From d3775947204d814dcc1ab8f75d99d1c4b5512bba Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sun, 24 Mar 2019 15:09:28 +0100
Subject: [PATCH 01/11] Implemented Login

---
 build.gradle                                  |  7 +++
 .../hhn/labsw/bugageocaching/Application.java | 11 +++-
 .../config/WebSecurityConfig.java             | 52 +++++++++++++++++++
 .../bugageocaching/controller/Controller.java | 21 ++++++++
 .../labsw/bugageocaching/entities/Role.java   | 44 ++++++++++++++++
 .../labsw/bugageocaching/entities/User.java   | 41 ++++++++-------
 .../repositories/BearbeitetRepository.java    |  3 +-
 .../CacheAccesDefinitionRepository.java       |  3 +-
 .../repositories/CacheRepository.java         |  3 +-
 .../repositories/RewardRepository.java        |  3 +-
 .../repositories/RoleRepository.java          |  7 +++
 .../repositories/StationRepository.java       |  3 +-
 .../repositories/TeamRepository.java          |  3 +-
 .../repositories/UserRepository.java          |  4 +-
 .../service/SecurityService.java              |  8 +++
 .../service/SecurityServiceImpl.java          | 48 +++++++++++++++++
 .../service/UserDetailsServiceImpl.java       | 37 +++++++++++++
 .../bugageocaching/service/UserService.java   | 10 ++++
 .../service/UserServiceImpl.java              | 33 ++++++++++++
 19 files changed, 314 insertions(+), 27 deletions(-)
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/entities/Role.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/repositories/RoleRepository.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserService.java
 create mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java

diff --git a/build.gradle b/build.gradle
index 5724707..26ee00d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -34,6 +34,13 @@ dependencies {
 
     //JSON Parser
     implementation 'com.google.code.gson:gson:2.8.5'
+
+    compile 'org.springframework.boot:spring-boot-starter-tomcat'
+    compile 'org.springframework.boot:spring-boot-starter-security'
+    compile 'org.springframework.boot:spring-boot-starter-actuator'
+    compile 'org.springframework.boot:spring-boot-starter-aop'
+    compile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
+
 }
 
 node {
diff --git a/src/main/java/hhn/labsw/bugageocaching/Application.java b/src/main/java/hhn/labsw/bugageocaching/Application.java
index 8362492..0212443 100644
--- a/src/main/java/hhn/labsw/bugageocaching/Application.java
+++ b/src/main/java/hhn/labsw/bugageocaching/Application.java
@@ -3,11 +3,18 @@ package hhn.labsw.bugageocaching;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 
 @SpringBootApplication
-public class Application {
+public class Application{
 
-  public static void main(String[] args) {
+  /**@Override
+  protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+    return application.sources(Application.class);
+  }**/
+
+  public static void main(String[] args) throws Exception {
     SpringApplication.run(Application.class, args);
   }
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java b/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
new file mode 100644
index 0000000..7af8e75
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
@@ -0,0 +1,52 @@
+package hhn.labsw.bugageocaching.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+  @Qualifier("userDetailsServiceImpl")
+  @Autowired
+  private UserDetailsService userDetailsService;
+
+  @Bean
+  public BCryptPasswordEncoder bCryptPasswordEncoder() {
+    return new BCryptPasswordEncoder();
+  }
+
+  @Override
+  protected void configure(HttpSecurity http) throws Exception {
+    http
+        .authorizeRequests()
+        .antMatchers("/allCaches").permitAll()
+        .anyRequest().authenticated()
+        .and()
+        .formLogin()
+        .defaultSuccessUrl("/allCaches")
+        .permitAll()
+        .and()
+        .logout()
+        .permitAll();
+  }
+
+  @Bean
+  public AuthenticationManager customAuthenticationManager() throws Exception {
+    return authenticationManager();
+  }
+
+  @Autowired
+  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
+  }
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
index c524e99..be59059 100644
--- a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
+++ b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
@@ -3,7 +3,14 @@ package hhn.labsw.bugageocaching.controller;
 import com.google.gson.Gson;
 import hhn.labsw.bugageocaching.entities.*;
 import hhn.labsw.bugageocaching.repositories.*;
+import hhn.labsw.bugageocaching.service.SecurityService;
+import hhn.labsw.bugageocaching.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.Optional;
@@ -32,6 +39,13 @@ public class Controller {
   @Autowired
   UserRepository userRepository;
 
