L_DelOff
/
HedgeHogCloud
1
0
Fork 0
Code Issues 9 Pull Requests Packages Projects Releases Wiki Activity

Security шаблон

pull/2/head
L_DelOff 2023-03-01 23:46:16 +03:00
parent 74600740eb
commit 9eebb2bfff
14 changed files with 374 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
pom.xml
View File

@ -8,9 +8,73 @@
<artifactId>HedgeHogCloud</artifactId> <artifactId>HedgeHogCloud</artifactId>
<version>1.0-SNAPSHOT</version> <version>1.0-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.6.2</version>
</parent>
<properties> <properties>
<maven.compiler.source>17</maven.compiler.source> <maven.compiler.source>17</maven.compiler.source>
<maven.compiler.target>17</maven.compiler.target> <maven.compiler.target>17</maven.compiler.target>
<java.version>17</java.version>
</properties> </properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.projectlombok/lombok -->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.26</version>
<scope>provided</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.liquibase/liquibase-core -->
<dependency>
<groupId>org.liquibase</groupId>
<artifactId>liquibase-core</artifactId>
<version>4.19.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${project.parent.version}</version>
</plugin>
</plugins>
</build>
</project> </project>

7
src/main/java/ru/ldeloff/Main.java
View File

@ -1,7 +0,0 @@
package ru.ldeloff;
public class Main {
public static void main(String[] args) {
System.out.println("Hello world!");
}
}

11
src/main/java/ru/ldeloff/hedgehogcloud/Main.java Normal file
View File

@ -0,0 +1,11 @@
package ru.ldeloff.hedgehogcloud;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Main {
public static void main(String[] args) {
SpringApplication.run(Main.class,args);
}
}

25
src/main/java/ru/ldeloff/hedgehogcloud/config/AuthenticationSuccessUserHandler.java Normal file
View File

@ -0,0 +1,25 @@
package ru.ldeloff.hedgehogcloud.config;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Set;
@Component
public class AuthenticationSuccessUserHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
Set<String> roles = AuthorityUtils.authorityListToSet(authentication.getAuthorities());
if (roles.contains("ROLE_ADMIN")) {
response.sendRedirect("/admin");
} else {
response.sendRedirect("/user");
}
}
}

13
src/main/java/ru/ldeloff/hedgehogcloud/config/MvcConfig.java Normal file
View File

@ -0,0 +1,13 @@
package ru.ldeloff.hedgehogcloud.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MvcConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
}
}

61
src/main/java/ru/ldeloff/hedgehogcloud/config/WebSecurityConfig.java Normal file
View File

@ -0,0 +1,61 @@
package ru.ldeloff.hedgehogcloud.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import ru.ldeloff.hedgehogcloud.service.UserService;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
UserService userService;
AuthenticationSuccessUserHandler authenticationSuccessUserHandler;
public WebSecurityConfig(UserService userService, AuthenticationSuccessUserHandler authenticationSuccessUserHandler) {
this.userService = userService;
this.authenticationSuccessUserHandler = authenticationSuccessUserHandler;
}
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin()
// указываем страницу с формой логина
.loginPage("/login")
//указываем логику обработки при логине
.successHandler(authenticationSuccessUserHandler)
// указываем action с формы логина
.loginProcessingUrl("/login")
// указываем параметры логина и пароля с формы логина
.usernameParameter("j_username")
.passwordParameter("j_password")
// даем доступ к форме логина всем
.permitAll();
http
// делаем страницу регистрации недоступной для авторизированных пользователей
.authorizeRequests()
//страницы аутентификации доступна всем
.antMatchers("/login").anonymous()
.antMatchers("/").authenticated()
// защищенные URL
.antMatchers("/admin/**").access("hasAnyRole('ROLE_ADMIN')")
.antMatchers("/user").permitAll()
.and().formLogin();
}
@Autowired
protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService).passwordEncoder(NoOpPasswordEncoder.getInstance());
}
}

13
src/main/java/ru/ldeloff/hedgehogcloud/controller/LoginController.java Normal file
View File

@ -0,0 +1,13 @@
package ru.ldeloff.hedgehogcloud.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class LoginController {
@GetMapping(value = "/login")
public String loginPage() {
return "login";
}
}

