Index: src/main/java/mk/ukim/finki/synergymed/web/PaymentController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/PaymentController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) +++ src/main/java/mk/ukim/finki/synergymed/web/PaymentController.java (revision 4a13d3697c3ba6d6f9a3ba0b950be96fcb733345) @@ -1,5 +1,4 @@ package mk.ukim.finki.synergymed.web; -import jakarta.servlet.http.HttpSession; import lombok.RequiredArgsConstructor; import mk.ukim.finki.synergymed.models.Client; @@ -7,4 +6,5 @@ import mk.ukim.finki.synergymed.models.Shoppingcart; import mk.ukim.finki.synergymed.models.User; +import mk.ukim.finki.synergymed.repositories.UserRepository; import mk.ukim.finki.synergymed.service.ClientService; import mk.ukim.finki.synergymed.service.ClubCardService; @@ -13,4 +13,6 @@ import mk.ukim.finki.synergymed.service.PaymentService; import mk.ukim.finki.synergymed.service.ShoppingCartService; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -29,21 +31,28 @@ private final DeliveryCompanyService deliveryCompanyService; private final ClientService clientService; - private final ClubCardService clubCardService; // NEW + private final UserRepository userRepository; // from repo auth + private final ClubCardService clubCardService; // from local logic + + private User getCurrentUser(UserDetails ud) { + return userRepository.findByUsername(ud.getUsername()) + .orElseThrow(() -> new RuntimeException("User not found: " + ud.getUsername())); + } @GetMapping - public String getPaymentPage(@RequestParam(name="useCard", defaultValue="false") boolean useCard, - Model model, HttpSession session) { - model.addAttribute("methods", paymentMethodService.findAll()); - model.addAttribute("deliveryCompanies", deliveryCompanyService.findAll()); - - Client client = getClientFromSession(session); + public String getPaymentPage(@RequestParam(name = "useCard", defaultValue = "false") boolean useCard, + @AuthenticationPrincipal UserDetails ud, + Model model) { + // Resolve current user/client using repo auth strategy + User user = getCurrentUser(ud); + Client client = clientService.findClientById(user.getId()); Shoppingcart cart = shoppingCartService.getOrCreateCart(client); + // Local discount logic with club card int base = shoppingCartService.getTotal(cart).intValue(); int discount = 0; if (useCard) { - var card = clubCardService.getByClientId(client.getId()); - if (card.isPresent()) { - Integer pts = card.get().getPoints(); + var cardOpt = clubCardService.getByClientId(client.getId()); + if (cardOpt.isPresent()) { + Integer pts = cardOpt.get().getPoints(); int points = pts == null ? 0 : pts; discount = Math.min(points / 2, base); @@ -52,32 +61,31 @@ int shown = Math.max(0, base - discount); + model.addAttribute("methods", paymentMethodService.findAll()); + model.addAttribute("deliveryCompanies", deliveryCompanyService.findAll()); model.addAttribute("total", BigDecimal.valueOf(shown)); model.addAttribute("discount", discount); model.addAttribute("useCard", useCard); - model.addAttribute("username", session.getAttribute("username")); + model.addAttribute("username", ud.getUsername()); return "payment"; } @PostMapping - public String processPayment(@RequestParam Integer paymentMethodId, + public String processPayment(@AuthenticationPrincipal UserDetails ud, + @RequestParam Integer paymentMethodId, @RequestParam Integer deliveryCompanyId, - @RequestParam(name="useCard", defaultValue="false") boolean useCard, - HttpSession session, Model model) { - Client client = getClientFromSession(session); + @RequestParam(name = "useCard", defaultValue = "false") boolean useCard, + Model model) { + // Resolve current user/client using repo auth strategy + User user = getCurrentUser(ud); + Client client = clientService.findClientById(user.getId()); Shoppingcart cart = shoppingCartService.getOrCreateCart(client); + + // Pass useCard through to service as in local logic Clientorder order = paymentService.checkout(client, cart, paymentMethodId, deliveryCompanyId, useCard); + model.addAttribute("order", order); model.addAttribute("payment", order.getPayment()); - model.addAttribute("username", session.getAttribute("username")); + model.addAttribute("username", ud.getUsername()); return "payment-success"; } - - private Client getClientFromSession(HttpSession session) { - User user = (User) session.getAttribute("user"); - String username = (String) session.getAttribute("username"); - if (user == null || username == null) { - throw new IllegalStateException("No user in session. Please login first."); - } - return