Index: c/main/java/mk/ukim/finki/synergymed/config/ConfigProbe.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/config/ConfigProbe.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,12 +1,0 @@ -package mk.ukim.finki.synergymed.config; - -import org.springframework.stereotype.Component; - -@Component -class ConfigProbe { - ConfigProbe(org.springframework.core.env.Environment env) { - String present = env.containsProperty("security.jwt.secret") ? "YES" : "NO"; - System.out.println(">> security.jwt.secret present? " + present); - } -} - Index: c/main/java/mk/ukim/finki/synergymed/config/OpenApiConfig.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/config/OpenApiConfig.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,29 +1,0 @@ -package mk.ukim.finki.synergymed.config; - -import io.swagger.v3.oas.models.OpenAPI; -import io.swagger.v3.oas.models.info.Info; -import io.swagger.v3.oas.models.security.SecurityRequirement; -import io.swagger.v3.oas.models.security.SecurityScheme; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -@Configuration -public class OpenApiConfig { - - @Bean - public OpenAPI api() { - final String BEARER = "bearerAuth"; - return new OpenAPI() - .info(new Info().title("SynergyMed API").version("v1")) - .addSecurityItem(new SecurityRequirement().addList(BEARER)) - .components(new io.swagger.v3.oas.models.Components() - .addSecuritySchemes(BEARER, - new SecurityScheme() - .name(BEARER) - .type(SecurityScheme.Type.HTTP) - .scheme("bearer") - .bearerFormat("JWT") - ) - ); - } -} Index: src/main/java/mk/ukim/finki/synergymed/config/SecurityConfig.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/config/SecurityConfig.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/config/SecurityConfig.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -1,10 +1,6 @@ package mk.ukim.finki.synergymed.config; -import mk.ukim.finki.synergymed.security.JwtAuthFilter; -import org.springframework.boot.autoconfigure.security.reactive.PathRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; -import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -12,10 +8,4 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; - -import java.util.List; @Configuration @@ -23,52 +13,25 @@ public class SecurityConfig { - private final JwtAuthFilter jwtAuthFilter; - - public SecurityConfig(JwtAuthFilter jwtAuthFilter) { - this.jwtAuthFilter = jwtAuthFilter; - } - @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http - .cors(Customizer.withDefaults()) // enable CORS using the bean below .csrf(AbstractHttpConfigurer::disable) - .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(reg -> reg - .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() - - // Static resources in /static, /public, /resources, /META-INF/resources - .requestMatchers(String.valueOf(PathRequest.toStaticResources().atCommonLocations())).permitAll() - .requestMatchers("/", "/**", "/login", "/login.html", "/index.html", "/favicon.ico").permitAll() - - // Public API/docs - .requestMatchers( - "/auth/login", - "/error", - "/v3/api-docs/**", "/swagger-ui.html", "/swagger-ui/**", - "/swagger-resources/**", "/webjars/**" - ).permitAll() - - // Everything else requires JWT + .requestMatchers("/", "/login", "/register", "/error", "/css/**", "/js/**", "/images/**").permitAll() .anyRequest().authenticated() ) - .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); + .formLogin(login -> login + .loginPage("/login") + .defaultSuccessUrl("/profile", true) + .permitAll() + ) + .logout(logout -> logout + .logoutUrl("/logout") + .logoutSuccessUrl("/login?logout") + .permitAll() + ) + .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)); return http.build(); } - - @Bean - public CorsConfigurationSource corsConfigurationSource() { - CorsConfiguration c = new CorsConfiguration(); - // be strict in prod (e.g., setAllowedOrigins(List.of("http://localhost:8080"))) - c.setAllowedOriginPatterns(List.of("*")); - c.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); - c.setAllowedHeaders(List.of("Authorization", "Content-Type", "Accept", "Origin", "X-Requested-With")); - c.setExposedHeaders(List.of("Authorization")); - c.setAllowCredentials(true); - - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - source.registerCorsConfiguration("/**", c); - return source; - } } Index: src/main/java/mk/ukim/finki/synergymed/repositories/ClientRepository.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/repositories/ClientRepository.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/repositories/ClientRepository.