- added password to CustomerInfo
- added unique email constraint to CustomerQuerySide - updated authorization logic
This commit is contained in:
dartpopikyardo
@@ -41,7 +41,7 @@ public class AuthController {
|
||||
|
||||
@RequestMapping(value = "/login", method = POST)
|
||||
public ResponseEntity<QuerySideCustomer> doAuth(@RequestBody @Valid AuthRequest request) throws IOException {
|
||||
QuerySideCustomer customer = customerAuthService.findByEmail(request.getEmail());
|
||||
QuerySideCustomer customer = customerAuthService.findByEmailAndPassword(request.getEmail(), request.getPassword());
|
||||
|
||||
Token token = tokenService.allocateToken(objectMapper.writeValueAsString(new User(request.getEmail())));
|
||||
return ResponseEntity.status(HttpStatus.OK).header("access-token", token.getKey())
|
||||
|
||||
@@ -12,11 +12,15 @@ public class AuthRequest {
|
||||
@Email
|
||||
private String email;
|
||||
|
||||
@NotBlank
|
||||
private String password;
|
||||
|
||||
public AuthRequest() {
|
||||
}
|
||||
|
||||
public AuthRequest(String email) {
|
||||
public AuthRequest(String email, String password) {
|
||||
this.email = email;
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
@@ -26,4 +30,12 @@ public class AuthRequest {
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package net.chrisrichardson.eventstore.javaexamples.banking.commonauth;
|
||||
|
||||
import net.chrisrichardson.eventstore.javaexamples.banking.common.customers.QuerySideCustomer;
|
||||
import net.chrisrichardson.eventstore.javaexamples.banking.commonauth.filter.StatelessAuthenticationFilter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
@@ -18,6 +19,7 @@ import org.springframework.security.core.token.KeyBasedPersistenceTokenService;
|
||||
import org.springframework.security.core.token.TokenService;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
|
||||
import java.security.SecureRandom;
|
||||
@@ -50,15 +52,13 @@ public class AuthConfiguration extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
public UserDetailsService userDetailsServiceBean() {
|
||||
return email -> {
|
||||
/* QuerySideCustomer customer = customerAuthService.findByEmail(email);
|
||||
if (customer != null) {
|
||||
return new User(email);
|
||||
} else {
|
||||
throw new UsernameNotFoundException(String.format("could not find the customer '%s'", email));
|
||||
}*/
|
||||
//authorize everyone with basic authentication
|
||||
return new User(email, "", true, true, true, true,
|
||||
AuthorityUtils.createAuthorityList("USER"));
|
||||
QuerySideCustomer customer = customerAuthService.findByEmail(email);
|
||||
if (customer != null) {
|
||||
return new User(email, customer.getPassword(), true, true, true, true,
|
||||
AuthorityUtils.createAuthorityList("USER"));
|
||||
} else {
|
||||
throw new UsernameNotFoundException(String.format("could not find the customer '%s'", email));
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@@ -8,4 +8,6 @@ import java.util.List;
|
||||
interface CustomerAuthRepository extends MongoRepository<QuerySideCustomer, String> {
|
||||
|
||||
List<QuerySideCustomer> findByEmail(String email);
|
||||
|
||||
List<QuerySideCustomer> findByEmailAndPassword(String email, String password);
|
||||
}
|
||||
@@ -19,9 +19,14 @@ public class CustomerAuthService {
|
||||
List<QuerySideCustomer> customers = customerAuthRepository.findByEmail(email);
|
||||
if (customers.isEmpty())
|
||||
throw new EmptyResultDataAccessException(1);
|
||||
//TODO: add unique email constraint
|
||||
/* else if(customers.size()>1)
|
||||
throw new IncorrectResultSizeDataAccessException(1, customers.size());*/
|
||||
else
|
||||
return customers.get(0);
|
||||
