Java-SpringBoot
diff --git a/‎pom.xml
Lines changed: 17 additions & 0 deletions b/‎pom.xml
Lines changed: 17 additions & 0 deletions
diff --git a/‎src/main/java/com/baghaniya/springsecurity/config/SecurityConfig.java
Lines changed: 96 additions & 1 deletion b/‎src/main/java/com/baghaniya/springsecurity/config/SecurityConfig.java
Lines changed: 96 additions & 1 deletion
diff --git a/‎src/main/java/com/baghaniya/springsecurity/config/WebMvcConfig.java
Lines changed: 15 additions & 0 deletions b/‎src/main/java/com/baghaniya/springsecurity/config/WebMvcConfig.java
Lines changed: 15 additions & 0 deletions
diff --git a/‎src/main/java/com/baghaniya/springsecurity/controller/AuthController.java
Lines changed: 101 additions & 0 deletions b/‎src/main/java/com/baghaniya/springsecurity/controller/AuthController.java
Lines changed: 101 additions & 0 deletions
diff --git a/‎src/main/java/com/baghaniya/springsecurity/controller/UserController.java
Lines changed: 81 additions & 0 deletions b/‎src/main/java/com/baghaniya/springsecurity/controller/UserController.java
Lines changed: 81 additions & 0 deletions
diff --git a/‎src/main/java/com/baghaniya/springsecurity/exception/AppException.java
Lines changed: 18 additions & 0 deletions b/‎src/main/java/com/baghaniya/springsecurity/exception/AppException.java
Lines changed: 18 additions & 0 deletions
diff --git a/‎src/main/java/com/baghaniya/springsecurity/exception/BadRequestException.java
Lines changed: 19 additions & 0 deletions b/‎src/main/java/com/baghaniya/springsecurity/exception/BadRequestException.java
Lines changed: 19 additions & 0 deletions
@@ -29,6 +29,23 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.2</version>
+		</dependency>
+
 	</dependencies>
 
 	<build>
 
@@ -1,7 +1,102 @@
 package com.baghaniya.springsecurity.config;
 
+import com.baghaniya.springsecurity.security.JwtAuthenticationEntryPoint;
+import com.baghaniya.springsecurity.security.JwtAuthenticationFilter;
+import com.baghaniya.springsecurity.security.UserDetailsServiceImpl;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.BeanIds;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
 /**
  * Created by RAHUL on Jul, 2018
  */
-public class SecurityConfig {
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(
+        securedEnabled = true,
+        prePostEnabled = true
+)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    UserDetailsServiceImpl userDetailsService;
+
+    @Autowired
+    private JwtAuthenticationEntryPoint unauthorizedHandler;
+
+    @Bean
+    public JwtAuthenticationFilter jwtAuthenticationFilter() {
+        return new JwtAuthenticationFilter();
+    }
+
+    @Override
+    public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
+        authenticationManagerBuilder
+                .userDetailsService(userDetailsService)
+                .passwordEncoder(passwordEncoder());
+    }
+
+    @Bean(BeanIds.AUTHENTICATION_MANAGER)
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .cors()
+                .and()
+                .csrf()
+                .disable()
+                .exceptionHandling()
+                .authenticationEntryPoint(unauthorizedHandler)
+                .and()
+                .sessionManagement()
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                .authorizeRequests()
+                .antMatchers("/",
+                        "/favicon.ico",
+                        "/**/*.png",
+                        "/**/*.gif",
+                        "/**/*.svg",
+                        "/**/*.jpg",
+                        "/**/*.html",
+                        "/**/*.css",
+                        "/**/*.js")
+                .permitAll()
+                .antMatchers("/api/auth/**")
+                .permitAll()
+                .antMatchers("/api/user/checkUsernameAvailability", "/api/user/checkEmailAvailability")
+                .permitAll()
+                .antMatchers(HttpMethod.GET, "/api/polls/**", "/api/users/**")
+                .permitAll()
+                .antMatchers("/h2/**")
+                .permitAll()
+                .anyRequest()
+                .authenticated();
