Changeset 5c65932


Ignore:
Timestamp:
01/26/26 13:35:45 (6 months ago)
Author:
Filip Gavrilovski <filipgavrilovski28@…>
Branches:
main
Children:
0c86e77
Parents:
ecd0016
Message:

auth clean up and covering todo-s

Location:
finkwave/src/main/java/com/ukim/finki/develop/finkwave
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • finkwave/src/main/java/com/ukim/finki/develop/finkwave/model/NonAdminUser.java

    recd0016 r5c65932  
    44import lombok.Getter;
    55import lombok.Setter;
     6import org.hibernate.annotations.Cascade;
    67
    78@Getter
     
    1516
    1617    @MapsId
    17     @OneToOne
     18    @OneToOne(cascade = {CascadeType.PERSIST, CascadeType.MERGE})
    1819    @JoinColumn(name = "user_id")
    1920    private User user;
  • finkwave/src/main/java/com/ukim/finki/develop/finkwave/model/User.java

    recd0016 r5c65932  
    44import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
    55
    6 import jakarta.persistence.*;
    7 import lombok.*;
     6import jakarta.persistence.Column;
     7import jakarta.persistence.Entity;
     8import jakarta.persistence.EnumType;
     9import jakarta.persistence.Enumerated;
     10import jakarta.persistence.GeneratedValue;
     11import jakarta.persistence.GenerationType;
     12import jakarta.persistence.Id;
     13import jakarta.persistence.OneToOne;
     14import jakarta.persistence.Table;
     15import lombok.AllArgsConstructor;
     16import lombok.Builder;
     17import lombok.Getter;
     18import lombok.NoArgsConstructor;
     19import lombok.Setter;
    820
    921@Setter
     
    4153    private Admin admin;
    4254
    43     // todo: is this column needed? if so, add to entities and documentation
    4455    @Enumerated(EnumType.STRING)
    4556    private Role role;
    4657
    47     @OneToOne(mappedBy = "user")
     58    @OneToOne(mappedBy = "user", orphanRemoval = true)
    4859    @JsonIgnore
    4960    private NonAdminUser nonAdminUser;
  • finkwave/src/main/java/com/ukim/finki/develop/finkwave/service/AuthService.java

    recd0016 r5c65932  
    11package com.ukim.finki.develop.finkwave.service;
    22
    3 import com.ukim.finki.develop.finkwave.config.AuthProperties;
    4 import com.ukim.finki.develop.finkwave.dto.LoginRequestDto;
    53import org.springframework.security.crypto.password.PasswordEncoder;
    64import org.springframework.stereotype.Service;
    75
     6import com.ukim.finki.develop.finkwave.config.AuthProperties;
    87import com.ukim.finki.develop.finkwave.dto.AuthRequestDto;
     8import com.ukim.finki.develop.finkwave.dto.LoginRequestDto;
    99import com.ukim.finki.develop.finkwave.dto.UserResponseDto;
    1010import com.ukim.finki.develop.finkwave.model.NonAdminUser;
     
    1717import jakarta.servlet.http.Cookie;
    1818import jakarta.servlet.http.HttpServletResponse;
     19import jakarta.transaction.Transactional;
    1920import lombok.RequiredArgsConstructor;
    2021
     
    3031
    3132
     33    @Transactional
    3234    public UserResponseDto registerAndLogIn(HttpServletResponse response, AuthRequestDto authRequestDto){
    3335        if (userRepository.findByUsername(authRequestDto.username()).isPresent()){
    3436            throw new RuntimeException("User already exists");
    3537        }
    36         createNonAdminUser(authRequestDto);
    37         // todo: could also be redirect in controller, which one is better?
    38         return login(response, new LoginRequestDto(authRequestDto.username(), authRequestDto.password()));
     38        User user = createNonAdminUser(authRequestDto);
     39        return authenticateAndRespond(response, user);
    3940    }
    4041
    41     // todo: dto in arguments or the standalone values?
    4242    public UserResponseDto login(HttpServletResponse response, LoginRequestDto loginRequestDto){
    4343        User user = userRepository.findByUsername(loginRequestDto.username())
    4444                .orElseThrow(() -> new RuntimeException("Invalid credentials"));
     45
    4546        if (!passwordEncoder.matches(loginRequestDto.password(), user.getPassword())){
    4647            throw new RuntimeException("Invalid credentials");
    4748        }
    4849
    49         String accessToken = jwtService.generateToken(loginRequestDto.username(), user.getRole().name());
    50         RefreshToken refreshToken = refreshTokenService.createRefreshToken(user);
    51 
    52         UserResponseDto userResponseDto = new UserResponseDto(user.getUsername(), user.getRole());
    53         addTokensToResponse(response, refreshToken, accessToken);
    54         return userResponseDto;
     50        return authenticateAndRespond(response, user);
    5551    }
    5652
     
    9389    }
    9490
    95     // todo: should it be transactional?
    96 //    @Transactional
    97     private void createNonAdminUser(AuthRequestDto authRequestDto){
     91    private User createNonAdminUser(AuthRequestDto authRequestDto){
    9892        User user = User.builder()
    9993                .fullName(authRequestDto.fullname())
     
    109103        user.setNonAdminUser(nonAdminUser);
    110104        nonAdminUserRepository.save(nonAdminUser);
    111         userRepository.save(user);
     105        return user;
     106    }
     107
     108    private UserResponseDto authenticateAndRespond(HttpServletResponse response, User user){
     109        String accessToken = jwtService.generateToken(user.getUsername(), user.getRole().name());
     110        RefreshToken refreshToken = refreshTokenService.createRefreshToken(user);
     111
     112        UserResponseDto userResponseDto = new UserResponseDto(user.getUsername(), user.getRole());
     113        addTokensToResponse(response, refreshToken, accessToken);
     114        return userResponseDto;
    112115    }
    113116
  • finkwave/src/main/java/com/ukim/finki/develop/finkwave/service/CustomUserDetailsService.java

    recd0016 r5c65932  
    2222        User user = userRepository.findByUsername(username)
    2323                .orElseThrow(() -> new RuntimeException("user not found"));
    24         // todo: fix hardcoded role
    25         // List<GrantedAuthority> authorities = List.of(new SimpleGrantedAuthority("ROLE_" + user.getRole().name()));
    26         List<GrantedAuthority> authorities = List.of(new SimpleGrantedAuthority("ROLE_NONADMIN"));
     24         List<GrantedAuthority> authorities = List.of(new SimpleGrantedAuthority("ROLE_" + user.getRole().name()));
    2725        return new org.springframework.security.core.userdetails.User(
    2826                user.getUsername(),
Note: See TracChangeset for help on using the changeset viewer.