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -20,8 +20,5 @@ Optional findByUsers(User user); - boolean existsById(Integer userId); - - - + Optional findByUsersUsername(String username); } Index: c/main/java/mk/ukim/finki/synergymed/security/JwtAuthFilter.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/security/JwtAuthFilter.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,89 +1,0 @@ -package mk.ukim.finki.synergymed.security; - -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.Cookie; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import mk.ukim.finki.synergymed.service.jwt.JwtService; -import mk.ukim.finki.synergymed.service.jwt.TokenBlacklistService; -import org.springframework.lang.NonNull; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; - -import java.io.IOException; - -@Component -public class JwtAuthFilter extends OncePerRequestFilter { - - private final JwtService jwtService; - private final UserDetailsService userDetailsService; - private final TokenBlacklistService tokenBlacklistService; - - public JwtAuthFilter(JwtService jwtService, - UserDetailsService userDetailsService, - TokenBlacklistService tokenBlacklistService) { - this.jwtService = jwtService; - this.userDetailsService = userDetailsService; - this.tokenBlacklistService = tokenBlacklistService; - } - - private String tokenFromHeader(HttpServletRequest req) { - String h = req.getHeader("Authorization"); - return (h != null && h.startsWith("Bearer ")) ? h.substring(7) : null; - } - - private String tokenFromCookie(HttpServletRequest req, String name) { - Cookie[] cookies = req.getCookies(); - if (cookies == null) return null; - for (Cookie c : cookies) { - if (name.equals(c.getName())) return c.getValue(); - } - return null; - } - - @Override - protected void doFilterInternal( - @NonNull HttpServletRequest request, - @NonNull HttpServletResponse response, - @NonNull FilterChain chain - ) throws ServletException, IOException { - - // If already authenticated, continue - if (SecurityContextHolder.getContext().getAuthentication() != null) { - chain.doFilter(request, response); - return; - } - - String token = tokenFromHeader(request); - if (token == null) token = tokenFromCookie(request, "AUTH"); - - if (token != null) { - try { - var jws = jwtService.parse(token); // validates signature + exp - var claims = jws.getPayload(); - String username = claims.getSubject(); - String jti = claims.getId(); - - if (username != null && !tokenBlacklistService.contains(jti)) { - UserDetails user = userDetailsService.loadUserByUsername(username); - if (user != null) { - UsernamePasswordAuthenticationToken auth = - new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities()); - auth.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - SecurityContextHolder.getContext().setAuthentication(auth); - } - } - } catch (Exception ignore) { - // invalid/expired/blacklisted → anonymous - } - } - - chain.doFilter(request, response); - } -} Index: c/main/java/mk/ukim/finki/synergymed/service/jwt/JwtService.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/service/jwt/JwtService.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,58 +1,0 @@ -package mk.ukim.finki.synergymed.service.jwt; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Jws; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.security.Keys; - -import javax.crypto.SecretKey; -import java.nio.charset.StandardCharsets; -import java.util.Date; -import java.util.List; -import java.util.UUID; - -@Component -public class JwtService { - private final SecretKey key; // <— SecretKey - private final long expMillis; - - public JwtService( - @Value("${security.jwt.secret:${SECURITY_JWT_SECRET:}}") String secret, - @Value("${security.jwt.exp-min:${SECURITY_JWT_EXP_MIN:60}}") long expMin - ) { - if (secret == null || secret.length() < 32) { - throw new IllegalStateException("security.jwt.secret (or env SECURITY_JWT_SECRET) must be ≥ 32 chars"); - } - this.key = Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)); - this.expMillis = expMin * 60_000; - } - - public String generate(UserDetails ud) { - Date now = new Date(); - Date exp = new Date(now.getTime() + expMillis); - List roles = ud.getAuthorities().stream() - .map(GrantedAuthority::getAuthority) - .toList(); - - return Jwts.builder() - .subject(ud.getUsername()) - .claim("roles", roles) - .id(UUID.randomUUID().toString()) - .issuedAt(now) - .expiration(exp) - .signWith(key) - .compact(); - } - - public Jws parse(String token) { - return Jwts.parser() // 0.12.x - .verifyWith(key) - .build() - .parseSignedClaims(token); - } -} Index: c/main/java/mk/ukim/finki/synergymed/service/jwt/TokenBlacklistService.