Added bootstrap and proper authentication

This commit is contained in:
Andrew Lalis 2019-05-13 22:08:45 +02:00 committed by andrewlalis
parent b02b3faa57
commit b1b5f11f18
12 changed files with 152 additions and 26 deletions

View File

@ -3,6 +3,7 @@ package nl.andrewlalis.teaching_assistant_assistant;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@SpringBootApplication
public class TeachingAssistantAssistantApplication implements CommandLineRunner {
@ -14,5 +15,6 @@ public class TeachingAssistantAssistantApplication implements CommandLineRunner
@Override
public void run(String... args) throws Exception {
System.out.println("Running startup...");
System.out.println(new BCryptPasswordEncoder().encode("test"));
}
}

View File

@ -22,10 +22,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("tester")
.password(passwordEncoder().encode("tester"))
.roles("USER");
auth.userDetailsService(this.userDetailsService);
}
@ -35,25 +31,31 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.csrf().disable() // So that we can GET the logout page.
.authorizeRequests() // Let anyone view the login and logout pages.
.antMatchers("/login*", "/logout*")
.antMatchers("/login*", "/logout*", "/register*")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/css/**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.authorizeRequests() // Only logged in users should be able to see site content.
.antMatchers("/**")
.hasRole("USER")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.loginProcessingUrl("/login")
.defaultSuccessUrl("/", true)
.failureUrl("/login?error")
.and()
.logout()
.permitAll()
.clearAuthentication(true)
.invalidateHttpSession(true)
.logoutUrl("/logout")

View File

@ -1,5 +1,7 @@
package nl.andrewlalis.teaching_assistant_assistant.controllers;
import nl.andrewlalis.teaching_assistant_assistant.model.security.UserDetails;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@ -11,9 +13,10 @@ public class RootController {
path = "/",
produces = "text/html"
)
public String index(Model model) {
model.addAttribute("name", "JOHN");
return "index.html";
public String index(Authentication authentication, Model model) {
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
model.addAttribute("user", userDetails.getUser());
return "index";
}
}

View File

@ -3,6 +3,7 @@ package nl.andrewlalis.teaching_assistant_assistant.model.people;
import nl.andrewlalis.teaching_assistant_assistant.model.BasicEntity;
import nl.andrewlalis.teaching_assistant_assistant.model.Course;
import nl.andrewlalis.teaching_assistant_assistant.model.people.teams.Team;
import nl.andrewlalis.teaching_assistant_assistant.model.security.User;
import javax.persistence.*;
import java.util.ArrayList;
@ -68,6 +69,16 @@ public abstract class Person extends BasicEntity {
)
private List<Course> courses;
/**
* The authenticated user belonging to this person.
*/
@OneToOne(
fetch = FetchType.LAZY,
optional = true,
mappedBy = "person"
)
private User user;
/**
* Default constructor for JPA.
*/
@ -167,6 +178,14 @@ public abstract class Person extends BasicEntity {
return this.teams;
}
public User getUser() {
return this.user;
}
public void setUser(User user) {
this.user = user;
}
/**
* Determines if two Persons are equal. They are considered equal when all of the basic identifying information
* about the person is the same, regardless of case.

View File

@ -20,11 +20,18 @@ public class User extends BasicEntity {
@Column(nullable = false, unique = true)
private String username;
/**
* The password for this user.
*/
@Column
private String password;
@OneToOne
@JoinColumn(name = "person_id", nullable = true, referencedColumnName = "id")
@JoinColumn(
name = "person_id",
nullable = true,
referencedColumnName = "id"
)
private Person person;
public String getUsername() {

View File

@ -1,20 +1,26 @@
package nl.andrewlalis.teaching_assistant_assistant.model.security;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import java.util.Collection;
import java.util.Collections;
public class UserDetails implements org.springframework.security.core.userdetails.UserDetails {
private User user;
public UserDetails(User user) {
protected UserDetails(User user) {
this.user = user;
}
public User getUser() {
return this.user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return null;
return Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1,35 @@
body {
text-align: center;
}
.page_row {
text-align: center;
}
.login_form {
background-color: green;
color: white;
width: 50%;
text-align: center;
margin-left: auto;
margin-right: auto;
padding: 10px;
}
.login_form_row {
width: 100%;
margin-top: 10px;
margin-bottom: 10px;
}
.login_form label {
font-size: 18px;
}
.login_form input {
font-family: inherit;
}
.login_form input[type=submit]:hover {
background-color: lightgray;
}

View File

@ -1,6 +1,7 @@
/* Set the font for the whole website here. */
body {
font-family: sans-serif;
background-color: white;
}
.content_container {
@ -32,6 +33,11 @@ body {
color: inherit;
}
.white_link {
text-decoration: underline;
color: white;
}
.sidebar_block a:hover {
color: lightgreen;
}

View File

@ -9,7 +9,7 @@
<nav th:fragment="header" class="header_bar">
<link rel="stylesheet" href="../../../resources/static/css/header.css" th:href="@{/css/header.css}"/>
<h1 class="header_title">Teaching Assistant Assistant</h1>
<h1 class="header_title">Teaching Assistant <em>Assistant</em></h1>
<ul class="header_link_list">
<li><a href="/" th:href="@{/}">Home</a>
<li><a href="/courses" th:href="@{/courses}">Courses</a>

View File

@ -10,7 +10,7 @@
<hr>
<p>
Welcome to the Teaching Assistant Assistant. To find the courses in this application please follow the link to
Welcome to the Teaching Assistant Assistant, <span th:text="${user.getPerson().getFullName()}"></span>. To find the courses in this application please follow the link to
<a th:href="@{/courses}">courses</a>.
</p>

View File

@ -3,22 +3,61 @@
<head>
<meta charset="UTF-8">
<title>Login</title>
<link rel="stylesheet" th:href="@{/css/style.css}" type="text/css"/>
<link rel="stylesheet" th:href="@{/css/login.css}" type="text/css"/>
</head>
<body>
<div th:if="${param.error}">
<div class="content_container">
<div class="page_row">
<h1>Teaching Assistant <em>Assistant</em></h1>
</div>
<div class="page_row">
<div th:if="${param.error}">
Invalid username or password!
</div>
</div>
<div th:if="${param.logout}">
<div th:if="${param.logout}">
You have been logged out!
</div>
</div>
</div>
<form th:action="@{/login}" method="post">
<label>Username: <input type="text" name="username"/></label>
<label>Password: <input type="password" name="password"/></label>
<button type="submit">Login</button>
</form>
<div class="page_row">
<h2>Login</h2>
<p>
Please log in to access this application.
</p>
</div>
<div class="page_row">
<form class="login_form" th:action="@{/login}" method="post">
<div class="login_form_row">
<label for="username_input">Username</label>
</div>
<div class="login_form_row">
<input id="username_input" type="text" name="username"/>
</div>
<div class="login_form_row">
<label for="password_input">Password</label>
</div>
<div class="login_form_row">
<input id="password_input" type="password" name="password"/>
</div>
<div class="login_form_row">
<input type="submit" value="Login"/>
</div>
<div class="login_form_row">
<a class="white_link" th:href="@{/register}">Don't have an account? Sign up here!</a>
</div>
</form>
</div>
</div>
</body>
</html>