Merge pull request 'Feature/SpringSecurity' (#2) from Feature/SpringSecurity into master

Reviewed-on: #2

pom.xml

@@ -8,9 +8,73 @@
     <artifactId>HedgeHogCloud</artifactId>
     <version>1.0-SNAPSHOT</version>
 
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>2.6.2</version>
+    </parent>
+
     <properties>
         <maven.compiler.source>17</maven.compiler.source>
         <maven.compiler.target>17</maven.compiler.target>
+        <java.version>17</java.version>
     </properties>
 
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.projectlombok/lombok -->
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <version>1.18.26</version>
+            <scope>provided</scope>
+        </dependency>
+        <!-- https://mvnrepository.com/artifact/org.liquibase/liquibase-core -->
+        <dependency>
+            <groupId>org.liquibase</groupId>
+            <artifactId>liquibase-core</artifactId>
+            <version>4.19.0</version>
+        </dependency>
+
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <version>${project.parent.version}</version>
+            </plugin>
+        </plugins>
+    </build>
+
 </project>

src/main/java/ru/ldeloff/Main.java

@@ -1,7 +0,0 @@
-package ru.ldeloff;
-
-public class Main {
-    public static void main(String[] args) {
-        System.out.println("Hello world!");
-    }
-}

src/main/java/ru/ldeloff/hedgehogcloud/Main.java

@@ -0,0 +1,11 @@
+package ru.ldeloff.hedgehogcloud;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+    public static void main(String[] args) {
+        SpringApplication.run(Main.class,args);
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/config/AuthenticationSuccessUserHandler.java

@@ -0,0 +1,25 @@
+package ru.ldeloff.hedgehogcloud.config;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Set;
+
+@Component
+public class AuthenticationSuccessUserHandler implements AuthenticationSuccessHandler {
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+        Set<String> roles = AuthorityUtils.authorityListToSet(authentication.getAuthorities());
+        if (roles.contains("ROLE_ADMIN")) {
+            response.sendRedirect("/admin");
+        } else {
+            response.sendRedirect("/user");
+        }
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/config/MvcConfig.java

@@ -0,0 +1,13 @@
+package ru.ldeloff.hedgehogcloud.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class MvcConfig implements WebMvcConfigurer {
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/login").setViewName("login");
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/config/WebSecurityConfig.java

@@ -0,0 +1,61 @@
+package ru.ldeloff.hedgehogcloud.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import ru.ldeloff.hedgehogcloud.service.UserServiceImpl;
+
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+    UserServiceImpl userService;
+    AuthenticationSuccessUserHandler authenticationSuccessUserHandler;
+
+    public WebSecurityConfig(UserServiceImpl userService, AuthenticationSuccessUserHandler authenticationSuccessUserHandler) {
+        this.userService = userService;
+        this.authenticationSuccessUserHandler = authenticationSuccessUserHandler;
+    }
+
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.formLogin()
+                // указываем страницу с формой логина
+                //.loginPage("/login")
+                //указываем логику обработки при логине
+                .successHandler(authenticationSuccessUserHandler)
+                // указываем action с формы логина
+                .loginProcessingUrl("/login")
+                // указываем параметры логина и пароля с формы логина
+                .usernameParameter("j_username")
+                .passwordParameter("j_password")
+                // даем доступ к форме логина всем
+                .permitAll();
+        http
+                // делаем страницу регистрации недоступной для авторизированных пользователей
+                .authorizeRequests()
+                //страницы аутентификации доступна всем
+                .antMatchers("/login").anonymous()
+                .antMatchers("/").authenticated()
+                // защищенные URL
+                .antMatchers("/admin/**").access("hasAnyRole('ROLE_ADMIN')")
+                .antMatchers("/user").permitAll()
+                .and().formLogin();
+    }
+
+    @Autowired
+    protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userService).passwordEncoder(NoOpPasswordEncoder.getInstance());
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/config/initclass/InitDB.java