+  @Autowired
+  private UserService userService;
+
+  @Autowired
+  private SecurityService securityService;
+
+
   @RequestMapping("/allCaches")
   @ResponseBody
   public String getAllCaches(){
@@ -63,4 +77,11 @@ public class Controller {
 
     return bearbeitet;
   }
+
+  @RequestMapping("/securityCheck")
+  @ResponseBody
+  public String securityCheck(){
+    return "Angemeldet";
+  }
+
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/entities/Role.java b/src/main/java/hhn/labsw/bugageocaching/entities/Role.java
new file mode 100644
index 0000000..47da1bd
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/entities/Role.java
@@ -0,0 +1,44 @@
+package hhn.labsw.bugageocaching.entities;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+import javax.persistence.ManyToMany;
+import java.util.Set;
+
+@Entity
+public class Role {
+
+  @Id
+  @GeneratedValue
+  int id;
+
+  private String name;
+
+  @ManyToMany(mappedBy = "roles")
+  private Set<User> users;
+
+  public int getId() {
+    return id;
+  }
+
+  public void setId(int id) {
+    this.id = id;
+  }
+
+  public String getName() {
+    return name;
+  }
+
+  public void setName(String name) {
+    this.name = name;
+  }
+
+  public Set<User> getUsers() {
+    return users;
+  }
+
+  public void setUsers(Set<User> users) {
+    this.users = users;
+  }
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/entities/User.java b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
index eb0e75d..7c0abe4 100644
--- a/src/main/java/hhn/labsw/bugageocaching/entities/User.java
+++ b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
@@ -1,6 +1,7 @@
 package hhn.labsw.bugageocaching.entities;
 
 import javax.persistence.*;
+import java.util.Set;
 
 @Entity
 @Table
@@ -14,14 +15,18 @@ public class User {
   private String lastname;
   private String username;
   private int rankingPointsSum;
-  private String discriminator; //should be Admin or Cacher
   private String email;
   private String password;
-  private String salt;
 
   @ManyToOne
   private Team team;
 
+  @ManyToMany
+  Set<Role> roles;
+
+  @Transient
+  private String passwordConfirm;
+
   public int getId() {
     return id;
   }
@@ -62,14 +67,6 @@ public class User {
     this.rankingPointsSum = rankingPointsSum;
   }
 
-  public String getDiscriminator() {
-    return discriminator;
-  }
-
-  public void setDiscriminator(String discriminator) {
-    this.discriminator = discriminator;
-  }
-
   public String getEmail() {
     return email;
   }
@@ -86,14 +83,6 @@ public class User {
     this.password = password;
   }
 
