AUTHORIZATION WORK!

2025-02-19 18:14:48 +03:00 · 2025-02-19 18:14:48 +03:00 · 5ee0e95aef
commit 5ee0e95aef
parent 2fa38e14ca
6 changed files with 153 additions and 21 deletions
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@ -4,11 +4,13 @@
    <option name="autoReloadType" value="SELECTIVE" />
  </component>
  <component name="ChangeListManager">
-    <list default="true" id="067ac1f0-be04-4fe4-85c6-f870334053b8" name="Changes" comment="websecurity configs">
+    <list default="true" id="067ac1f0-be04-4fe4-85c6-f870334053b8" name="Changes" comment="промежуточные итоги :skull:">
+      <change afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Employee.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Employee.java" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/src/main/resources/data.sql" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/resources/data.sql" afterDir="false" />
    </list>
    <option name="SHOW_DIALOG" value="false" />
    <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -49,6 +51,11 @@
    "settings.editor.selected.configurable": "MavenSettings"
  }
 }]]></component>
+  <component name="RecentsManager">
+    <key name="CreateClassDialog.RecentsKey">
+      <recent name="com.example.nto.controller" />
+    </key>
+  </component>
  <component name="RunManager">
    <configuration name="App" type="Application" factoryName="Application" temporary="true">
      <option name="MAIN_CLASS_NAME" value="com.example.nto.App" />
@ -129,7 +136,15 @@
      <option name="project" value="LOCAL" />
      <updated>1739967506973</updated>
    </task>
-    <option name="localTasksCounter" value="6" />
+    <task id="LOCAL-00006" summary="промежуточные итоги :skull:">
+      <option name="closed" value="true" />
+      <created>1739968326971</created>
+      <option name="number" value="00006" />
+      <option name="presentableId" value="LOCAL-00006" />
+      <option name="project" value="LOCAL" />
+      <updated>1739968326971</updated>
+    </task>
+    <option name="localTasksCounter" value="7" />
    <servers />
  </component>
  <component name="VcsManagerConfiguration">
@ -138,17 +153,12 @@
    <MESSAGE value="setup web security" />
    <MESSAGE value="migrate to postgres" />
    <MESSAGE value="websecurity configs" />
-    <option name="LAST_COMMIT_MESSAGE" value="websecurity configs" />
+    <MESSAGE value="промежуточные итоги :skull:" />
+    <option name="LAST_COMMIT_MESSAGE" value="промежуточные итоги :skull:" />
  </component>
  <component name="XDebuggerManager">
    <breakpoint-manager>
      <breakpoints>
-        <line-breakpoint enabled="true" type="java-field">
-          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java</url>
-          <line>20</line>
-          <properties field="id" class="com.example.nto.entity.Code" />
-          <option name="timeStamp" value="4" />
-        </line-breakpoint>
        <line-breakpoint enabled="true" type="java-line">
          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/EmployeeController.java</url>
          <line>29</line>
@ -160,9 +170,44 @@
          <option name="timeStamp" value="7" />
        </line-breakpoint>
        <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java</url>
-          <line>39</line>
-          <option name="timeStamp" value="13" />
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>49</line>
+          <option name="timeStamp" value="25" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>57</line>
+          <option name="timeStamp" value="26" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>50</line>
+          <option name="timeStamp" value="30" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>52</line>
+          <option name="timeStamp" value="31" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>53</line>
+          <option name="timeStamp" value="34" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>54</line>
+          <option name="timeStamp" value="35" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>55</line>
+          <option name="timeStamp" value="36" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>56</line>
+          <option name="timeStamp" value="37" />
        </line-breakpoint>
      </breakpoints>
    </breakpoint-manager>
--- a/src/main/java/com/example/nto/controller/AuthController.java
+++ b/src/main/java/com/example/nto/controller/AuthController.java
@ -1,10 +1,63 @@
 package com.example.nto.controller;

-import org.springframework.web.bind.annotation.RestController;
+import lombok.AllArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;

@RestController
 public class AuthController {
-//    @PostMapping("/api/login/")
-//    public ResponseEntity<?> login() {}

+    @AllArgsConstructor
+    private static class LoginBody {
+        private String login;
+        private String password;
+
+        public String getPassword() {
+            return password;
        }
+
+        public void setPassword(String password) {
+            this.password = password;
+        }
+
+        public String getLogin() {
+            return login;
+        }
+
+        public void setLogin(String login) {
+            this.login = login;
+        }
+    }
+
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    /*
+    Эндпоинт авторизации, кинь сюда логин и пароль, и возможно я дам тебе возможность авторизоваться.
+     */
+    @PostMapping("/api/login/")
+    private ResponseEntity<String> login(HttpServletRequest request, @RequestBody LoginBody loginBody) { //, @RequestParam String login, @RequestParam String password) {
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
+                loginBody.getLogin(), loginBody.getPassword());
+        Authentication authentication = authenticationManager.authenticate(authRequest);
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        securityContext.setAuthentication(authentication);
+        HttpSession session = request.getSession(true);
+        session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
+        return ResponseEntity.status(HttpStatus.OK).build();
+    }
+}
+
--- a/src/main/java/com/example/nto/entity/Code.java
+++ b/src/main/java/com/example/nto/entity/Code.java
@ -5,16 +5,14 @@ import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;

-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
+import javax.persistence.*;

@Entity
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
+@Table(name = "code")
 public class Code {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
--- a/src/main/java/com/example/nto/entity/Employee.java
+++ b/src/main/java/com/example/nto/entity/Employee.java
@ -18,6 +18,7 @@ import java.util.List;
@Builder
@NoArgsConstructor
@AllArgsConstructor
+@Table(name = "employee")
 public class Employee {

    @Id
--- a/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java
+++ b/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java
@ -0,0 +1,22 @@
+package com.example.nto.service.impl;
+
+import com.example.nto.entity.Employee;
+import com.example.nto.repository.EmployeeRepository;
+import com.example.nto.websecurity.CustomUserDetails;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+
+    @Autowired
+    private EmployeeRepository repository;
+
+    @Override
+    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
+        Employee employee = repository.findByLogin(s).orElseThrow(() -> new UsernameNotFoundException(s));
+        return new CustomUserDetails(employee);
+    }
+}
--- a/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
+++ b/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
@ -3,8 +3,11 @@ package com.example.nto.websecurity;
 import com.example.nto.entity.Employee;
 import com.example.nto.repository.EmployeeRepository;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.sql.init.dependency.DependsOnDatabaseInitialization;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -25,7 +28,14 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private EmployeeRepository employeeRepository;

+    @Override
    @Bean
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Bean
+    @DependsOnDatabaseInitialization
    public UserDetailsService userDetailsService() {
        List<Employee> employees = employeeRepository.findAll();
        InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
@ -64,7 +74,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests()
+        http
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/api/login/").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin().permitAll()