@@ -0,0 +1,49 @@
+package ru.ldeloff.hedgehogcloud.config.initclass;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+import ru.ldeloff.hedgehogcloud.entity.RoleEntity;
+import ru.ldeloff.hedgehogcloud.entity.UserEntity;
+import ru.ldeloff.hedgehogcloud.service.RoleService;
+import ru.ldeloff.hedgehogcloud.service.UserService;
+
+import java.util.HashSet;
+import java.util.List;
+
+@Component
+public class InitDB implements ApplicationRunner {
+    UserService userService;
+    RoleService roleService;
+
+    public InitDB(UserService userService, RoleService roleService) {
+        this.userService = userService;
+        this.roleService = roleService;
+    }
+
+    @Override
+    @Transactional
+    public void run(ApplicationArguments args) throws Exception {
+        RoleEntity role = new RoleEntity();
+        role.setName("ROLE_ADMIN");
+        roleService.saveRole(role);
+
+        RoleEntity role2 = new RoleEntity();
+        role2.setName("ROLE_USER");
+        roleService.saveRole(role2);
+
+        UserEntity user = new UserEntity();
+        user.setUsername("admin");
+        user.setPassword("123");
+        user.setRoles(new HashSet<>(List.of(roleService.getByName(role.getName()))));
+        userService.saveUser(user);
+
+        UserEntity user2 = new UserEntity();
+        user2.setUsername("user");
+        user2.setPassword("123");
+        user2.setRoles(new HashSet<>(List.of(roleService.getByName(role2.getName()))));
+        userService.saveUser(user2);
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/controller/LoginController.java

@@ -0,0 +1,13 @@
+package ru.ldeloff.hedgehogcloud.controller;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class LoginController {
+
+    @GetMapping(value = "/login")
+    public String loginPage() {
+        return "login";
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/entity/BaseEntity.java

@@ -0,0 +1,33 @@
+package ru.ldeloff.hedgehogcloud.entity;
+
+import com.sun.istack.NotNull;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.springframework.data.domain.Persistable;
+
+import javax.persistence.Id;
+import javax.persistence.MappedSuperclass;
+import javax.persistence.Transient;
+import java.util.UUID;
+
+@NoArgsConstructor
+@Setter
+@MappedSuperclass
+@EqualsAndHashCode
+public class BaseEntity implements Persistable<String> {
+    @Id
+    protected String id = UUID.randomUUID().toString();
+    @Transient
+    private Boolean justCreated = false;
+
+    @Override
+    public String getId() {
+        return null;
+    }
+
+    @Override
+    public boolean isNew() {
+        return justCreated;
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/entity/RoleEntity.java

@@ -0,0 +1,30 @@
+package ru.ldeloff.hedgehogcloud.entity;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.transaction.annotation.Transactional;
+
+import javax.persistence.*;
+import java.util.Set;
+
+@NoArgsConstructor
+@Getter
+@Setter
+@Entity
+@Table(name = "roles")
+public class RoleEntity extends BaseEntity implements GrantedAuthority {
+    private String name;
+    @Transient
+    @ManyToMany
+    private Set<UserEntity> users;
+
+    public String getName() {
+        return name;
+    }
+    @Override
+    public String getAuthority() {
+        return getName();
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/entity/UserEntity.java

@@ -0,0 +1,63 @@
+package ru.ldeloff.hedgehogcloud.entity;
+
+import lombok.*;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import javax.persistence.*;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+
+@NoArgsConstructor
+@Getter
+@Setter
+@Entity
+@Table(name = "users")
+public class UserEntity extends BaseEntity implements UserDetails {
+    private String username;
+    private String password;
+
+    @ManyToMany(fetch = FetchType.EAGER)
+    @JoinTable(
+            name = "users_roles",
+            joinColumns = { @JoinColumn(name = "user_id") },
+            inverseJoinColumns = { @JoinColumn(name = "role_id") }
+    )
+    private Set<RoleEntity> roles = new HashSet<>();
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return getRoles();
+    }
+
+    @Override
+    public String getPassword() {
+        return password;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+}

src/main/java/ru/ldeloff/hedgehogcloud/repository/RoleRepository.java

@@ -0,0 +1,10 @@
+package ru.ldeloff.hedgehogcloud.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+import ru.ldeloff.hedgehogcloud.entity.RoleEntity;
+
+@Repository
+public interface RoleRepository extends JpaRepository<RoleEntity, String> {
+    RoleEntity findByName(String name);
+}