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/service/jwt/TokenBlacklistService.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,26 +1,0 @@ -package mk.ukim.finki.synergymed.service.jwt; - -import lombok.RequiredArgsConstructor; -import org.springframework.data.redis.core.StringRedisTemplate; -import org.springframework.stereotype.Component; - -import java.time.Duration; - -@Component -@RequiredArgsConstructor -public class TokenBlacklistService { - - private final StringRedisTemplate redis; - - public void add(String jti, long expirationMillis) { - redis.opsForValue().set( - "blacklist:" + jti, - "revoked", - Duration.ofMillis(expirationMillis) - ); - } - - public boolean contains(String jti) { - return redis.hasKey("blacklist:" + jti); - } -} Index: src/main/java/mk/ukim/finki/synergymed/web/AllergyController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/AllergyController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/AllergyController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -6,6 +6,9 @@ import mk.ukim.finki.synergymed.models.User; import mk.ukim.finki.synergymed.repositories.MedicineRepository; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.HealthProfileService; import org.springframework.format.annotation.DateTimeFormat; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -13,5 +16,4 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes; -import jakarta.servlet.http.HttpSession; import java.time.LocalDate; import java.util.List; @@ -25,16 +27,15 @@ private final HealthProfileService healthProfileService; private final MedicineRepository medicineRepository; + private final UserRepository userRepository; + + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } @GetMapping("/manage") - public String manageAllergies(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - String username = (String) session.getAttribute("username"); + public String manageAllergies(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); - if (user == null || username == null) { - System.out.println("NO USER IN SESSION"); - return "redirect:/login"; - } - - // Check if user has a health profile Optional healthProfile = healthProfileService.getByClientId(user.getId()); if (healthProfile.isEmpty()) { @@ -43,9 +44,8 @@ } - // Get all available medicines for the dropdown List medicines = medicineRepository.findAll(); model.addAttribute("user", user); - model.addAttribute("username", username); + model.addAttribute("username", user.getUsername()); model.addAttribute("healthProfile", healthProfile.get()); model.addAttribute("medicines", medicines); @@ -55,16 +55,12 @@ @PostMapping("/add") - public String addAllergy(@RequestParam Integer medicineId, + public String addAllergy(@AuthenticationPrincipal UserDetails ud, + @RequestParam Integer medicineId, @RequestParam @DateTimeFormat(pattern = "yyyy-MM-dd") LocalDate dateDiagnosed, @RequestParam String description, @RequestParam String severity, - HttpSession session, RedirectAttributes redirectAttributes) { - User user = (User) session.getAttribute("user"); - - if (user == null) { - return "redirect:/login"; - } + User user = getCurrentUser(ud); try { Index: src/main/java/mk/ukim/finki/synergymed/web/ClientOrderController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/ClientOrderController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/ClientOrderController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -1,9 +1,11 @@ package mk.ukim.finki.synergymed.web; -import jakarta.servlet.http.HttpSession; import lombok.RequiredArgsConstructor; import mk.ukim.finki.synergymed.models.Clientorder; import mk.ukim.finki.synergymed.models.User; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.ClientOrderService; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -17,9 +19,14 @@ private final ClientOrderService orderService; + private final UserRepository userRepository; + + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } @GetMapping("/orders") - public String myOrders(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + public String myOrders(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); List orders = orderService.findAllForClient(user.getId()); model.addAttribute("orders", orders); @@ -29,8 +36,7 @@ @GetMapping("/orders/{orderId}") public String myOrderDetail(@PathVariable Integer orderId, - HttpSession session, + @AuthenticationPrincipal UserDetails ud, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + User user = getCurrentUser(ud); Clientorder