TheDevs/TheDevs-Back
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

s b security for admin panel

Browse Source
This commit is contained in:
truettwo 2025-02-19 14:28:01 +03:00
parent 7b4e949563
commit f13c0767c7
2 changed files with 38 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pom.xml
View File

@ -52,6 +52,10 @@
<artifactId>spring-boot-starter-test</artifactId> <artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>

104
src/main/java/com/example/nto/controller/EmployeeController.java
View File

@ -9,75 +9,18 @@ import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Optional; import java.util.Optional;
//я поменял на BAD_REQUEST 06.12.24 23:00
@RestController @RestController
@RequestMapping("/api")//база @RequestMapping("/api") // база
public class EmployeeController { public class EmployeeController {
private final EmployeeService employeeService; private final EmployeeService employeeService;
public EmployeeController(EmployeeService employeeService) { public EmployeeController(EmployeeService employeeService) {
this.employeeService = employeeService; this.employeeService = employeeService;
} }
@PostMapping("/auth") // Аутентификация
@GetMapping("/{login}/auth")//auth
public ResponseEntity<?> authenticate(@PathVariable String login) {
Optional<Employee> employee = employeeService.findByLogin(login);
if (employee.isPresent()) {
return ResponseEntity.ok("Valid login");
} else {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid login");
}
}
@GetMapping("/{login}/info")//info
public ResponseEntity<?> getInfo(@PathVariable String login) {
Optional<Employee> employee = employeeService.findByLogin(login);
if (employee.isPresent()) {
return ResponseEntity.ok(employee.get());
} else {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid login");
}
}
@PatchMapping("/{login}/open")//open
public ResponseEntity<?> openDoor(@PathVariable String login, @RequestBody Map<String, Long> payload) {
Long code = payload.get("value");
if (code == null) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid payload");
}
Optional<Employee> employee = employeeService.findByLogin(login);
if (employee.isEmpty()) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid login");
}
if (employeeService.validateCode(login, code)) {
return ResponseEntity.ok("Door opened");
} else {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid code");
}
}
@PostMapping("/auth") // auth
public ResponseEntity<?> authenticate(@RequestBody Map<String, String> payload) { public ResponseEntity<?> authenticate(@RequestBody Map<String, String> payload) {
String login = payload.get("login"); String login = payload.get("login");
String password = payload.get("password"); String password = payload.get("password");
@ -90,20 +33,39 @@ public class EmployeeController {
} }
} }
@PostMapping("/workers") @GetMapping("/{login}/info") // Получение информации о сотруднике
public ResponseEntity<?> getAllWorkers(@RequestBody Map<String, String> payload) { public ResponseEntity<?> getInfo(@PathVariable String login) {
String login = payload.get("login");
String password = payload.get("password");
Optional<Employee> employee = employeeService.findByLogin(login); Optional<Employee> employee = employeeService.findByLogin(login);
if (employee.isPresent()) {
if (employee.isPresent() && employee.get().getPassword().equals(password) && employee.get().getRole().equals("admin")) { return ResponseEntity.ok(employee.get());
List<Employee> allEmployees = employeeService.findAll(); // Получить всех сотрудников
return ResponseEntity.ok(allEmployees);
} else { } else {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Access denied"); return ResponseEntity.status(HttpStatus.NOT_FOUND).body("Employee not found");
} }
} }
@PatchMapping("/{login}/open") // Открыть дверь
public ResponseEntity<?> openDoor(@PathVariable String login, @RequestBody Map<String, Long> payload) {
Long code = payload.get("value");
if (code == null) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid payload");
}
Optional<Employee> employee = employeeService.findByLogin(login);
if (employee.isEmpty()) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid login");
}
if (employeeService.validateCode(login, code)) {
return ResponseEntity.ok("Door opened");
} else {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid code");
}
}
@GetMapping("/workers") // Получить всех сотрудников
public ResponseEntity<List<Employee>> getAllWorkers() {
List<Employee> allEmployees = employeeService.findAll(); // Получить всех сотрудников
return ResponseEntity.ok(allEmployees);
}
} }
// made by truettwo and maks ))