Changeset cf09deb

Timestamp:

01/23/25 05:05:47 (3 months ago)

Author:

Nikola Jordanoski <nikolaj_koko@…>

Branches:

master

Children:

5b32153

Parents:

d157fcd

Message:

Added security (not fully implemented)

Location:

ReserveNGo-backend

Files:

• docker-compose.yml (added)
• pom.xml (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/ReserveNGoApplication.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/bootstrap/DataHolder.java (modified) (3 diffs)
• src/main/java/mk/ukim/finki/it/reservengo/config/ApplicationConfig.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java (modified) (5 diffs)
• src/main/java/mk/ukim/finki/it/reservengo/config/filter/JWTAuthenticationFilter.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/model/Admin.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/model/Contact.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/model/Customer.java (modified) (2 diffs)
• src/main/java/mk/ukim/finki/it/reservengo/model/JWTAuthenticationResponse.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/model/LocalManager.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/model/LocalWorker.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/model/RegisterRequest.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/model/User.java (modified) (4 diffs)
• src/main/java/mk/ukim/finki/it/reservengo/model/enumerations/Role.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/model/exceptions/EmailNotFoundException.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/repository/CustomerRepository.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/repository/LocalManagerRepository.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/repository/LocalWorkerRepository.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/repository/UserRepository.java (modified) (1 diff)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/AdminServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/AuthServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/CustomerServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/EventServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/JWTServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/LocalManagerServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/LocalServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/LocalWorkerServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/ReservationServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/impl/UserServiceImpl.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/AdminService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/AuthService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/CustomerService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/EventService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/JWTService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/LocalManagerService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/LocalService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/LocalWorkerService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/ReservationService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/service/intf/UserService.java (added)
• src/main/java/mk/ukim/finki/it/reservengo/web/AuthController.java (added)
• src/main/resources/application-prod.properties (added)
• src/main/resources/application.properties (modified) (1 diff)

ReserveNGo-backend/pom.xml

@@ -59 +59 @@
 
         <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-api</artifactId>
+            <version>0.11.5</version>
+        </dependency>
+
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-impl</artifactId>
+            <version>0.11.5</version>
+        </dependency>
+
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-jackson</artifactId>
+            <version>0.11.5</version>
+        </dependency>
+
+        <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/ReserveNGoApplication.java

@@ -14 +14 @@
         SpringApplication.run(ReserveNGoApplication.class, args);
     }
-
-    @Bean
-    PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder(10);
-    }
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/bootstrap/DataHolder.java

@@ -3 +3 @@
 import jakarta.annotation.PostConstruct;
 import mk.ukim.finki.it.reservengo.model.*;
-import mk.ukim.finki.it.reservengo.model.enumerations.*;
+import mk.ukim.finki.it.reservengo.model.enumerations.Position;
+import mk.ukim.finki.it.reservengo.model.enumerations.Role;
+import mk.ukim.finki.it.reservengo.model.enumerations.Service;
 import mk.ukim.finki.it.reservengo.repository.*;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -17 +19 @@
     public static List<LocalWorker> workers = new ArrayList<>();
     public static List<LocalManager> managers = new ArrayList<>();
-    public static List<Event> events = new ArrayList<>();
-    public static List<Reservation> reservations = new ArrayList<>();
     public static List<Local> locals = new ArrayList<>();
 
     private final AdminRepository adminRepository;
     private final CustomerRepository customerRepository;
-    private final EventRepository eventRepository;
     private final LocalManagerRepository localManagerRepository;
     private final LocalRepository localRepository;
     private final LocalWorkerRepository localWorkerRepository;
-    private final ReservationRepository reservationRepository;
     private final PasswordEncoder passwordEncoder;
 
-    public DataHolder(AdminRepository adminRepository, CustomerRepository customerRepository, EventRepository eventRepository, LocalManagerRepository localManagerRepository, LocalRepository localRepository, LocalWorkerRepository localWorkerRepository, ReservationRepository reservationRepository, PasswordEncoder passwordEncoder) {
+    public DataHolder(AdminRepository adminRepository, CustomerRepository customerRepository, LocalManagerRepository localManagerRepository, LocalRepository localRepository, LocalWorkerRepository localWorkerRepository, PasswordEncoder passwordEncoder) {
         this.adminRepository = adminRepository;
         this.customerRepository = customerRepository;
-        this.eventRepository = eventRepository;
         this.localManagerRepository = localManagerRepository;
         this.localRepository = localRepository;
         this.localWorkerRepository = localWorkerRepository;
-        this.reservationRepository = reservationRepository;
         this.passwordEncoder = passwordEncoder;
     }
@@ -61 +57 @@
         customerRepository.saveAll(customers);
 
