Added bootstrap and proper authentication

2019-05-13 22:08:45 +02:00 · 2019-05-13 22:08:45 +02:00 · b1b5f11f18
parent b02b3faa57
commit b1b5f11f18
12 changed files with 152 additions and 26 deletions
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/TeachingAssistantAssistantApplication.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/TeachingAssistantAssistantApplication.java
@ -3,6 +3,7 @@ package nl.andrewlalis.teaching_assistant_assistant;
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@SpringBootApplication
 public class TeachingAssistantAssistantApplication implements CommandLineRunner {
@ -14,5 +15,6 @@ public class TeachingAssistantAssistantApplication implements CommandLineRunner
 	@Override
 	public void run(String... args) throws Exception {
 		System.out.println("Running startup...");
+		System.out.println(new BCryptPasswordEncoder().encode("test"));
 	}
 }
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java
@ -22,10 +22,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
-        auth.inMemoryAuthentication()
-                .withUser("tester")
-                .password(passwordEncoder().encode("tester"))
-                .roles("USER");
        auth.userDetailsService(this.userDetailsService);
    }

@ -35,25 +31,31 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                .csrf().disable() // So that we can GET the logout page.

                .authorizeRequests() // Let anyone view the login and logout pages.
-                    .antMatchers("/login*", "/logout*")
+                    .antMatchers("/login*", "/logout*", "/register*")
+                    .permitAll()
+                    .and()
+
+                .authorizeRequests()
+                    .antMatchers("/css/**")
                    .permitAll()
-                    .anyRequest()
-                    .authenticated()
                    .and()

                .authorizeRequests() // Only logged in users should be able to see site content.
                    .antMatchers("/**")
                    .hasRole("USER")
+                    .anyRequest().authenticated()
                    .and()

                .formLogin()
                    .loginPage("/login")
+                    .permitAll()
                    .loginProcessingUrl("/login")
                    .defaultSuccessUrl("/", true)
                    .failureUrl("/login?error")
                    .and()

                .logout()
+                    .permitAll()
                    .clearAuthentication(true)
                    .invalidateHttpSession(true)
                    .logoutUrl("/logout")
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/controllers/RootController.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/controllers/RootController.java
@ -1,5 +1,7 @@
 package nl.andrewlalis.teaching_assistant_assistant.controllers;

+import nl.andrewlalis.teaching_assistant_assistant.model.security.UserDetails;
+import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
@ -11,9 +13,10 @@ public class RootController {
            path = "/",
            produces = "text/html"
    )
-    public String index(Model model) {
-        model.addAttribute("name", "JOHN");
-        return "index.html";
+    public String index(Authentication authentication, Model model) {
+        UserDetails userDetails = (UserDetails) authentication.getPrincipal();
+        model.addAttribute("user", userDetails.getUser());
+        return "index";
    }

 }
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/people/Person.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/people/Person.java
@ -3,6 +3,7 @@ package nl.andrewlalis.teaching_assistant_assistant.model.people;
 import nl.andrewlalis.teaching_assistant_assistant.model.BasicEntity;
 import nl.andrewlalis.teaching_assistant_assistant.model.Course;
 import nl.andrewlalis.teaching_assistant_assistant.model.people.teams.Team;
+import nl.andrewlalis.teaching_assistant_assistant.model.security.User;

 import javax.persistence.*;
 import java.util.ArrayList;
@ -68,6 +69,16 @@ public abstract class Person extends BasicEntity {
    )
    private List<Course> courses;

+    /**
+     * The authenticated user belonging to this person.
+     */
+    @OneToOne(
+            fetch = FetchType.LAZY,
+            optional = true,
+            mappedBy = "person"
+    )
+    private User user;
+
    /**
     * Default constructor for JPA.
     */
@ -167,6 +178,14 @@ public abstract class Person extends BasicEntity {
        return this.teams;
    }

+    public User getUser() {
+        return this.user;
+    }
+
+    public void setUser(User user) {
+        this.user = user;
+    }
+
    /**
     * Determines if two Persons are equal. They are considered equal when all of the basic identifying information
     * about the person is the same, regardless of case.
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java
@ -20,11 +20,18 @@ public class User extends BasicEntity {
    @Column(nullable = false, unique = true)
    private String username;

+    /**
+     * The password for this user.
+     */
    @Column
    private String password;

    @OneToOne
-    @JoinColumn(name = "person_id", nullable = true, referencedColumnName = "id")
+    @JoinColumn(
+            name = "person_id",
+            nullable = true,
+            referencedColumnName = "id"
+    )
    private Person person;

    public String getUsername() {
--- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java
+++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java
@ -1,20 +1,26 @@
 package nl.andrewlalis.teaching_assistant_assistant.model.security;