31
src/main/java/ru/ldeloff/hedgehogcloud/entity/RoleEntity.java Normal file
View File

@ -0,0 +1,31 @@
package ru.ldeloff.hedgehogcloud.entity;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.transaction.annotation.Transactional;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
import java.util.Set;
@NoArgsConstructor
@Getter
@Setter
@Entity
@Table(name = "roles")
public class RoleEntity implements GrantedAuthority {
@Id
private String id;
private String name;
@Transient
private Set<UserEntity> users;
@Override
public String getAuthority() {
return getName();
}
}

63
src/main/java/ru/ldeloff/hedgehogcloud/entity/UserEntity.java Normal file
View File

@ -0,0 +1,63 @@
package ru.ldeloff.hedgehogcloud.entity;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.*;
import java.util.Collection;
import java.util.Set;
@NoArgsConstructor
@Getter
@Setter
@Entity
@Table(name = "users")
public class UserEntity implements UserDetails {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private String id;
private String username;
private String password;
@ManyToMany(fetch = FetchType.EAGER)
private Set<RoleEntity> roles;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return null;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}

7
src/main/java/ru/ldeloff/hedgehogcloud/repository/RoleRepository.java Normal file
View File

@ -0,0 +1,7 @@
package ru.ldeloff.hedgehogcloud.repository;
import org.springframework.data.jpa.repository.JpaRepository;
import ru.ldeloff.hedgehogcloud.entity.RoleEntity;
public interface RoleRepository extends JpaRepository<RoleEntity, String> {
}

8
src/main/java/ru/ldeloff/hedgehogcloud/repository/UserRepository.java Normal file
View File

@ -0,0 +1,8 @@
package ru.ldeloff.hedgehogcloud.repository;
import org.springframework.data.jpa.repository.JpaRepository;
import ru.ldeloff.hedgehogcloud.entity.UserEntity;
public interface UserRepository extends JpaRepository<UserEntity, String> {
UserEntity findByUsername(String username);
}

38
src/main/java/ru/ldeloff/hedgehogcloud/service/UserService.java Normal file
View File

@ -0,0 +1,38 @@
package ru.ldeloff.hedgehogcloud.service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import ru.ldeloff.hedgehogcloud.entity.UserEntity;
import ru.ldeloff.hedgehogcloud.repository.RoleRepository;
import ru.ldeloff.hedgehogcloud.repository.UserRepository;
import javax.persistence.Entity;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
@Service
public class UserService implements UserDetailsService {
UserRepository userRepository;
RoleRepository roleRepository;
@Autowired
public UserService(UserRepository userRepository,
RoleRepository roleRepository) {
this.userRepository = userRepository;
this.roleRepository = roleRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserEntity user = userRepository.findByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("User not found");
}
return user;
}
}

14
src/main/resources/application.yml Normal file
View File

@ -0,0 +1,14 @@
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://localhost:3306/hedgehogcloud?verifyServerCertificate=false&useSSL=false&requireSSL=false&useLegacyDatetimeCode=false&amp&serverTimezone=UTC&allowPublicKeyRetrieval=true
username: root
password: 123
liquibase:
enabled: true
change-log: classpath:db/scripts/changelog-master.xml
url: jdbc:mysql://localhost:3306/hedgehogcloud?verifyServerCertificate=false&useSSL=false&requireSSL=false&useLegacyDatetimeCode=false&amp&serverTimezone=UTC&allowPublicKeyRetrieval=true
user: root
password: 123
liquibase-schema: "liquibase"
default-schema: "hedgehogcloud"

26
src/main/resources/templates/login.html Normal file
View File

@ -0,0 +1,26 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<meta charset="UTF-8">
<title>Login Page</title>
</head>
<body class="text-center">
<body style="background-color:#f1efef">
<div class="row">
<div class="col"></div>
<div class="col">
<form method="POST" action="/login">
<div class="text-center p-5">
<p class="h2 fw-bold" style="text-align: Left">Please sign in</p>
<input name="j_username" class="form-control" placeholder="Email address" size="45" type="email">
<input name="j_password" class="form-control" placeholder="Password" size="45" type="password">
<button class="w-100 btn btn-lg btn-primary" type="submit">Sign in</button>
</div>
</form>
</div>
<div class="col"></div>
</div>
</body>
</body>
</html>