Index: ReserveNGo-backend/.gitignore =================================================================== --- ReserveNGo-backend/.gitignore (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/.gitignore (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -15,5 +15,5 @@ ### IntelliJ IDEA ### -.idea/ +.idea *.iws *.iml Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -13,4 +13,6 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration @@ -35,11 +37,8 @@ .authorizeHttpRequests((requests) -> requests .requestMatchers( - "/api/auth/**", + "/api/**", "/h2/**", - "/api/locals/**", "/favicon.ico") .permitAll() - .requestMatchers("/api/customer/**").hasRole("CUSTOMER") - .requestMatchers("/api/admin/**").hasRole("ADMIN") .anyRequest() .authenticated() @@ -53,3 +52,18 @@ return http.build(); } + + @Bean + public WebMvcConfigurer corsConfigurer() { + return new WebMvcConfigurer() { + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping("/**") + .allowedOrigins("http://localhost:5173") + .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") + .allowedHeaders("*") + .allowCredentials(true); + } + }; + } + } Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/filter/JWTAuthenticationFilter.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/filter/JWTAuthenticationFilter.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/filter/JWTAuthenticationFilter.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -36,7 +36,4 @@ final String userEmail; - System.out.println(request); - System.out.println(authHeader); - if (authHeader == null || !authHeader.startsWith("Bearer ")) { filterChain.doFilter(request, response); Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Customer.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Customer.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/model/Customer.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -1,7 +1,5 @@ package mk.ukim.finki.it.reservengo.model; -import jakarta.persistence.CascadeType; -import jakarta.persistence.Entity; -import jakarta.persistence.OneToMany; +import jakarta.persistence.*; import lombok.EqualsAndHashCode; import mk.ukim.finki.it.reservengo.model.enumerations.Role; @@ -11,4 +9,5 @@ @EqualsAndHashCode(callSuper = true) @Entity + public class Customer extends User { public Customer(String firstName, String lastName, String email, String password, String phoneNumber, Role userRole) { @@ -22,5 +21,5 @@ private List reservations; - @OneToMany + @ManyToMany private List favouriteLocals; Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/AuthServiceImpl.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/AuthServiceImpl.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/AuthServiceImpl.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -39,5 +39,5 @@ Customer customer = new Customer(firstName, lastName, email, passwordEncoder.encode(password), phoneNumber, Role.ROLE_CUSTOMER); customerRepository.save(customer); - String jwt = jwtService.generateTokenNoClaims(customer); + String jwt = jwtService.generateToken(customer); return new JWTAuthenticationResponse( @@ -55,5 +55,5 @@ LocalWorker localWorker = new LocalWorker(firstName, lastName, email, passwordEncoder.encode(password), phoneNumber, Role.ROLE_LOCAL_WORKER); localWorkerRepository.save(localWorker); - String jwt = jwtService.generateTokenNoClaims(localWorker); + String jwt = jwtService.generateToken(localWorker); return new JWTAuthenticationResponse( @@ -71,5 +71,5 @@ LocalManager localManager = new LocalManager(firstName, lastName, email, passwordEncoder.encode(password), phoneNumber, Role.ROLE_LOCAL_MANAGER); localManagerRepository.save(localManager); - String jwt = jwtService.generateTokenNoClaims(localManager); + String jwt = jwtService.generateToken(localManager); return new JWTAuthenticationResponse( @@ -87,5 +87,5 @@ authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(email, password)); User user = userRepository.findByEmail(email).orElseThrow(() -> new EmailNotFoundException(email)); - String jwt = jwtService.generateTokenNoClaims(user); + String jwt = jwtService.generateToken(user); return new JWTAuthenticationResponse( Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/JWTServiceImpl.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/JWTServiceImpl.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/impl/JWTServiceImpl.