src/main/java/ru/ldeloff/hedgehogcloud/repository/UserRepository.java

@@ -0,0 +1,11 @@
+package ru.ldeloff.hedgehogcloud.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+import ru.ldeloff.hedgehogcloud.entity.UserEntity;
+
+@Repository
+public interface UserRepository extends JpaRepository<UserEntity, String> {
+    UserEntity findByUsername(String username);
+
+}

src/main/java/ru/ldeloff/hedgehogcloud/service/RoleService.java

@@ -0,0 +1,8 @@
+package ru.ldeloff.hedgehogcloud.service;
+
+import ru.ldeloff.hedgehogcloud.entity.RoleEntity;
+
+public interface RoleService {
+    void saveRole(RoleEntity roleEntity);
+    RoleEntity getByName(String name);
+}

src/main/java/ru/ldeloff/hedgehogcloud/service/RoleServiceImpl.java

@@ -0,0 +1,31 @@
+package ru.ldeloff.hedgehogcloud.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import ru.ldeloff.hedgehogcloud.entity.RoleEntity;
+import ru.ldeloff.hedgehogcloud.entity.UserEntity;
+import ru.ldeloff.hedgehogcloud.repository.RoleRepository;
+
+@Service
+public class RoleServiceImpl implements RoleService {
+    RoleRepository roleRepository;
+
+    public RoleServiceImpl(RoleRepository roleRepository) {
+        this.roleRepository = roleRepository;
+    }
+
+
+    public void saveRole(RoleEntity role) {
+        RoleEntity roleTemp = getByName(role.getName());
+        if (roleTemp == null) {
+            roleRepository.save(role);
+        }
+    }
+
+    @Override
+    public RoleEntity getByName(String name) {
+        return roleRepository.findByName(name);
+    }
+
+}

src/main/java/ru/ldeloff/hedgehogcloud/service/UserService.java

@@ -0,0 +1,11 @@
+package ru.ldeloff.hedgehogcloud.service;
+
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import ru.ldeloff.hedgehogcloud.entity.UserEntity;
+
+public interface UserService extends UserDetailsService {
+    UserDetails loadUserByUsername(String username);
+    void saveUser(UserEntity user);
+    UserEntity getByUserName(String name); // TODO попробовать userdetails юзать
+}

src/main/java/ru/ldeloff/hedgehogcloud/service/UserServiceImpl.java

@@ -0,0 +1,46 @@
+package ru.ldeloff.hedgehogcloud.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import ru.ldeloff.hedgehogcloud.entity.UserEntity;
+import ru.ldeloff.hedgehogcloud.repository.RoleRepository;
+import ru.ldeloff.hedgehogcloud.repository.UserRepository;
+
+@Service
+public class UserServiceImpl implements UserService {
+    UserRepository userRepository;
+    RoleRepository roleRepository;
+
+    @Autowired
+    public UserServiceImpl(UserRepository userRepository,
+                           RoleRepository roleRepository) {
+        this.userRepository = userRepository;
+        this.roleRepository = roleRepository;
+    }
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        UserEntity user = userRepository.findByUsername(username);
+        if (user == null) {
+            throw new UsernameNotFoundException("User not found");
+        }
+        return user;
+    }
+
+    @Override
+    public void saveUser(UserEntity user) {
+        UserEntity userTemp = getByUserName(user.getUsername());
+        if (userTemp == null) {
+            userRepository.save(user);
+        }
+    }
+
+    @Override
+    public UserEntity getByUserName(String name) {
+        return userRepository.findByUsername(name);
+    }
+
+
+}