-        // Print for debugging purposes
-        System.out.println("Initialization complete!");
+        //Local worker
+        for (int i = 1; i <= 3; i++) {
+            LocalWorker localWorker = new LocalWorker(
+                    "FirstName" + i,
+                    "LastName" + i,
+                    "Email" + i,
+                    "Password" + i,
+                    "PhoneNumber" + i,
+                    Role.LOCAL_WORKER
+            );
+            workers.add(localWorker);
+        }
+        localWorkerRepository.saveAll(workers);
+
+        //Local manager
+        for (int i = 1; i <= 3; i++) {
+            LocalManager manager = new LocalManager(
+                    "FirstName" + i,
+                    "LastName" + i,
+                    "EmailManager" + i,
+                    "Password" + i,
+                    "PhoneNumber" + i,
+                    Role.LOCAL_MANAGER
+            );
+            managers.add(manager);
+        }
+        localManagerRepository.saveAll(managers);
+
+        //Local
+        List<Service> serviceList = new ArrayList<>(List.of(Service.values()));
+        List<String> localPhotos;
+        for (int i = 1; i <= 3; i++) {
+            localPhotos = new ArrayList<>();
+            for (int j = 1; j <= 3; j++) {
+                localPhotos.add("Picture number: " + j);
+            }
+            Local local = new Local(
+                    "Name" + i,
+                    "Description" + i,
+                    "Address" + i,
+                    "WorkingHours" + i,
+                    serviceList,
+                    null,
+                    null,
+                    localPhotos,
+                    "MenuPhoto" + i,
+                    "MenuLink" + i,
+                    null,
+                    null,
+                    null
+            );
+            locals.add(local);
+        }
+        localRepository.saveAll(locals);
     }
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java

@@ -1 +1 @@
 package mk.ukim.finki.it.reservengo.config;
 
+import mk.ukim.finki.it.reservengo.config.filter.JWTAuthenticationFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -8 +10 @@
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
@@ -14 +18 @@
 @EnableMethodSecurity
 public class WebSecurityConfig {
+
+
+    private final JWTAuthenticationFilter jwtAuthFilter;
+    private final AuthenticationProvider authenticationProvider;
+
+    public WebSecurityConfig(JWTAuthenticationFilter jwtAuthFilter, AuthenticationProvider authenticationProvider) {
+        this.jwtAuthFilter = jwtAuthFilter;
+        this.authenticationProvider = authenticationProvider;
+    }
 
     @Bean
@@ -23 +36 @@
                 )
                 .authorizeHttpRequests((requests) -> requests
-                        .requestMatchers("/**")
+                        .requestMatchers("/api/auth/**", "/h2/**")
                         .permitAll()
-                )
-                .formLogin((form) -> form
-                        .permitAll()
-                        .defaultSuccessUrl("/", true)
+                        .anyRequest()
+                        .authenticated()
                 )
                 .logout((logout) -> logout
@@ -35 +46 @@
                         .deleteCookies("JSESSIONID")
                         .logoutSuccessUrl("/login")
-                );
+                )
+                .sessionManagement(manager -> manager
+                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                )
+                .authenticationProvider(authenticationProvider)
+                .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
+        ;
 
         return http.build();

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Admin.java

@@ -11 +11 @@
 @AllArgsConstructor
 @NoArgsConstructor
-public class Admin {
-    public Admin(String username, String password, Role userRole) {
-        this.username = username;
-        this.password = password;
-        this.userRole = userRole;
+public class Admin extends User {
+    public Admin(String email, String password, Role userRole) {
+        super(null, null, email, password, null, userRole);
     }
-
-    @Id
-    @GeneratedValue(strategy = GenerationType.IDENTITY)
-    private Long id;
-
-    @Column(unique = true)
-    private String username;
-
-    private String password;
-
-    @Enumerated(EnumType.STRING)
-    private Role userRole = Role.ADMIN;
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Contact.java

@@ -16 +16 @@
 @Embeddable
 public class Contact {
-
     private String phone;
     private String email;