}
|
||||
|
||||
public QuerySideCustomer findByEmailAndPassword(String email, String password) {
|
||||
List<QuerySideCustomer> customers = customerAuthRepository.findByEmailAndPassword(email, password);
|
||||
if (customers.isEmpty())
|
||||
throw new EmptyResultDataAccessException(1);
|
||||
else
|
||||
return customers.get(0);
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ apply plugin: 'java'
|
||||
dependencies {
|
||||
compile "commons-lang:commons-lang:2.6"
|
||||
compile "org.springframework.boot:spring-boot-starter-web:$springBootVersion"
|
||||
compile "org.springframework.boot:spring-boot-starter-data-mongodb:$springBootVersion"
|
||||
|
||||
testCompile group: 'junit', name: 'junit', version: '4.11'
|
||||
}
|
||||
|
||||
@@ -13,6 +13,8 @@ public class CustomerInfo {
|
||||
@NotNull
|
||||
protected String email;
|
||||
@NotNull
|
||||
protected String password;
|
||||
@NotNull
|
||||
protected String ssn;
|
||||
@NotNull
|
||||
protected String phoneNumber;
|
||||
@@ -21,9 +23,10 @@ public class CustomerInfo {
|
||||
public CustomerInfo() {
|
||||
}
|
||||
|
||||
public CustomerInfo(Name name, String email, String ssn, String phoneNumber, Address address) {
|
||||
public CustomerInfo(Name name, String email, String password, String ssn, String phoneNumber, Address address) {
|
||||
this.name = name;
|
||||
this.email = email;
|
||||
this.password = password;
|
||||
this.ssn = ssn;
|
||||
this.phoneNumber = phoneNumber;
|
||||
this.address = address;
|
||||
@@ -37,6 +40,10 @@ public class CustomerInfo {
|
||||
return email;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public String getSsn() {
|
||||
return ssn;
|
||||
}
|
||||
|
||||
@@ -1,14 +1,19 @@
|
||||
package net.chrisrichardson.eventstore.javaexamples.banking.common.customers;
|
||||
|
||||
import org.springframework.data.mongodb.core.index.Indexed;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* Created by Main on 05.02.2016.
|
||||
*/
|
||||
public class QuerySideCustomer {
|
||||
|
||||
private String id;
|
||||
private Name name;
|
||||
@Indexed(unique=true)
|
||||
private String email;
|
||||
private String password;
|
||||
private String ssn;
|
||||
private String phoneNumber;
|
||||
private Address address;
|
||||
@@ -17,10 +22,11 @@ public class QuerySideCustomer {
|
||||
public QuerySideCustomer() {
|
||||
}
|
||||
|
||||
public QuerySideCustomer(String id, Name name, String email, String ssn, String phoneNumber, Address address, Map<String, ToAccountInfo> toAccounts) {
|
||||
public QuerySideCustomer(String id, Name name, String email, String password, String ssn, String phoneNumber, Address address, Map<String, ToAccountInfo> toAccounts) {
|
||||
this.id = id;
|
||||
this.name = name;
|
||||
this.email = email;
|
||||
this.password = password;
|
||||
this.ssn = ssn;
|
||||
this.phoneNumber = phoneNumber;
|
||||
this.address = address;
|
||||
@@ -51,6 +57,14 @@ public class QuerySideCustomer {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
public String getSsn() {
|
||||
return ssn;
|
||||
}
|
||||
|
||||
@@ -27,6 +27,7 @@ public class CustomerInfoUpdateService {
|
||||
querySideCustomerRepository.save(new QuerySideCustomer(id,
|
||||
customerInfo.getName(),
|
||||
customerInfo.getEmail(),
|
||||
customerInfo.getPassword(),
|
||||
customerInfo.getSsn(),
|
||||
customerInfo.getPhoneNumber(),
|
||||
customerInfo.getAddress(),
|
||||
|
||||
@@ -55,6 +55,7 @@ public class CustomersTestUtils {
|
||||
return new CustomerInfo(
|
||||
new Name("John", "Doe"),
|
||||
email,
|
||||
"simple_password",
|
||||
"000-00-0000",
|
||||
"1-111-111-1111",
|
||||
new Address("street 1",
|
||||
|
||||
Reference in New Issue
Block a user