-  public String getSalt() {
-    return salt;
-  }
-
-  public void setSalt(String salt) {
-    this.salt = salt;
-  }
-
   public Team getTeam() {
     return team;
   }
@@ -101,4 +90,20 @@ public class User {
   public void setTeam(Team team) {
     this.team = team;
   }
+
+  public Set<Role> getRoles() {
+    return roles;
+  }
+
+  public void setRoles(Set<Role> roles) {
+    this.roles = roles;
+  }
+
+  public String getPasswordConfirm() {
+    return passwordConfirm;
+  }
+
+  public void setPasswordConfirm(String passwordConfirm) {
+    this.passwordConfirm = passwordConfirm;
+  }
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/BearbeitetRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/BearbeitetRepository.java
index fb4a270..ac5484c 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/BearbeitetRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/BearbeitetRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Bearbeitet;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface BearbeitetRepository extends CrudRepository<Bearbeitet, Integer> {
+public interface BearbeitetRepository extends JpaRepository<Bearbeitet, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/CacheAccesDefinitionRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/CacheAccesDefinitionRepository.java
index 2a01cab..a807947 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/CacheAccesDefinitionRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/CacheAccesDefinitionRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.CacheAccesDefinition;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface CacheAccesDefinitionRepository extends CrudRepository<CacheAccesDefinition, Integer> {
+public interface CacheAccesDefinitionRepository extends JpaRepository<CacheAccesDefinition, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/CacheRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/CacheRepository.java
index b480c64..9ac29b1 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/CacheRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/CacheRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Cache;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface CacheRepository extends CrudRepository<Cache, Integer> {
+public interface CacheRepository extends JpaRepository<Cache, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/RewardRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/RewardRepository.java
index ca51b18..0756cec 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/RewardRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/RewardRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Reward;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface RewardRepository extends CrudRepository<Reward, Integer> {
+public interface RewardRepository extends JpaRepository<Reward, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/RoleRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/RoleRepository.java
new file mode 100644
index 0000000..b5f8798
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/RoleRepository.java
@@ -0,0 +1,7 @@
+package hhn.labsw.bugageocaching.repositories;
+
+import hhn.labsw.bugageocaching.entities.Role;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface RoleRepository extends JpaRepository<Role, Integer> {
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/StationRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/StationRepository.java
index c902ec5..146c9bb 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/StationRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/StationRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Station;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface StationRepository extends CrudRepository<Station, Integer> {
+public interface StationRepository extends JpaRepository<Station, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/TeamRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/TeamRepository.java
index edf1d5d..77c69d9 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/TeamRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/TeamRepository.java
@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Team;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface TeamRepository extends CrudRepository<Team, Integer> {
+public interface TeamRepository extends JpaRepository<Team, Integer> {
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
index f899608..a56391e 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
@@ -1,7 +1,9 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.User;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface UserRepository extends CrudRepository<User, Integer> {
+public interface UserRepository extends JpaRepository<User, Integer> {
+  User findByUsername(String username);
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java b/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
new file mode 100644
index 0000000..aed5944
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
@@ -0,0 +1,8 @@
+package hhn.labsw.bugageocaching.service;
+
+public interface SecurityService {
+
+  String findLoggedInUsername();
+
+  void autoLogin(String username, String password);
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
new file mode 100644
index 0000000..9bdd3f6
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
@@ -0,0 +1,48 @@
+package hhn.labsw.bugageocaching.service;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class SecurityServiceImpl implements SecurityService{
+
+  @Autowired
+  private AuthenticationManager authenticationManager;
+
+  @Qualifier("userDetailsServiceImpl")
+  @Autowired
+  private UserDetailsService userDetailsService;
+
+  private static final Logger logger = LoggerFactory.getLogger(SecurityServiceImpl.class);
+
+  @Override
+  public String findLoggedInUsername() {
+    Object userDetails = SecurityContextHolder.getContext().getAuthentication().getDetails();
+    if (userDetails instanceof UserDetails) {
+      return ((UserDetails)userDetails).getUsername();
+    }
+
+    return null;
+  }
+
+  @Override
+  public void autoLogin(String username, String password) {
+    UserDetails userDetails = userDetailsService.loadUserByUsername(username);
+    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
+
+    authenticationManager.authenticate(usernamePasswordAuthenticationToken);
+
+    if (usernamePasswordAuthenticationToken.isAuthenticated()) {
+      SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
+      logger.debug(String.format("Auto login %s successfully!", username));
+    }
+  }
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
new file mode 100644
index 0000000..c261830
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
@@ -0,0 +1,37 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.Role;
+import hhn.labsw.bugageocaching.entities.User;
+import hhn.labsw.bugageocaching.repositories.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.HashSet;
+import java.util.Set;
+
+@Service
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+  @Autowired
+  private UserRepository userRepository;
+
+  @Override
+  @Transactional(readOnly = true)
+  public UserDetails loadUserByUsername(String username) {
+    User user = userRepository.findByUsername(username);
+    if (user == null) throw new UsernameNotFoundException(username);
+
+    Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
+    for (Role role : user.getRoles()){
+      grantedAuthorities.add(new SimpleGrantedAuthority(role.getName()));
+    }
+
+    return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);
+  }
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserService.java b/src/main/java/hhn/labsw/bugageocaching/service/UserService.java
new file mode 100644
index 0000000..e5e1c0b
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/service/UserService.java
@@ -0,0 +1,10 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.User;
+
+public interface UserService {
+  void save(User user);
+
+  User findByUsername(String username);
+
+}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java
new file mode 100644
index 0000000..6374d36
--- /dev/null
+++ b/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java
@@ -0,0 +1,33 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.User;
+import hhn.labsw.bugageocaching.repositories.RoleRepository;
+import hhn.labsw.bugageocaching.repositories.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.util.HashSet;
+
+@Service
+public class UserServiceImpl implements UserService {
+
+  @Autowired
+  private UserRepository userRepository;
+  @Autowired
+  private RoleRepository roleRepository;
+  @Autowired
+  private BCryptPasswordEncoder bCryptPasswordEncoder;
+
+  @Override
+  public void save(User user) {
+    user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
+    user.setRoles(new HashSet<>(roleRepository.findAll()));
+    userRepository.save(user);
+  }
+
+  @Override
+  public User findByUsername(String username) {
+    return userRepository.findByUsername(username);
+  }
+}

