pu pu pu

src/main/java/com/example/nto/config/SecurityConfig.java

@@ -13,6 +13,7 @@ import org.springframework.security.config.annotation.web.configurers.AbstractAu
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@@ -27,8 +28,7 @@ public class SecurityConfig {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         return http.csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(auth -> auth.requestMatchers(new AntPathRequestMatcher("/api/login")).permitAll()
+                .authorizeHttpRequests(auth -> auth.requestMatchers(new AntPathRequestMatcher("/api/auth")).permitAll().anyRequest().authenticated())
-                        .requestMatchers(new AntPathRequestMatcher("/api/**")).authenticated())
                 .formLogin(AbstractAuthenticationFilterConfigurer::permitAll)
                 .getOrBuild();
     }

src/main/java/com/example/nto/controller/AuthController.java

@@ -1,21 +0,0 @@
-package com.example.nto.controller;
-
-import com.example.nto.model.dto.AuthCredentials;
-import com.example.nto.service.AuthService;
-import lombok.RequiredArgsConstructor;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
-
-@RestController
-@RequiredArgsConstructor
-@RequestMapping("/api")
-public class AuthController {
-    private final AuthService authService;
-
-    @PostMapping("/auth")
-    public void auth(@RequestParam final AuthCredentials authCredentials) {
-        authService.auth(authCredentials);
-    }
-}

src/main/java/com/example/nto/controller/EmployeeController.java

@@ -14,13 +14,17 @@ public class EmployeeController {
 
     private final EmployeeService employeeService;
 
-//    @PreAuthorize("hasAuthority('User', 'Admin')")
+    @GetMapping("/auth")
+    public void EmployeeExists(@RequestParam final String login) {
+        employeeService.employeeExists(login);
+    }
+//    @PreAuthorize("hasAuthority('ROLE_ADMIN')")
     @GetMapping("/info")
     public Employee info(@RequestParam final String login) {
         return employeeService.getEmployee(login);
     }
 
-//    @PreAuthorize("hasAuthority('User', 'Admin')")
+//    @PreAuthorize("hasAuthority('ROLE_USER', 'ROLE_ADMIN')")
     @PatchMapping("/open")
     public void open(@RequestParam final String login, @RequestBody final Code code) {
         employeeService.updateVisit(login, code.getValue());

src/main/java/com/example/nto/service/AuthService.java

@@ -1,7 +0,0 @@
-package com.example.nto.service;
-
-import com.example.nto.model.dto.AuthCredentials;
-
-public interface AuthService {
-    void auth(AuthCredentials authCredentials);
-}

src/main/java/com/example/nto/service/EmployeeService.java

@@ -5,6 +5,8 @@ import org.springframework.security.core.userdetails.UserDetails;
 
 public interface EmployeeService {
 
+    void employeeExists(final String login);
+
     Employee getEmployee(String login);
 
     void updateVisit(String login, long value);

src/main/java/com/example/nto/service/impl/AuthServiceImpl.java

@@ -1,21 +0,0 @@
-package com.example.nto.service.impl;
-
-import com.example.nto.model.dto.AuthCredentials;
-import com.example.nto.model.entity.Employee;
-import com.example.nto.service.AuthService;
-import com.example.nto.service.EmployeeCredentialsService;
-import lombok.RequiredArgsConstructor;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.stereotype.Service;
-
-@Service
-@RequiredArgsConstructor
-public class AuthServiceImpl implements AuthService {
-
-    private final AuthenticationManager authenticationManager;
-
-    public void auth(AuthCredentials authCredentials) {
-        authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(authCredentials.getLogin(), authCredentials.getPassword()));
-    }
-}

src/main/java/com/example/nto/service/impl/EmployeeCredentialsServiceImpl.java

@@ -10,6 +10,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 @Service
 public class EmployeeCredentialsServiceImpl implements EmployeeCredentialsService, UserDetailsService {

src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java

@@ -13,6 +13,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
@@ -28,8 +29,17 @@ public class EmployeeServiceImpl implements EmployeeService {
 
     private final CodeRepository codeRepository;
 
+    @Override
+    public void employeeExists(final String login) {
+        if (!employeeRepository.existsByLogin(login)) {
+            throw new EmployeeNotFoundException();
+        }
+    }
+
     @Override
     public Employee getEmployee(final String login) {
+        var encoder = new BCryptPasswordEncoder();
+        System.out.println(encoder.encode("nigger"));
         if (!employeeRepository.existsByLogin(login)) {
             throw new EmployeeNotFoundException();
         }

src/main/resources/data.sql

@@ -1,9 +1,9 @@
-INSERT INTO employee (id, login, name, photo, position, last_visit, role)
+INSERT INTO employee (id, login, password, name, photo, position, last_visit, role)
 VALUES
-(1, 'pivanov', 'Иванов Петр Федорович', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Разработчик', '2024-02-12T08:30', 'USER'),
+(1, 'pivanov', '$2a$10$ciGeZy83rnnmeVDJylnAAuqg2z3ZfXNIS.8PYwRQdPrbguAybtUbe', 'Иванов Петр Федорович', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Разработчик', '2024-02-12T08:30', 'USER'),
-(2, 'ipetrov', 'Петров Иван Константинович', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Аналитик', '2024-02-13T08:35', 'ADMIN'),
+(2, 'ipetrov', 'cringe', 'Петров Иван Константинович', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Аналитик', '2024-02-13T08:35', 'ADMIN'),
-(3, 'asemenov', 'Семенов Анатолий Анатольевич', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Разработчик', '2024-02-13T08:31', 'USER'),
+(3, 'asemenov', 'pupupu', 'Семенов Анатолий Анатольевич', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Разработчик', '2024-02-13T08:31', 'USER'),
-(4, 'afedorov', 'Федоров Александр Сергеевич', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Тестировщик', '2024-02-12T08:36', 'USER');
+(4, 'afedorov', '$2a$10$4tbL.Kp1e4TB1Luq86hzAeAdDgBLoqH3Kh0GaR5RmkNni5lzre3oO', 'Федоров Александр Сергеевич', 'https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg', 'Тестировщик', '2024-02-12T08:36', 'USER');
 
 INSERT INTO code (value)
 VALUES