Changeset 6eba109

Timestamp:

08/17/22 16:21:10 (2 years ago)

Author:

unknown <mlviktor23@…>

Branches:

main

Children:

702ca77

Parents:

800779d

Message:

implemented authentication in react

Files:

• reactapp/src/App.js (modified) (1 diff)
• reactapp/src/Components/Logout.js (added)
• reactapp/src/Components/Search.js (modified) (1 diff)
• reactapp/src/Pages/Home.js (modified) (1 diff)
• reactapp/src/Pages/Login.js (modified) (3 diffs)
• reactapp/src/Pages/Professor.js (modified) (1 diff)
• reactapp/src/Pages/User.js (added)
• reactapp/src/api/AuthApi.js (added)
• reactapp/src/api/axios.js (modified) (1 diff)
• springapp/src/main/java/mk/profesori/springapp/Controller/PublicController.java (modified) (3 diffs)
• springapp/src/main/java/mk/profesori/springapp/Controller/SecureController.java (modified) (5 diffs)
• springapp/src/main/java/mk/profesori/springapp/Model/CustomUserDetails.java (modified) (2 diffs)
• springapp/src/main/java/mk/profesori/springapp/Security/CustomAuthenticationSuccessHandler.java (added)
• springapp/src/main/java/mk/profesori/springapp/Security/SecurityConfiguration.java (modified) (3 diffs)
• springapp/src/main/java/mk/profesori/springapp/Service/RegistrationService.java (modified) (2 diffs)
• springapp/src/main/resources/application.properties (modified) (1 diff)

reactapp/src/App.js

@@ -2 +2 @@
 import SearchResults from "./Pages/SearchResults";
 import Login from "./Pages/Login";
-import { BrowserRouter, Routes, Route } from "react-router-dom";
+import { BrowserRouter, Routes, Route, Navigate } from "react-router-dom";
 import Home from "./Pages/Home";
+import User from "./Pages/User";
+import { useEffect, useState, useMemo } from "react";
+import AuthApi from "./api/AuthApi";
+import Cookies from "js-cookie";
 
 export default function App() {
+  const [auth, setAuth] = useState(false);
+  const variableAuth = useMemo(() => ({ auth, setAuth }), [auth]);
+
+  const readCookie = () => {
+    const session = Cookies.get("JSESSIONID");
+    if (session) {
+      setAuth(true); // go stava true ako postoi takvo cookie (zasto auth=false na sekoe renderiranje)
+    }
+  };
+
+  useEffect(() => {
+    readCookie();
+  }, []);
+
+  const ProtectedRoute = ({ auth, children }) => {
+    if (!auth) {
+      return <Navigate to="/login" replace />;
+    }
+    return children;
+  };
+
   return (
-    <BrowserRouter>
-      <Routes>
-        <Route path="/" element={<Home />}>
-          <Route path="login" element={<Login />}></Route>
-          <Route path="professor">
-            <Route path=":professorId" element={<Professor />} />
+    <AuthApi.Provider value={variableAuth}>
+      <BrowserRouter>
+        <Routes>
+          <Route path="/" element={<Home />}>
+            <Route path="login" element={<Login />}></Route>
+            <Route path="professor">
+              <Route path=":professorId" element={<Professor />} />
+            </Route>
+            <Route path="search" element={<SearchResults />}></Route>
+            <Route
+              path="user"
+              element={
+                <ProtectedRoute auth={auth}>
+                  <User />
+                </ProtectedRoute>
+              }
+            ></Route>
           </Route>
-          <Route path="search" element={<SearchResults />}></Route>
-        </Route>
-      </Routes>
-    </BrowserRouter>
+        </Routes>
+      </BrowserRouter>
+    </AuthApi.Provider>
   );
 }

reactapp/src/Components/Search.js

@@ -15 +15 @@
 
   useEffect(() => {
-    const url = `http://192.168.0.17:8080/public/professors/nameContains/${transliterate(
+    const url = `http://192.168.0.18:8080/public/professors/nameContains/${transliterate(
       query
     )}`;

reactapp/src/Pages/Home.js

@@ -20 +20 @@
       </a>{" "}
       <Search />
+      <div style={{ marginTop: "140px" }}></div>
       <Outlet />
     </MainWrapper>

reactapp/src/Pages/Login.js

@@ -1 @@
-import React, { useRef, useState, useEffect } from "react";
+import React, { useRef, useState, useEffect, useContext } from "react";
+import { Navigate } from "react-router-dom";
+import AuthApi from "../api/AuthApi";
 import axios from "../api/axios";
+import Cookies from "js-cookie";
 const LOGIN_URL = "/login";
 
 const Login = () => {
+  const { auth, setAuth } = useContext(AuthApi);
   const userRef = useRef();
   const errRef = useRef();
@@ -10 +14 @@
   const [password, setPassword] = useState("");
   const [errMsg, setErrMsg] = useState("");
-  const [success, setSuccess] = useState(false);
 
   useEffect(() => {
     userRef.current.focus();
   }, []);
-
-  useEffect(() => {
-    setErrMsg("");
-  }, [username, password]);
 
   const handleSubmit = async (e) => {
@@ -33 +32 @@
       }
     );
+    if (!response.request.responseURL.includes("error")) {
+      // ako NE redirektira na /login?error
+      Cookies.set("JSESSIONID", response.data.sessionId);
+      setAuth(true);
+      setErrMsg("");
+    } else {
+      setErrMsg("Погрешно корисиничко име и/или лозинка");
+    }
+
     setUsername("");
     setPassword("");
-    setSuccess(true);
   };
 
