-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
implement rudimentary user management
for now on basic - should be token-based soon
- Loading branch information
1 parent
f37e1c6
commit 609e01d
Showing
22 changed files
with
428 additions
and
6 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletions
2
server/src/main/java/org/hyperskill/community/flashcards/FlashcardsApplication.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
16 changes: 16 additions & 0 deletions
16
server/src/main/java/org/hyperskill/community/flashcards/config/MongoConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
package org.hyperskill.community.flashcards.config; | ||
|
||
import com.mongodb.client.MongoClients; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.data.mongodb.core.MongoTemplate; | ||
|
||
@Configuration | ||
public class MongoConfiguration { | ||
|
||
@Bean | ||
public MongoTemplate mongoTemplate() { | ||
return new MongoTemplate(MongoClients.create(), "cards"); | ||
} | ||
|
||
} |
20 changes: 20 additions & 0 deletions
20
.../src/main/java/org/hyperskill/community/flashcards/config/ObservabilityConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package org.hyperskill.community.flashcards.config; | ||
|
||
import jakarta.servlet.Filter; | ||
import org.slf4j.MDC; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.core.context.SecurityContextHolder; | ||
|
||
@Configuration | ||
public class ObservabilityConfiguration { | ||
|
||
@Bean | ||
Filter correlationFilter() { | ||
return (request, response, chain) -> { | ||
var loggedIn = SecurityContextHolder.getContext().getAuthentication(); | ||
MDC.put("user", loggedIn.getName()); | ||
chain.doFilter(request, response); | ||
}; | ||
} | ||
} |
52 changes: 52 additions & 0 deletions
52
...er/src/main/java/org/hyperskill/community/flashcards/config/WebSecurityConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
package org.hyperskill.community.flashcards.config; | ||
|
||
import org.hyperskill.community.flashcards.registration.User; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.data.mongodb.core.MongoTemplate; | ||
import org.springframework.http.HttpMethod; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer; | ||
import org.springframework.security.core.userdetails.UserDetailsService; | ||
import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.security.web.SecurityFilterChain; | ||
|
||
import java.util.Optional; | ||
|
||
import static org.springframework.security.config.Customizer.withDefaults; | ||
|
||
/** | ||
* new Spring security 6.0 style provision of SecurityFilterChain bean with the security configuration, | ||
* as well as PasswordProvider and AuthenticationManager that makes use of our UserDetails persistence. | ||
*/ | ||
@Configuration | ||
@EnableWebSecurity | ||
public class WebSecurityConfiguration { | ||
|
||
@Bean | ||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { | ||
return http | ||
.csrf(CsrfConfigurer::disable) | ||
.authorizeHttpRequests(auth -> auth | ||
.requestMatchers("/register.html", "/js/register.js", "/css/register.css").permitAll() | ||
.requestMatchers(HttpMethod.POST, "/api/register").permitAll() | ||
.anyRequest().authenticated()) | ||
.httpBasic(withDefaults()) | ||
.build(); | ||
} | ||
|
||
@Bean | ||
public UserDetailsService userDetailsService(MongoTemplate mongoTemplate) { | ||
return username -> | ||
Optional.ofNullable(mongoTemplate.findById(username, User.class)) | ||
.orElseThrow(() -> new UsernameNotFoundException("User not found.")); | ||
} | ||
|
||
@Bean | ||
public PasswordEncoder passwordEncoder() { | ||
return new BCryptPasswordEncoder(); | ||
} | ||
} |
4 changes: 4 additions & 0 deletions
4
server/src/main/java/org/hyperskill/community/flashcards/model/Collection.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
package org.hyperskill.community.flashcards.model; | ||
|
||
public record Collection(String name) { | ||
} |
35 changes: 35 additions & 0 deletions
35
...er/src/main/java/org/hyperskill/community/flashcards/registration/RegisterController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import jakarta.validation.Valid; | ||
import lombok.RequiredArgsConstructor; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.http.ResponseEntity; | ||
import org.springframework.web.bind.annotation.PostMapping; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
import org.springframework.web.bind.annotation.RequestMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
import static org.springframework.http.ResponseEntity.ok; | ||
|
||
@RestController | ||
@RequiredArgsConstructor | ||
@Slf4j | ||
@RequestMapping("/api/register") | ||
public class RegisterController { | ||
|
||
private final RegisterService service; | ||
private final UserMapper mapper; | ||
|
||
/** | ||
* register endpoint - unauthenticated (!). | ||
* @param userDto dto containing provided user email (=username) and raw password | ||
* @return empty response 200(OK) on successful register, 400(BadRequest) if dto validation fails or user exists | ||
*/ | ||
@PostMapping | ||
public ResponseEntity<Void> registerUser(@Valid @RequestBody UserDto userDto) { | ||