order = orderService.findByIdForClient(orderId, user.getId()).orElseThrow(); model.addAttribute("order", order); Index: src/main/java/mk/ukim/finki/synergymed/web/HealthProfileController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/HealthProfileController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/HealthProfileController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -4,6 +4,9 @@ import mk.ukim.finki.synergymed.models.Client; import mk.ukim.finki.synergymed.models.User; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.ClientService; import mk.ukim.finki.synergymed.service.HealthProfileService; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -11,5 +14,4 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes; -import jakarta.servlet.http.HttpSession; import java.util.List; @@ -21,21 +23,20 @@ private final HealthProfileService healthProfileService; private final ClientService clientService; + private final UserRepository userRepository; - // TODO: 28.8.2025 Only admins can access this + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } + @GetMapping("/create") public String getCreateHealthProfilePage( @RequestParam(required = false) String searchTerm, - HttpSession session, + @AuthenticationPrincipal UserDetails ud, Model model) { - User user = (User) session.getAttribute("user"); - - if (user == null) { - return "redirect:/login"; - } - + User user = getCurrentUser(ud); model.addAttribute("user", user); - // Get clients without health profiles List clientsWithoutHealthProfile; @@ -58,14 +59,8 @@ @RequestParam Integer clientId, @RequestParam String bloodType, - HttpSession session, + @AuthenticationPrincipal UserDetails ud, RedirectAttributes redirectAttributes) { - User user = (User) session.getAttribute("user"); - - if (user == null) { - return "redirect:/login"; - } - - // TODO: Add admin role check here + User user = getCurrentUser(ud); try { @@ -78,6 +73,5 @@ return "redirect:/admin/health-profile/create"; - } - catch (Exception e) { + } catch (Exception e) { redirectAttributes.addFlashAttribute("error", "Failed to create health profile: " + e.getMessage()); return "redirect:/admin/health-profile/create"; Index: src/main/java/mk/ukim/finki/synergymed/web/LoginController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/LoginController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/LoginController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -1,66 +1,13 @@ package mk.ukim.finki.synergymed.web; -import lombok.RequiredArgsConstructor; -import mk.ukim.finki.synergymed.models.User; -import mk.ukim.finki.synergymed.repositories.UserRepository; -import mk.ukim.finki.synergymed.service.jwt.JwtService; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.*; - -import jakarta.servlet.http.HttpSession; +import org.springframework.web.bind.annotation.GetMapping; @Controller -@RequestMapping("/login") -@RequiredArgsConstructor public class LoginController { - private final AuthenticationManager authenticationManager; - private final JwtService jwtService; - private final UserRepository userRepository; - - @GetMapping + @GetMapping("/login") public String getLoginPage() { return "login"; } - - @PostMapping - public String login(@RequestParam String username, - @RequestParam String password, - HttpSession session, - Model model) { - try { - var authentication = authenticationManager.authenticate( - new UsernamePasswordAuthenticationToken(username, password) - ); - - var userDetails = (UserDetails) authentication.getPrincipal(); - String token = jwtService.generate(userDetails); - - // Fetch your custom User entity from database - User user = userRepository.findByUsername(username) - .orElseThrow(() -> new RuntimeException("User not found")); - - // Store both UserDetails and your custom User entity - session.setAttribute("jwt_token", token); - session.setAttribute("username", username); - session.setAttribute("userDetails", userDetails); // Spring Security UserDetails - session.setAttribute("user", user); // Your custom User entity - - return "redirect:/profile"; - - } catch (BadCredentialsException e) { - model.addAttribute("error", "Invalid username or password"); - model.addAttribute("username", username); - return "login"; - } catch (Exception e) { - model.addAttribute("error", "An error occurred during login"); - model.addAttribute("username", username); - return "login"; - } - } } Index: c/main/java/mk/ukim/finki/synergymed/web/LogoutController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/LogoutController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ (revision ) @@ -1,36 +1,0 @@ -package mk.ukim.finki.synergymed.web; - -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Jws; -import mk.ukim.finki.synergymed.service.jwt.JwtService; -import mk.ukim.finki.synergymed.service.jwt.TokenBlacklistService; -import org.springframework.web.bind.annotation.