+
+        // Add our custom JWT security filter
+        http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
+
+    }
 }
@@ -0,0 +1,15 @@
+package com.baghaniya.springsecurity.config;
+
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * Created by RAHUL on Jul, 2018
+ */
+public class WebMvcConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**");
+    }
+}
@@ -0,0 +1,101 @@
+package com.baghaniya.springsecurity.controller;
+
+import com.baghaniya.springsecurity.exception.AppException;
+import com.baghaniya.springsecurity.model.Role;
+import com.baghaniya.springsecurity.model.RoleName;
+import com.baghaniya.springsecurity.model.User;
+import com.baghaniya.springsecurity.payload.ApiResponse;
+import com.baghaniya.springsecurity.payload.JwtAuthenticationResponse;
+import com.baghaniya.springsecurity.payload.LoginRequest;
+import com.baghaniya.springsecurity.payload.SignUpRequest;
+import com.baghaniya.springsecurity.repository.RoleRepository;
+import com.baghaniya.springsecurity.repository.UserRepository;
+import com.baghaniya.springsecurity.security.JwtTokenProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+
+import javax.validation.Valid;
+import java.net.URI;
+import java.util.Collections;
+
+/**
+ * Created by RAHUL on Jul, 2018
+ */
+@RestController
+@RequestMapping("/api/auth")
+public class AuthController {
+
+    @Autowired
+    AuthenticationManager authenticationManager;
+
+    @Autowired
+    UserRepository userRepository;
+
+    @Autowired
+    RoleRepository roleRepository;
+
+    @Autowired
+    PasswordEncoder passwordEncoder;
+
+    @Autowired
+    JwtTokenProvider tokenProvider;
+
+    @PostMapping("/signin")
+    public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest loginRequest) {
+
+        Authentication authentication = authenticationManager.authenticate(
+                new UsernamePasswordAuthenticationToken(
+                        loginRequest.getUsernameOrEmail(),
+                        loginRequest.getPassword()
+                )
+        );
+
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+
+        String jwt = tokenProvider.generateToken(authentication);
+        return ResponseEntity.ok(new JwtAuthenticationResponse(jwt));
+    }
+
+    @PostMapping("/signup")
+    public ResponseEntity<?> registerUser(@Valid @RequestBody SignUpRequest signUpRequest) {
+        if(userRepository.existsByUsername(signUpRequest.getUsername())) {
+            return new ResponseEntity(new ApiResponse(false, "Username is already taken!"),
+                    HttpStatus.BAD_REQUEST);
+        }
+
+        if(userRepository.existsByEmail(signUpRequest.getEmail())) {
+            return new ResponseEntity(new ApiResponse(false, "Email Address already in use!"),
+                    HttpStatus.BAD_REQUEST);
+        }
+
+        // Creating user's account
+        User user = new User(signUpRequest.getName(), signUpRequest.getUsername(),
+                signUpRequest.getEmail(), signUpRequest.getPassword());
+
+        user.setPassword(passwordEncoder.encode(user.getPassword()));
+
+        Role userRole = roleRepository.findByName(RoleName.ROLE_USER)
+                .orElseThrow(() -> new AppException("User Role not set."));
+
+        user.setRoles(Collections.singleton(userRole));
+
+        User result = userRepository.save(user);
+
+        URI location = ServletUriComponentsBuilder
+                .fromCurrentContextPath().path("/users/{username}")
+                .buildAndExpand(result.getUsername()).toUri();
+
+        return ResponseEntity.created(location).body(new ApiResponse(true, "User registered successfully"));
+    }
+}
@@ -0,0 +1,81 @@
+//package com.baghaniya.springsecurity.controller;
+//
+//import com.baghaniya.springsecurity.repository.UserRepository;
+//import org.slf4j.Logger;
+//import org.slf4j.LoggerFactory;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.security.access.prepost.PreAuthorize;
+//import org.springframework.web.bind.annotation.*;
+//
+///**
+// * Created by RAHUL on Jul, 2018
+// */
+//
+//@RestController
+//@RequestMapping("/api")
+//public class UserController {
