getOperators());
|
|
| 256 | 258 |
} |
| 257 | 259 |
} |
| 258 | 260 |
|
| ... | ... | |
| 377 | 379 |
List<ParameterValue> newParameterValuesDeleted = new LinkedList<>(newParameterValues); |
| 378 | 380 |
currentParameterValuesDeleted.removeAll(newParameterValuesDeleted); |
| 379 | 381 |
|
| 380 |
// Get updated parameter values. |
|
| 381 |
List<ParameterValue> currentParameterValuesUpdated = new LinkedList<>(currentParameterValues); |
|
| 382 |
List<ParameterValue> newParameterValuesUpdated = new LinkedList<>(newParameterValues); |
|
| 383 |
newParameterValuesUpdated.retainAll(currentParameterValuesUpdated); |
|
| 384 |
|
|
| 385 | 382 |
// If there is no changes, do not update. |
| 386 |
if (newParameterValuesNew.size() == 0 && currentParameterValuesDeleted.size() == 0 && newParameterValuesUpdated.size() == 0) return;
|
|
| 383 |
if (newParameterValuesNew.size() == 0 && currentParameterValuesDeleted.size() == 0) return; |
|
| 387 | 384 |
|
| 388 | 385 |
// Delete removed parameter values. |
| 389 | 386 |
for (ParameterValue parameterValue : currentParameterValuesDeleted) {
|
| 390 | 387 |
this.parameterValueRepository.delete(parameterValue); |
| 391 | 388 |
} |
| 392 | 389 |
|
| 393 |
// Update parameter values. |
|
| 394 |
updateParameterValueValues(newParameterValuesUpdated); |
|
| 395 |
|
|
| 396 | 390 |
// Add new parameter values. |
| 397 | 391 |
addParameterValueValues(parameterId, newParameterValuesNew); |
| 398 | 392 |
} |
| 399 | 393 |
|
| 400 |
/** |
|
| 401 |
* Update all updated parameter values. |
|
| 402 |
* @param updatedParameterValuesList - List of all updated parameter values. |
|
| 403 |
*/ |
|
| 404 |
private void updateParameterValueValues(List<ParameterValue> updatedParameterValuesList) {
|
|
| 405 |
for (ParameterValue parameterValueValues : updatedParameterValuesList) {
|
|
| 406 |
ParameterValue parameterValue = this.parameterValueRepository.getById(parameterValueValues.getId()); |
|
| 407 |
parameterValue.setValue(parameterValueValues.getValue()); |
|
| 408 |
|
|
| 409 |
// Insert changes into database. |
|
| 410 |
this.parameterValueRepository.save(parameterValue); |
|
| 411 |
} |
|
| 412 |
} |
|
| 413 |
|
|
| 414 | 394 |
/** |
| 415 | 395 |
* Add new parameter values. |
| 416 | 396 |
* @param parameterId - ID of parameter. |
| src/main/java/vldc/aswi/web/controller/LoginController.java | ||
|---|---|---|
| 2 | 2 |
|
| 3 | 3 |
import org.springframework.stereotype.Controller; |
| 4 | 4 |
import org.springframework.web.bind.annotation.GetMapping; |
| 5 |
import org.springframework.web.servlet.ModelAndView; |
|
| 5 | 6 |
|
| 6 | 7 |
@Controller |
| 7 | 8 |
public class LoginController extends BasicController {
|
| 8 | 9 |
|
| 10 |
/** |
|
| 11 |
* Get mapping method for login page. |
|
| 12 |
* @return Model and view for login page. |
|
| 13 |
*/ |
|
| 9 | 14 |
@GetMapping("/login")
|
| 10 |
public String login() {
|
|
| 11 |
return "login"; |
|
| 15 |
public ModelAndView login() {
|
|
| 16 |
ModelAndView modelAndView = new ModelAndView("login");
|
|
| 17 |
|
|
| 18 |
return modelAndView; |
|
| 12 | 19 |
} |
| 13 | 20 |
|
| 14 | 21 |
} |
| src/main/webapp/WEB-INF/templates/login.html | ||
|---|---|---|
| 19 | 19 |
<table> |
| 20 | 20 |
<tr> |
| 21 | 21 |
<td>Přihlašovací jméno:</td> |
| 22 |
<td><input type="text" class="form-control"/></td> |
|
| 22 |
<td><input type="text" name="username" id="username" class="form-control"/></td>
|
|
| 23 | 23 |
</tr> |
| 24 | 24 |
<tr> |
| 25 | 25 |
<td>Heslo:</td> |
| 26 |
<td><input type="password" class="form-control"/></td> |
|
| 26 |
<td><input type="password" name="password" id="password" class="form-control"/></td>
|
|
| 27 | 27 |
</tr> |
| 28 | 28 |
<tr> |
| 29 | 29 |
<td><button class="btn-primary btn" type="submit">Přihlásit</button></td> |
Také k dispozici: Unified diff
re #8014 Login into app + session for user.