*; - -@RestController -@RequestMapping("/logout") -public class LogoutController { - - private final JwtService jwtService; - private final TokenBlacklistService tokenBlacklistService; - - public LogoutController(JwtService jwtService, TokenBlacklistService tokenBlacklistService) { - this.jwtService = jwtService; - this.tokenBlacklistService = tokenBlacklistService; - } - - @PostMapping() - public String logout(@RequestHeader("Authorization") String authHeader) { - if (authHeader != null && authHeader.startsWith("Bearer ")) { - String token = authHeader.substring(7); - - Jws jws = jwtService.parse(token); - Claims claims = jws.getPayload(); - - long expirationMillis = claims.getExpiration().getTime() - System.currentTimeMillis(); - if (expirationMillis > 0) { - tokenBlacklistService.add(claims.getId(), expirationMillis); - } - } - return "redirect:/login"; - } -} Index: src/main/java/mk/ukim/finki/synergymed/web/ProfileController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/ProfileController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/ProfileController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -1,12 +1,12 @@ package mk.ukim.finki.synergymed.web; -import jakarta.servlet.http.HttpSession; import lombok.RequiredArgsConstructor; -import mk.ukim.finki.synergymed.models.Client; -import mk.ukim.finki.synergymed.models.Clubcard; import mk.ukim.finki.synergymed.models.Contactinformation; import mk.ukim.finki.synergymed.models.Healthprofile; import mk.ukim.finki.synergymed.models.User; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.*; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -21,4 +21,5 @@ public class ProfileController { + private final UserRepository userRepository; private final HealthProfileService healthProfileService; private final ContactInformationService contactInformationService; @@ -27,14 +28,14 @@ private final ClientService clientService; - // NEW: Inject the ClubCardService - private final ClubCardService clubCardService; + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } @GetMapping - public String getProfilePage(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - String username = (String) session.getAttribute("username"); - if (user == null || username == null) return "redirect:/login"; + public String getProfilePage(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); model.addAttribute("user", user); - model.addAttribute("username", username); + model.addAttribute("username", user.getUsername()); try { @@ -46,22 +47,11 @@ } - // NEW: Load club card for the profile landing page - try { - Optional clubcard = clubCardService.getByClientId(user.getId()); - model.addAttribute("clubcard", clubcard.orElse(null)); - model.addAttribute("hasClubcard", clubcard.isPresent()); - } catch (Exception e) { - model.addAttribute("hasClubcard", false); - } - model.addAttribute("activeTab", "profile"); return "profile"; } - // Contact Info tab @GetMapping("/contacts") - public String profileContacts(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + public String profileContacts(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); List list = contactInformationService.listForUser(user.getId()); Contactinformation contact = list.isEmpty() ? null : list.get(0); @@ -72,20 +62,14 @@ @GetMapping("/contacts/new") - public String newProfileContact(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; - model.addAttribute("context", "profile"); - model.addAttribute("postUrl", "/profile/contacts/save"); - model.addAttribute("backUrl", "/profile/contacts"); + public String newProfileContact() { return "contact-form"; } @PostMapping("/contacts/save") - public String saveProfileContact(@RequestParam(required = false) Integer id, + public String saveProfileContact(@AuthenticationPrincipal UserDetails ud, + @RequestParam(required = false) Integer id, @RequestParam(required = false) String phone, - @RequestParam(required = false) String address, - HttpSession session) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + @RequestParam(required = false) String address) { + User user = getCurrentUser(ud); if (id == null) { contactInformationService.createForUser(user.getId(), phone, address); @@ -97,7 +81,7 @@ @PostMapping("/contacts/delete") - public String