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -6,4 +6,5 @@ import io.jsonwebtoken.io.Decoders; import io.jsonwebtoken.security.Keys; +import mk.ukim.finki.it.reservengo.model.User; import mk.ukim.finki.it.reservengo.service.intf.JWTService; import org.springframework.security.core.userdetails.UserDetails; @@ -12,6 +13,4 @@ import java.security.Key; import java.util.Date; -import java.util.HashMap; -import java.util.Map; import java.util.function.Function; @@ -48,19 +47,13 @@ @Override - public String generateToken(Map extraClaims, UserDetails userDetails) { - - return Jwts - .builder() - .setClaims(extraClaims) - .setSubject(userDetails.getUsername()) - .setIssuedAt(new Date(System.currentTimeMillis())) + public String generateToken(User user) { + return Jwts.builder().setSubject(user.getUsername()) + .claim("name", user.getFirstName()) + .claim("role", user.getUserRole()) + .claim("id", user.getId()) + .setIssuedAt(new Date()) .setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 24)) .signWith(getSignInKey(), SignatureAlgorithm.HS256) .compact(); - } - - @Override - public String generateTokenNoClaims(UserDetails userDetails) { - return generateToken(new HashMap<>(), userDetails); } Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/intf/JWTService.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/intf/JWTService.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/service/intf/JWTService.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -2,12 +2,14 @@ import io.jsonwebtoken.Claims; +import mk.ukim.finki.it.reservengo.model.User; import org.springframework.security.core.userdetails.UserDetails; import java.security.Key; import java.util.Date; -import java.util.Map; import java.util.function.Function; public interface JWTService { + String generateToken(User user); + String extractUsername(String token); @@ -18,8 +20,4 @@ T extractClaim(String token, Function claimsResolver); - String generateToken(Map extraClaims, UserDetails userDetails); - - String generateTokenNoClaims(UserDetails userDetails); - boolean isTokenValid(String token, UserDetails userDetails); Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AdminController.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AdminController.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AdminController.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -3,9 +3,10 @@ import mk.ukim.finki.it.reservengo.service.intf.AdminService; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; @RestController @RequestMapping("/api/admin") -@CrossOrigin(origins = "*") +@PreAuthorize("hasRole('ADMIN')") public class AdminController { @@ -19,5 +20,5 @@ public ResponseEntity addLocal(@RequestParam String name) { adminService.addLocal(name); - return ResponseEntity.ok().build(); // optional if you want to return something after adding + return ResponseEntity.ok().build(); } @@ -25,5 +26,5 @@ public ResponseEntity deleteLocal(@PathVariable Long id) { adminService.deleteLocal(id); - return ResponseEntity.ok().build(); // optional if you want to return something after deleting + return ResponseEntity.ok().build(); } } Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AuthController.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AuthController.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/AuthController.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -10,5 +10,4 @@ @RestController @RequestMapping("/api/auth") -@CrossOrigin(origins = "*") public class AuthController { private final AuthService authenticationService; Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/CustomerController.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/CustomerController.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/CustomerController.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -8,4 +8,5 @@ import mk.ukim.finki.it.reservengo.service.intf.ReservationService; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.web.bind.annotation.*; @@ -15,5 +16,5 @@ @RestController @RequestMapping("/api/customer") -@CrossOrigin(origins = "*") +@PreAuthorize("hasRole('CUSTOMER')") public class CustomerController { @@ -40,6 +41,4 @@ @GetMapping("/favourite-locals") public ResponseEntity listFavouriteLocals(@AuthenticationPrincipal User user) { - System.out.println("tuka"); - System.out.println(user); List favouriteLocals = customerService.listFavouriteLocals(user.getId()); return ResponseEntity.ok(favouriteLocals); Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/LocalController.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/LocalController.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/LocalController.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -8,5 +8,4 @@ @RestController @RequestMapping("/api/locals") -@CrossOrigin("*") public class LocalController { Index: ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/ReservationController.java =================================================================== --- ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/ReservationController.java (revision 840887fb6b8f713ba77e5f64d7ad1bd427d59a19) +++ ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/web/ReservationController.java (revision bf28e5057e2acd342254a44363825d19acd37daa) @@ -9,5 +9,4 @@ @RestController @RequestMapping("/api") -@CrossOrigin("*") public class ReservationController { private final ReservationService reservationService;