s b security for admin panel

2025-02-19 14:28:01 +03:00 · 2025-02-19 14:28:01 +03:00 · f13c0767c7
commit f13c0767c7
parent 7b4e949563
2 changed files with 38 additions and 72 deletions
--- a/pom.xml
+++ b/pom.xml
@ -52,6 +52,10 @@
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
    </dependencies>

 </project>
--- a/src/main/java/com/example/nto/controller/EmployeeController.java
+++ b/src/main/java/com/example/nto/controller/EmployeeController.java
@ -9,75 +9,18 @@ import org.springframework.web.bind.annotation.*;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-//я поменял на BAD_REQUEST 06.12.24 23:00

@RestController
-@RequestMapping("/api")//база
+@RequestMapping("/api") // база
 public class EmployeeController {
+
    private final EmployeeService employeeService;

    public EmployeeController(EmployeeService employeeService) {
-
        this.employeeService = employeeService;
-
-
    }

-
-    @GetMapping("/{login}/auth")//auth
-    public ResponseEntity<?> authenticate(@PathVariable String login) {
-        Optional<Employee> employee = employeeService.findByLogin(login);
-        if (employee.isPresent()) {
-            return ResponseEntity.ok("Valid login");
-
-
-        } else {
-            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid login");
-
-        }
-
-    }
-
-    @GetMapping("/{login}/info")//info
-    public ResponseEntity<?> getInfo(@PathVariable String login) {
-        Optional<Employee> employee = employeeService.findByLogin(login);
-        if (employee.isPresent()) {
-            return ResponseEntity.ok(employee.get());
-
-        } else {
-            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid login");
-
-        }
-    }
-
-
-
-    @PatchMapping("/{login}/open")//open
-    public ResponseEntity<?> openDoor(@PathVariable String login, @RequestBody Map<String, Long> payload) {
-        Long code = payload.get("value");
-        if (code == null) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid payload");
-
-        }
-
-
-
-        Optional<Employee> employee = employeeService.findByLogin(login);
-        if (employee.isEmpty()) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid login");
-
-        }
-
-
-
-        if (employeeService.validateCode(login, code)) {
-            return ResponseEntity.ok("Door opened");
-
-        } else {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid code");
-        }
-    }
-    @PostMapping("/auth") // auth
+    @PostMapping("/auth") // Аутентификация
    public ResponseEntity<?> authenticate(@RequestBody Map<String, String> payload) {
        String login = payload.get("login");
        String password = payload.get("password");
@ -90,20 +33,39 @@ public class EmployeeController {
        }
    }

-    @PostMapping("/workers")
-    public ResponseEntity<?> getAllWorkers(@RequestBody Map<String, String> payload) {
-        String login = payload.get("login");
-        String password = payload.get("password");
-
+    @GetMapping("/{login}/info") // Получение информации о сотруднике
+    public ResponseEntity<?> getInfo(@PathVariable String login) {
        Optional<Employee> employee = employeeService.findByLogin(login);
-
-        if (employee.isPresent() && employee.get().getPassword().equals(password) && employee.get().getRole().equals("admin")) {
-            List<Employee> allEmployees = employeeService.findAll(); // Получить всех сотрудников
-            return ResponseEntity.ok(allEmployees);
+        if (employee.isPresent()) {
+            return ResponseEntity.ok(employee.get());
        } else {
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Access denied");
+            return ResponseEntity.status(HttpStatus.NOT_FOUND).body("Employee not found");
        }
    }

-}
-// made by truettwo and maks ))
+    @PatchMapping("/{login}/open") // Открыть дверь
+    public ResponseEntity<?> openDoor(@PathVariable String login, @RequestBody Map<String, Long> payload) {
+        Long code = payload.get("value");
+
+        if (code == null) {
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid payload");
+        }
+
+        Optional<Employee> employee = employeeService.findByLogin(login);
+        if (employee.isEmpty()) {
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid login");
+        }
+
+        if (employeeService.validateCode(login, code)) {
+            return ResponseEntity.ok("Door opened");
+        } else {
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid code");
+        }
+    }
+
+    @GetMapping("/workers") // Получить всех сотрудников
+    public ResponseEntity<List<Employee>> getAllWorkers() {
+        List<Employee> allEmployees = employeeService.findAll(); // Получить всех сотрудников
+        return ResponseEntity.ok(allEmployees);
+    }
+}