-  return success ? (
+  const handleLogout = () => {
+    setAuth(false);
+    Cookies.remove("JSESSIONID");
+  };
+
+  return auth ? (
+    /*
     <div style={{ marginTop: "140px" }}>
       <h1>Успешна најава!</h1>
       <br />
       <p>
-        <a href="/">Оди на почетната страница</a>
+        <a href="/user">Оди на protected</a>
       </p>
+      <button onClick={handleLogout}>Одјави се</button>
     </div>
+    */
+    <Navigate to="/user" />
   ) : (
     <div style={{ marginTop: "140px" }}>

reactapp/src/Pages/Professor.js

@@ -18 +18 @@
 
   useEffect(() => {
-    const url = `http://192.168.0.17:8080/public/professor/${params.professorId}`;
+    const url = `http://192.168.0.18:8080/public/professor/${params.professorId}`;
 
     const fetchData = async () => {

reactapp/src/api/axios.js

@@ -2 +2 @@
 
 export default axios.create({
-  baseURL: "http://192.168.0.17:8080",
+  baseURL: "http://192.168.0.18:8080",
 });

springapp/src/main/java/mk/profesori/springapp/Controller/PublicController.java

@@ -1 +1 @@
 package mk.profesori.springapp.Controller;
 
+import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;
 
@@ -21 +23 @@
 @RestController
 @RequestMapping("/public")
-@CrossOrigin(origins = { "http://192.168.0.17:3000", "http://192.168.0.24:3000" })
+@CrossOrigin(origins = { "http://192.168.0.18:3000", "http://192.168.0.24:3000" })
 public class PublicController {
 
@@ -95 +97 @@
         return mainService.getCityById(cityId); // vrakja grad spored id
     }
+
+    @RequestMapping(value = "/loginSuccessRegular", method = RequestMethod.GET)
+    public Map<String, String> loginSuccessRegular(@RequestParam String sessionId) {
+        return Collections.singletonMap("sessionId", sessionId);
+    }
+
+    @RequestMapping(value = "/loginSuccessModerator", method = RequestMethod.GET)
+    public Map<String, String> loginSuccessModerator(@RequestParam String sessionId) {
+        return Collections.singletonMap("sessionId", sessionId);
+    }
 }

springapp/src/main/java/mk/profesori/springapp/Controller/SecureController.java

@@ -1 +1 @@
 package mk.profesori.springapp.Controller;
+
+import java.util.Collections;
+import java.util.Map;
 
 import org.springframework.beans.factory.annotation.Autowired;
@@ -5 +8 @@
 import org.springframework.security.core.annotation.CurrentSecurityContext;
 import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -10 +14 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -15 +20 @@
 
 import mk.profesori.springapp.Model.CustomUserDetails;
+import mk.profesori.springapp.Service.CustomUserDetailsService;
 import mk.profesori.springapp.Service.MainService;
 
 @RestController
 @RequestMapping("/secure")
-@CrossOrigin(origins = { "http://192.168.0.17:3000", "http://192.168.0.24:3000" })
+@CrossOrigin(origins = { "http://192.168.0.18:3000", "http://192.168.0.24:3000" })
 public class SecureController {
 
     @Autowired
     private MainService mainService;
+    @Autowired
+    CustomUserDetailsService customUserDetailsService;
 
     @RequestMapping(value = "/professor/{professorId}/addOpinion", method = RequestMethod.POST)
@@ -52 +60 @@
     }
 
+    @RequestMapping(value = "/user", method = RequestMethod.GET)
+    public UserDetails getUserDetails(@CurrentSecurityContext SecurityContext context) {
+
+        Authentication authentication = context.getAuthentication();
+        if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails) {
+            CustomUserDetails currentUser = (CustomUserDetails) authentication.getPrincipal();
+            return customUserDetailsService.loadUserByUsername(currentUser.getEmail());
+        }
+
+        return null;
+    }
+
 }

springapp/src/main/java/mk/profesori/springapp/Model/CustomUserDetails.java

@@ -53 +53 @@
     private Set<ConfirmationToken> confirmationTokens = new HashSet<>();
     @OneToMany(mappedBy = "author", cascade = CascadeType.ALL)
-    private List<Post> authoredPosts = new ArrayList<>();
+    private Set<Post> authoredPosts = new HashSet<>();
 
     public CustomUserDetails(String fullName, String username, String email, String password, UserRole userRole) {
@@ -99 +99 @@
     }
 