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Customer.java

@@ -19 +19 @@
 @NoArgsConstructor
 public class Customer extends User {
-    public Customer(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole) {
+    public Customer(String firstName,
+                    String lastName,
+                    String email,
+                    String password,
+                    String phoneNumber,
+                    Role userRole) {
         super(firstName, lastName, email, password, phoneNumber, userRole);
     }
@@ -28 +33 @@
     @OneToMany
     private List<Local> favouriteLocals;
+
+
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/LocalManager.java

@@ -15 +15 @@
 @NoArgsConstructor
 public class LocalManager extends LocalWorker{
-    public LocalManager(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole, Local local, Position position) {
-        super(firstName, lastName, email, password, phoneNumber, userRole, local, position);
+    public LocalManager(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole) {
+        super(firstName, lastName, email, password, phoneNumber, userRole);
     }
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/LocalWorker.java

@@ -14 +14 @@
 @AllArgsConstructor
 @NoArgsConstructor
-public class LocalWorker extends User{
-    public LocalWorker(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole, Local local, Position position) {
+public class LocalWorker extends User {
+    public LocalWorker(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole) {
         super(firstName, lastName, email, password, phoneNumber, userRole);
-        this.local = local;
-        this.position = position;
     }
 

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/User.java

@@ -4 +4 @@
 import lombok.AllArgsConstructor;
 import lombok.Data;
+import lombok.Getter;
 import lombok.NoArgsConstructor;
 import mk.ukim.finki.it.reservengo.model.enumerations.Role;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
 
-@Data
+import java.util.Collection;
+import java.util.List;
+
+//@Data
 @Entity
 @AllArgsConstructor
@@ -13 +20 @@
 @Inheritance(strategy = InheritanceType.JOINED)
 @Table(name = "app_user")
-public class User {
+public class User implements UserDetails {
     public User(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole) {
         this.firstName = firstName;
@@ -23 +30 @@
     }
 
+
+
+    @Getter
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
@@ -40 +50 @@
     @Enumerated(EnumType.STRING)
     private Role userRole;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return List.of(new SimpleGrantedAuthority(userRole.name())); //check here:IMPORTANT
+    }
+
+    @Override
+    public String getPassword() {
+        return password;
+    }
+
+    @Override
+    public String getUsername() {
+        return email;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public String getFirstName() {
+        return firstName;
+    }
+
+    public String getLastName() {
+        return lastName;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public String getPhoneNumber() {
+        return phoneNumber;
+    }
+
+    public Role getUserRole() {
+        return userRole;
+    }
+
+    @Override
+    public String toString() {
+        return "User{" +
+                "id=" + id +
+                ", firstName='" + firstName + '\'' +
+                ", lastName='" + lastName + '\'' +
+                ", email='" + email + '\'' +
+                ", password='" + password + '\'' +
+                ", phoneNumber='" + phoneNumber + '\'' +
+                ", userRole=" + userRole +
+                '}';
+    }
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/enumerations/Role.java

@@ -4 +4 @@
     ADMIN,
     CUSTOMER,
-    RESTAURANT_MANAGER,
-    RESTAURANT_WORKER
+    LOCAL_MANAGER,
+    LOCAL_WORKER
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/repository/CustomerRepository.java

@@ -5 +5 @@
 import org.springframework.stereotype.Repository;
 
+import java.util.Optional;
+
 @Repository
 public interface CustomerRepository extends JpaRepository<Customer, Long> {
+
+    Optional<Customer> findByEmail(String email);
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/repository/LocalManagerRepository.java

@@ -5 +5 @@
 import org.springframework.stereotype.Repository;
 
+import java.util.Optional;
+
 @Repository
 public interface LocalManagerRepository extends JpaRepository<LocalManager, Long> {
+    Optional<LocalManager> findByEmail(String email);
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/repository/LocalWorkerRepository.java

@@ -5 +5 @@
 import org.springframework.stereotype.Repository;
 
+import java.util.Optional;
+
 @Repository
 public interface LocalWorkerRepository extends JpaRepository<LocalWorker, Long> {
+    Optional<LocalWorker> findByEmail(String email);
 }

ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/repository/UserRepository.java

@@ -5 +5 @@
 import org.springframework.stereotype.Repository;
 
+import java.util.Optional;
+
 @Repository
 public interface UserRepository extends JpaRepository<User, Long> {
-
+    Optional<User> findByEmail(String email);
 }

ReserveNGo-backend/src/main/resources/application.properties

@@ -3 +3 @@
 spring.profiles.active=h2
 
+