 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;

 import java.util.Collection;
+import java.util.Collections;

 public class UserDetails implements org.springframework.security.core.userdetails.UserDetails {

    private User user;

-    public UserDetails(User user) {
+    protected UserDetails(User user) {
        this.user = user;
    }

+    public User getUser() {
+        return this.user;
+    }
+
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
-        return null;
+        return Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"));
    }

    @Override
--- a/src/main/resources/static/css/bootstrap.min.css
+++ b/src/main/resources/static/css/bootstrap.min.css
--- a/src/main/resources/static/css/login.css
+++ b/src/main/resources/static/css/login.css
@ -0,0 +1,35 @@
+body {
+    text-align: center;
+}
+
+.page_row {
+    text-align: center;
+}
+
+.login_form {
+    background-color: green;
+    color: white;
+    width: 50%;
+    text-align: center;
+    margin-left: auto;
+    margin-right: auto;
+    padding: 10px;
+}
+
+.login_form_row {
+    width: 100%;
+    margin-top: 10px;
+    margin-bottom: 10px;
+}
+
+.login_form label {
+    font-size: 18px;
+}
+
+.login_form input {
+    font-family: inherit;
+}
+
+.login_form input[type=submit]:hover {
+    background-color: lightgray;
+}
--- a/src/main/resources/static/css/style.css
+++ b/src/main/resources/static/css/style.css
@ -1,6 +1,7 @@
 /* Set the font for the whole website here. */
 body {
    font-family: sans-serif;
+    background-color: white;
 }

 .content_container {
@ -32,6 +33,11 @@ body {
    color: inherit;
 }

+.white_link {
+    text-decoration: underline;
+    color: white;
+}
+
 .sidebar_block a:hover {
    color: lightgreen;
 }
--- a/src/main/resources/templates/fragments/header.html
+++ b/src/main/resources/templates/fragments/header.html
@ -9,7 +9,7 @@

 <nav th:fragment="header" class="header_bar">
    <link rel="stylesheet" href="../../../resources/static/css/header.css" th:href="@{/css/header.css}"/>
-    <h1 class="header_title">Teaching Assistant Assistant</h1>
+    <h1 class="header_title">Teaching Assistant <em>Assistant</em></h1>
    <ul class="header_link_list">
        <li><a href="/" th:href="@{/}">Home</a>
        <li><a href="/courses" th:href="@{/courses}">Courses</a>
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@ -10,7 +10,7 @@
    <hr>

    <p>
-        Welcome to the Teaching Assistant Assistant. To find the courses in this application please follow the link to
+        Welcome to the Teaching Assistant Assistant, <span th:text="${user.getPerson().getFullName()}"></span>. To find the courses in this application please follow the link to
        <a th:href="@{/courses}">courses</a>.
    </p>

--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@ -3,22 +3,61 @@
 <head>
    <meta charset="UTF-8">
    <title>Login</title>
+    <link rel="stylesheet" th:href="@{/css/style.css}" type="text/css"/>
+    <link rel="stylesheet" th:href="@{/css/login.css}" type="text/css"/>
 </head>
 <body>

-<div th:if="${param.error}">
-    Invalid username or password!
-</div>
+<div class="content_container">
+    <div class="page_row">
+        <h1>Teaching Assistant <em>Assistant</em></h1>
+    </div>

-<div th:if="${param.logout}">
-    You have been logged out!
-</div>
+    <div class="page_row">
+        <div th:if="${param.error}">
+            Invalid username or password!
+        </div>

-<form th:action="@{/login}" method="post">
-    <label>Username: <input type="text" name="username"/></label>
-    <label>Password: <input type="password" name="password"/></label>
-    <button type="submit">Login</button>
-</form>
+        <div th:if="${param.logout}">
+            You have been logged out!
+        </div>
+    </div>
+
+    <div class="page_row">
+        <h2>Login</h2>
+        <p>
+            Please log in to access this application.
+        </p>
+    </div>
+
+    <div class="page_row">
+        <form class="login_form" th:action="@{/login}" method="post">
+            <div class="login_form_row">
+                <label for="username_input">Username</label>
+            </div>
+
+            <div class="login_form_row">
+                <input id="username_input" type="text" name="username"/>
+            </div>
+
+            <div class="login_form_row">
+                <label for="password_input">Password</label>
+            </div>
+
+            <div class="login_form_row">
+                <input id="password_input" type="password" name="password"/>
+            </div>
+
+            <div class="login_form_row">
+                <input type="submit" value="Login"/>
+            </div>
+
+            <div class="login_form_row">
+                <a class="white_link" th:href="@{/register}">Don't have an account? Sign up here!</a>
+            </div>
+        </form>
+    </div>
+</div>

 </body>
 </html>