src/main/resources/application.yml

@@ -0,0 +1,14 @@
+spring:
+  datasource:
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    url: jdbc:mysql://localhost:3306/hedgehogcloud?verifyServerCertificate=false&useSSL=false&requireSSL=false&useLegacyDatetimeCode=false&amp&serverTimezone=UTC&allowPublicKeyRetrieval=true
+    username: root
+    password: 123
+  liquibase:
+    enabled: true
+    change-log: classpath:db/scripts/changelog-master.xml
+    url: jdbc:mysql://localhost:3306/hedgehogcloud?verifyServerCertificate=false&useSSL=false&requireSSL=false&useLegacyDatetimeCode=false&amp&serverTimezone=UTC&allowPublicKeyRetrieval=true
+    user: root
+    password: 123
+    liquibase-schema: "liquibase"
+    default-schema: "hedgehogcloud"

src/main/resources/db/scripts/changelog-master.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<databaseChangeLog
+        xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
+
+    <include file="release_0_0_1/changelog.xml" relativeToChangelogFile="true"/>
+
+</databaseChangeLog>

src/main/resources/db/scripts/release_0_0_1/changelog.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<databaseChangeLog
+        xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
+
+    <include file="scripts/01_create_table_users.sql" relativeToChangelogFile="true"/>
+    <include file="scripts/02_create_table_roles.sql" relativeToChangelogFile="true"/>
+    <include file="scripts/03_create_table_users_roles.sql" relativeToChangelogFile="true"/>
+
+</databaseChangeLog>

src/main/resources/db/scripts/release_0_0_1/scripts/01_create_table_users.sql

@@ -0,0 +1,13 @@
+-- liquibase formatted sql
+
+-- changeset L_DelOff:create_table_users rollbackSplitStatements:true
+-- comment: Создание таблицы с пользователями
+
+CREATE TABLE USERS
+(
+    ID         VARCHAR(36) PRIMARY KEY COMMENT 'Идентификатор',
+    USERNAME   VARCHAR(64) UNIQUE COMMENT 'Имя пользователя',
+    PASSWORD   VARCHAR(36) COMMENT 'Пароль'
+);
+
+-- rollback DROP TABLE USERS;

src/main/resources/db/scripts/release_0_0_1/scripts/02_create_table_roles.sql

@@ -0,0 +1,13 @@
+-- liquibase formatted sql
+
+-- changeset L_DelOff:create_table_roles rollbackSplitStatements:true
+-- comment: Создание таблицы с ролями
+
+CREATE TABLE ROLES
+(
+    ID     VARCHAR(36) PRIMARY KEY COMMENT 'Идентификатор роли',
+    NAME   VARCHAR(64) UNIQUE COMMENT 'Имя роли'
+);
+
+
+-- rollback DROP TABLE ROLES;

src/main/resources/db/scripts/release_0_0_1/scripts/03_create_table_users_roles.sql

@@ -0,0 +1,19 @@
+-- liquibase formatted sql
+
+-- changeset L_DelOff:create_table_users_roles rollbackSplitStatements:true
+-- comment: Создание сопоставляющей таблицы пользователь -  роли
+
+CREATE TABLE users_roles
+(
+    `user_id` VARCHAR(36) NOT NULL,
+    `role_id` VARCHAR(36) NOT NULL,
+    PRIMARY KEY (`user_id`,`role_id`),
+    KEY `role_id` (`role_id`),
+    CONSTRAINT `users_roles_ibfk_1`
+        FOREIGN KEY (`user_id`) REFERENCES `users` (`id`),
+    CONSTRAINT `users_roles_ibfk_2`
+        FOREIGN KEY (`role_id`) REFERENCES `roles` (`id`)
+);
+
+
+-- rollback DROP TABLE users_roles;

src/main/resources/templates/login.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
+    <meta charset="UTF-8">
+    <title>Login Page</title>
+</head>
+<body class="text-center">
+<body style="background-color:#f1efef">
+<div class="row">
+    <div class="col"></div>
+    <div class="col">
+        <form method="POST" action="/login">
+            <div class="text-center p-5">
+                <p class="h2 fw-bold" style="text-align: Left">Please sign in</p>
+                <input name="j_username" class="form-control" placeholder="Email address" size="45" type="email">
+                <input name="j_password" class="form-control" placeholder="Password" size="45" type="password">
+                <button class="w-100 btn btn-lg btn-primary" type="submit">Sign in</button>
+            </div>
+        </form>
+    </div>
+    <div class="col"></div>
+</div>
+</body>
+</body>
+</html>