clientService.findClientById(user.getId()); - } } Index: src/main/java/mk/ukim/finki/synergymed/web/ShoppingCartController.java =================================================================== --- src/main/java/mk/ukim/finki/synergymed/web/ShoppingCartController.java (revision 1e83903858d92fd2130099183ec5de38a340107e) +++ src/main/java/mk/ukim/finki/synergymed/web/ShoppingCartController.java (revision 4a13d3697c3ba6d6f9a3ba0b950be96fcb733345) @@ -1,5 +1,4 @@ package mk.ukim.finki.synergymed.web; -import jakarta.servlet.http.HttpSession; import lombok.RequiredArgsConstructor; import mk.ukim.finki.synergymed.models.Brandedmedicine; @@ -11,5 +10,8 @@ import mk.ukim.finki.synergymed.service.BrandedMedicineService; import mk.ukim.finki.synergymed.service.ShoppingCartService; -import mk.ukim.finki.synergymed.service.ClubCardService; // NEW +import mk.ukim.finki.synergymed.service.ClubCardService; + +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -27,9 +29,26 @@ private final ClubCardService clubCardService; + private Client getClient(@AuthenticationPrincipal UserDetails ud) { + User user = clientRepository.findByUsersUsername(ud.getUsername()) + .map(Client::getUsers) + .orElseThrow(() -> new IllegalStateException("Client not found for user " + ud.getUsername())); + return clientRepository.findByUsers(user) + .orElseThrow(() -> new IllegalStateException("Client not found for user " + ud.getUsername())); + } + + private Shoppingcart getOrCreateCart(Client client) { + return shoppingcartRepository.findByClient(client) + .orElseGet(() -> { + Shoppingcart cart = new Shoppingcart(); + cart.setClient(client); + return shoppingcartRepository.save(cart); + }); + } + @PostMapping("/add/{medicineId}") public String addToCart(@PathVariable Integer medicineId, @RequestParam(defaultValue = "1") int quantity, - HttpSession session) { - Client client = getClientFromSession(session); + @AuthenticationPrincipal UserDetails ud) { + Client client = getClient(ud); Shoppingcart cart = getOrCreateCart(client); @@ -42,6 +61,7 @@ @PostMapping("/plus/{medicineId}") - public String increaseQuantity(@PathVariable Integer medicineId, HttpSession session) { - Client client = getClientFromSession(session); + public String increaseQuantity(@PathVariable Integer medicineId, + @AuthenticationPrincipal UserDetails ud) { + Client client = getClient(ud); Shoppingcart cart = getOrCreateCart(client); @@ -54,6 +74,7 @@ @PostMapping("/minus/{medicineId}") - public String decreaseQuantity(@PathVariable Integer medicineId, HttpSession session) { - Client client = getClientFromSession(session); + public String decreaseQuantity(@PathVariable Integer medicineId, + @AuthenticationPrincipal UserDetails ud) { + Client client = getClient(ud); Shoppingcart cart = getOrCreateCart(client); @@ -66,6 +87,7 @@ @PostMapping("/remove/{medicineId}") - public String removeFromCart(@PathVariable Integer medicineId, HttpSession session) { - Client client = getClientFromSession(session); + public String removeFromCart(@PathVariable Integer medicineId, + @AuthenticationPrincipal UserDetails ud) { + Client client = getClient(ud); Shoppingcart cart = getOrCreateCart(client); @@ -78,12 +100,12 @@ @GetMapping - public String showCart(Model model, HttpSession session) { - Client client = getClientFromSession(session); + public String showCart(Model model, + @AuthenticationPrincipal UserDetails ud) { + Client client = getClient(ud); Shoppingcart cart = getOrCreateCart(client); model.addAttribute("items", shoppingCartService.getMedicinesInCart(cart)); model.addAttribute("total", shoppingCartService.getTotal(cart)); - model.addAttribute("username", session.getAttribute("username")); - // Images not yet available as per original TODO + model.addAttribute("username", ud.getUsername()); model.addAttribute("firstImageById", null); @@ -93,24 +115,3 @@ return "cart"; } - - private Client getClientFromSession(HttpSession session) { - User user = (User) session.getAttribute("user"); - String username = (String) session.getAttribute("username"); - - if (user == null || username == null) { - throw new IllegalStateException("No user in session. Please login first."); - } - - return clientRepository.findByUsers(user) - .orElseThrow(() -> new IllegalStateException("Client not found for user " + username)); - } - - private Shoppingcart getOrCreateCart(Client client) { - return shoppingcartRepository.findByClient(client) - .orElseGet(() -> { - Shoppingcart cart = new Shoppingcart(); - cart.setClient(client); - return shoppingcartRepository.save(cart); - }); - } }