-    List<Post> getAuthoredPosts() {
+    public Set<Post> getAuthoredPosts() {
         return this.authoredPosts;
     }

springapp/src/main/java/mk/profesori/springapp/Security/SecurityConfiguration.java

@@ -10 +10 @@
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -36 +37 @@
             @Override
             public void addCorsMappings(CorsRegistry registry) {
-                registry.addMapping("/**").allowedOrigins("http://192.168.0.17:3000", "http://192.168.0.24:3000");
+                registry.addMapping("/**").allowedOrigins("http://192.168.0.18:3000", "http://192.168.0.24:3000")
+                        .allowCredentials(true);
             }
         };
+    }
+
+    @Bean
+    public AuthenticationSuccessHandler customAuthenticationSuccessHandler() {
+        return new CustomAuthenticationSuccessHandler();
     }
 
@@ -54 +61 @@
                 .antMatchers("/registration/**").permitAll()
                 .and()
-                .formLogin();
+                .formLogin().successHandler(customAuthenticationSuccessHandler());
 
         return http.build();

springapp/src/main/java/mk/profesori/springapp/Service/RegistrationService.java

@@ -25 +25 @@
     private final EmailSender emailSender;
     private final UserRepository userRepository;
-    
+
     public String register(RegistrationRequest request) {
 
         boolean isValidEmail = emailValidator.test(request.getEmail());
-        if(!isValidEmail) throw new IllegalStateException("Invalid email");
+        if (!isValidEmail)
+            throw new IllegalStateException("Invalid email");
 
         boolean isValidPassword = passwordValidator.test(request.getPassword());
-        if(!isValidPassword) throw new IllegalStateException("Invalid password");
+        if (!isValidPassword)
+            throw new IllegalStateException("Invalid password");
 
         boolean isValidUsername = usernameValidator.test(request.getUsername());
-        if(!isValidUsername) throw new IllegalStateException("Invalid username");
+        if (!isValidUsername)
+            throw new IllegalStateException("Invalid username");
 
         boolean emailExists = userRepository.findByEmail(request.getEmail()).isPresent();
-        if(emailExists) {
-            if(!userRepository.findByEmail(request.getEmail()).get().isEnabled()) {
-                String tokenToResend = customUserDetailsService.createToken(userRepository.findByEmail(request.getEmail()).get());
-                String link = "http://192.168.0.17:8080/registration/confirm?token=" + tokenToResend;
+        if (emailExists) {
+            if (!userRepository.findByEmail(request.getEmail()).get().isEnabled()) {
+                String tokenToResend = customUserDetailsService
+                        .createToken(userRepository.findByEmail(request.getEmail()).get());
+                String link = "http://192.168.0.18:8080/registration/confirm?token=" + tokenToResend;
                 emailSender.send(request.getEmail(), emailSender.buildEmail(request.getUsername(), link));
-                return tokenToResend; 
+                return tokenToResend;
             } else {
-            throw new IllegalStateException("Email is taken");
+                throw new IllegalStateException("Email is taken");
             }
         }
 
         boolean usernameExists = userRepository.findByUsername(request.getUsername()).isPresent();
-        if(usernameExists) {
+        if (usernameExists) {
             throw new IllegalStateException("Username is taken");
         }
 
         String token = customUserDetailsService.signUp(
-            new CustomUserDetails(
-                request.getFullName(),
-                request.getUsername(),
-                request.getEmail(),
-                request.getPassword(),
-                UserRole.REGULAR
-            )
-            );
-        
-        String link = "http://192.168.0.17:8080/registration/confirm?token=" + token;
-        
+                new CustomUserDetails(
+                        request.getFullName(),
+                        request.getUsername(),
+                        request.getEmail(),
+                        request.getPassword(),
+                        UserRole.REGULAR));
+
+        String link = "http://192.168.0.18:8080/registration/confirm?token=" + token;
+
         emailSender.send(request.getEmail(), emailSender.buildEmail(request.getUsername(), link));
-        
+
         return token;
     }
@@ -75 +77 @@
         ConfirmationToken confirmationToken = confirmationTokenService
                 .getToken(token)
-                .orElseThrow(() ->
-                        new IllegalStateException("Token not found"));
+                .orElseThrow(() -> new IllegalStateException("Token not found"));
 
         if (confirmationToken.getConfirmedAt() != null) {

springapp/src/main/resources/application.properties

@@ -7 +7 @@
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
 spring.jpa.properties.hibernate.format_sql=true
-server.address=192.168.0.17
+server.address=192.168.0.18
 spring.mail.host=192.168.0.24
 spring.mail.username=mailuser