+//
+//    @Autowired
+//    private UserRepository userRepository;
+//
+//    @Autowired
+//    private PollRepository pollRepository;
+//
+//    @Autowired
+//    private VoteRepository voteRepository;
+//
+//    @Autowired
+//    private PollService pollService;
+//
+//    private static final Logger logger = LoggerFactory.getLogger(UserController.class);
+//
+//    @GetMapping("/user/me")
+//    @PreAuthorize("hasRole('USER')")
+//    public UserSummary getCurrentUser(@CurrentUser UserPrincipal currentUser) {
+//        UserSummary userSummary = new UserSummary(currentUser.getId(), currentUser.getUsername(), currentUser.getName());
+//        return userSummary;
+//    }
+//
+//    @GetMapping("/user/checkUsernameAvailability")
+//    public UserIdentityAvailability checkUsernameAvailability(@RequestParam(value = "username") String username) {
+//        Boolean isAvailable = !userRepository.existsByUsername(username);
+//        return new UserIdentityAvailability(isAvailable);
+//    }
+//
+//    @GetMapping("/user/checkEmailAvailability")
+//    public UserIdentityAvailability checkEmailAvailability(@RequestParam(value = "email") String email) {
+//        Boolean isAvailable = !userRepository.existsByEmail(email);
+//        return new UserIdentityAvailability(isAvailable);
+//    }
+//
+//    @GetMapping("/users/{username}")
+//    public UserProfile getUserProfile(@PathVariable(value = "username") String username) {
+//        User user = userRepository.findByUsername(username)
+//                .orElseThrow(() -> new ResourceNotFoundException("User", "username", username));
+//
+//        long pollCount = pollRepository.countByCreatedBy(user.getId());
+//        long voteCount = voteRepository.countByUserId(user.getId());
+//
+//        UserProfile userProfile = new UserProfile(user.getId(), user.getUsername(), user.getName(), user.getCreatedAt(), pollCount, voteCount);
+//
+//        return userProfile;
+//    }
+//
+//    @GetMapping("/users/{username}/polls")
+//    public PagedResponse<PollResponse> getPollsCreatedBy(@PathVariable(value = "username") String username,
+//                                                         @CurrentUser UserPrincipal currentUser,
+//                                                         @RequestParam(value = "page", defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) int page,
+//                                                         @RequestParam(value = "size", defaultValue = AppConstants.DEFAULT_PAGE_SIZE) int size) {
+//        return pollService.getPollsCreatedBy(username, currentUser, page, size);
+//    }
+//
+//
+//    @GetMapping("/users/{username}/votes")
+//    public PagedResponse<PollResponse> getPollsVotedBy(@PathVariable(value = "username") String username,
+//                                                       @CurrentUser UserPrincipal currentUser,
+//                                                       @RequestParam(value = "page", defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) int page,
+//                                                       @RequestParam(value = "size", defaultValue = AppConstants.DEFAULT_PAGE_SIZE) int size) {
+//        return pollService.getPollsVotedBy(username, currentUser, page, size);
+//    }
+//
+//}
@@ -0,0 +1,18 @@
+package com.baghaniya.springsecurity.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+/**
+ * Created by RAHUL on Jul, 2018
+ */
+@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+public class AppException extends RuntimeException {
+    public AppException(String message) {
+        super(message);
+    }
+
+    public AppException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
@@ -0,0 +1,19 @@
+package com.baghaniya.springsecurity.exception;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+/**
+ * Created by RAHUL on Jul, 2018
+ */
+
+
+@ResponseStatus(HttpStatus.BAD_REQUEST)
+public class BadRequestException extends RuntimeException {
+
+    public BadRequestException(String message) {
+        super(message);
+    }
+
+    public BadRequestException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}