deleteProfileContact(@RequestParam Integer id, HttpSession session) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + public String deleteProfileContact(@AuthenticationPrincipal UserDetails ud, + @RequestParam Integer id) { + User user = getCurrentUser(ud); contactInformationService.deleteForUser(id, user.getId()); return "redirect:/profile/contacts"; @@ -109,8 +93,6 @@ @GetMapping("/prescriptions") - public String prescriptions(jakarta.servlet.http.HttpSession session, - org.springframework.ui.Model model) { - var user = (mk.ukim.finki.synergymed.models.User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + public String prescriptions(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); Integer clientId = user.getId(); @@ -120,5 +102,5 @@ .orElse(false); - var rx = verified ? prescriptionService.listForClient(clientId) : java.util.List.of(); + var rx = verified ? prescriptionService.listForClient(clientId) : List.of(); model.addAttribute("activeTab", "prescriptions"); @@ -128,27 +110,3 @@ return "profile-prescriptions"; } - - @GetMapping("/clubcard") - public String profileClubcard(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; - - Optional clubcard = clubCardService.getByClientId(user.getId()); - model.addAttribute("clubcard", clubcard.orElse(null)); - model.addAttribute("hasClubcard", clubcard.isPresent()); - model.addAttribute("activeTab", "clubcard"); - return "profile-clubcard"; - } - - @PostMapping("/clubcard/create") - public String createClubcard(HttpSession session) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; - - if (clubCardService.getByClientId(user.getId()).isEmpty()) { - Client client = clientService.findClientById(user.getId()); - clubCardService.createForClient(client); - } - return "redirect:/profile/clubcard"; - } } Index: src/main/java/mk/ukim/finki/synergymed/web/SensitiveClientDataController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/SensitiveClientDataController.java (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/java/mk/ukim/finki/synergymed/web/SensitiveClientDataController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -1,8 +1,10 @@ package mk.ukim.finki.synergymed.web; -import jakarta.servlet.http.HttpSession; import lombok.RequiredArgsConstructor; import mk.ukim.finki.synergymed.models.User; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.SensitiveClientDataService; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -17,9 +19,15 @@ private final SensitiveClientDataService sensitiveService; + private final UserRepository userRepository; + + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } @GetMapping("/apply") - public String applyForm(HttpSession session, Model model) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; // require login [18]. + public String applyForm(@AuthenticationPrincipal UserDetails ud, Model model) { + User user = getCurrentUser(ud); + model.addAttribute("user", user); model.addAttribute("activeTab", "prescriptions"); return "verification-apply"; @@ -29,10 +37,9 @@ public String submitApplication(@RequestParam String embg, @RequestParam("portrait") MultipartFile portrait, - HttpSession session, + @AuthenticationPrincipal UserDetails ud, RedirectAttributes ra) { - User user = (User) session.getAttribute("user"); - if (user == null) return "redirect:/login"; + User user = getCurrentUser(ud); try { - sensitiveService.applyOrUpdate(user.getId(), embg, portrait); // single-row upsert [13]. + sensitiveService.applyOrUpdate(user.getId(), embg, portrait); ra.addFlashAttribute("message", "Application submitted. Verification is now pending."); } catch (Exception e) { Index: src/main/resources/application.properties =================================================================== --- src/main/resources/application.properties (revision ac37cef6bb4b48a8e9af88acbdc4a18271b99765) +++ src/main/resources/application.properties (revision 1e83903858d92fd2130099183ec5de38a340107e) @@ -8,22 +8,4 @@ spring.datasource.driver-class-name=org.postgresql.Driver -# ========================== -# Redis connection -# ========================== -spring.data.redis.host=localhost -spring.data.redis.port=6379 -# spring.data.redis.password=yourStrongPassword # only if configured - -# Logical DB index -spring.data.redis.database=0 - -# Connection timeout (must be a duration, not raw ms) -spring.data.redis.timeout=60s - -# ========================== -# JWT (inject into @Value) -# ========================== -security.jwt.secret=ThisIsASuperSecretJwtKeyWith32CharsOrMore! -security.jwt.exp-min=15 spring.datasource.hikari.maximum-pool-size=5