var userDocument = mapper.toDocument(userDto); | ||
service.registerUser(userDocument); | ||
log.info("User {} successfully registered", userDocument.getUsername()); | ||
return ok().build(); | ||
} | ||
} |
26 changes: 26 additions & 0 deletions
26
server/src/main/java/org/hyperskill/community/flashcards/registration/RegisterService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.data.mongodb.core.MongoTemplate; | ||
import org.springframework.stereotype.Service; | ||
|
||
import java.util.Objects; | ||
|
||
@Service | ||
@RequiredArgsConstructor | ||
public class RegisterService { | ||
|
||
private final MongoTemplate mongoTemplate; | ||
|
||
/** | ||
* method receives and saves the User entity with data mapped from the UserDto (name and encrypted password), | ||
* @param user the prepared User entity to save to the database. | ||
* @throws UserAlreadyExistsException if user already exists. | ||
*/ | ||
public void registerUser(User user) throws UserAlreadyExistsException { | ||
if (Objects.nonNull(mongoTemplate.findById(user.getUsername(), User.class))) { | ||
throw new UserAlreadyExistsException(); | ||
} | ||
mongoTemplate.save(user); | ||
} | ||
} |
53 changes: 53 additions & 0 deletions
53
server/src/main/java/org/hyperskill/community/flashcards/registration/User.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import lombok.Getter; | ||
import lombok.RequiredArgsConstructor; | ||
import lombok.Setter; | ||
import lombok.experimental.Accessors; | ||
import org.springframework.data.annotation.Id; | ||
import org.springframework.data.mongodb.core.mapping.Document; | ||
import org.springframework.security.core.GrantedAuthority; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
|
||
import java.util.Collection; | ||
import java.util.Collections; | ||
|
||
/** | ||
* entity class for registered users, that implements UserDetails and whose instances thus serve the | ||
* DaoAuthenticationProvider (AuthenticationManager). | ||
*/ | ||
@Getter | ||
@Setter | ||
@RequiredArgsConstructor | ||
@Accessors(chain = true) | ||
@Document | ||
public class User implements UserDetails { | ||
@Id | ||
private String username; | ||
private String password; | ||
|
||
@Override | ||
public Collection<? extends GrantedAuthority> getAuthorities() { | ||
return Collections.emptyList(); | ||
} | ||
|
||
@Override | ||
public boolean isAccountNonExpired() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isAccountNonLocked() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isCredentialsNonExpired() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isEnabled() { | ||
return true; | ||
} | ||
} |
12 changes: 12 additions & 0 deletions
12
...ain/java/org/hyperskill/community/flashcards/registration/UserAlreadyExistsException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import org.springframework.http.HttpStatus; | ||
import org.springframework.web.bind.annotation.ResponseStatus; | ||
|
||
@ResponseStatus(HttpStatus.BAD_REQUEST) | ||
public class UserAlreadyExistsException extends RuntimeException { | ||
|
||
public UserAlreadyExistsException() { | ||
super("This user is already registered."); | ||
} | ||
} |
13 changes: 13 additions & 0 deletions
13
server/src/main/java/org/hyperskill/community/flashcards/registration/UserDto.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import jakarta.validation.constraints.NotBlank; | ||
import jakarta.validation.constraints.NotNull; | ||
import jakarta.validation.constraints.Pattern; | ||
import jakarta.validation.constraints.Size; | ||
|
||
/** | ||
* immutable web-layer DTO as carrier for user register requests. | ||
*/ | ||
public record UserDto(@NotNull @Pattern(regexp = "\\w+(\\.\\w+){0,2}@\\w+\\.\\w+") String email, | ||
@NotBlank @Size(min = 8) String password | ||
) { } |
24 changes: 24 additions & 0 deletions
24
server/src/main/java/org/hyperskill/community/flashcards/registration/UserMapper.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
package org.hyperskill.community.flashcards.registration; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.stereotype.Component; | ||
|
||
|
||
/** | ||
* mapper to map received UserDto on register to a User entity, hereby encoding the raw password. | ||
*/ | ||
@Component | ||
@RequiredArgsConstructor | ||
public class UserMapper { | ||
|
||
private final PasswordEncoder passwordEncoder; | ||
|
||
/** | ||
* map the Dto to the entity and encode the password hereby. | ||
*/ | ||
public User toDocument(UserDto dto) { | ||
return new User().setUsername(dto.email()) | ||
.setPassword(passwordEncoder.encode(dto.password())); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
|
||
spring.data.mongodb.database=cards |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<configuration> | ||
|
||
<appender name="Console" | ||
class="ch.qos.logback.core.ConsoleAppender"> | ||
<encoder> | ||
<pattern> | ||
%d{ISO8601} %highlight(%-5level) [%blue(%t)] %yellow(%C{1}): <%X{user}> %msg%n%throwable | ||
</pattern> | ||
</encoder> | ||
</appender> | ||
|
||
<!-- LOG everything at INFO level --> | ||
<root level="info"> | ||
<appender-ref ref="Console" /> | ||
</root> | ||
|
||
</configuration> |
Oops, something went wrong.