From d06b2aacc1b891afed5041d9d4bb5157511eb1ff Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Mon, 25 Mar 2019 13:17:11 +0100
Subject: [PATCH 02/11] Deleted idea files

---
 .idea/checkstyle-idea.xml                        | 16 ----------------
 .idea/compiler.xml                               | 11 -----------
 .idea/inspectionProfiles/Project_Default.xml     |  6 ------
 .idea/misc.xml                                   | 10 ----------
 ....de.hhn.labsw.labswp_2019_sose_geocaching.iml | 12 ------------
 5 files changed, 55 deletions(-)
 delete mode 100644 .idea/checkstyle-idea.xml
 delete mode 100644 .idea/compiler.xml
 delete mode 100644 .idea/inspectionProfiles/Project_Default.xml
 delete mode 100644 .idea/misc.xml
 delete mode 100644 .idea/modules/LabSWPS.de.hhn.labsw.labswp_2019_sose_geocaching.iml

diff --git a/.idea/checkstyle-idea.xml b/.idea/checkstyle-idea.xml
deleted file mode 100644
index 6d6a80d..0000000
--- a/.idea/checkstyle-idea.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="CheckStyle-IDEA">
-    <option name="configuration">
-      <map>
-        <entry key="checkstyle-version" value="8.13" />
-        <entry key="copy-libs" value="false" />
-        <entry key="location-0" value="BUNDLED:(bundled):Sun Checks" />
-        <entry key="location-1" value="BUNDLED:(bundled):Google Checks" />
-        <entry key="scan-before-checkin" value="false" />
-        <entry key="scanscope" value="JavaOnly" />
-        <entry key="suppress-errors" value="false" />
-      </map>
-    </option>
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/compiler.xml b/.idea/compiler.xml
deleted file mode 100644
index 35c475b..0000000
--- a/.idea/compiler.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="CompilerConfiguration">
-    <bytecodeTargetLevel>
-      <module name="de.hhn.labsw.BuGaGeocaching.main" target="1.8" />
-      <module name="de.hhn.labsw.BuGaGeocaching.test" target="1.8" />
-      <module name="labswp_2019_sose_geocaching.de.hhn.labsw.labswp_2019_sose_geocaching.main" target="1.8" />
-      <module name="labswp_2019_sose_geocaching.de.hhn.labsw.labswp_2019_sose_geocaching.test" target="1.8" />
-    </bytecodeTargetLevel>
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
deleted file mode 100644
index 03d9549..0000000
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<component name="InspectionProjectProfileManager">
-  <profile version="1.0">
-    <option name="myName" value="Project Default" />
-    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
-  </profile>
-</component>
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
deleted file mode 100644
index 216536e..0000000
--- a/.idea/misc.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ExternalStorageConfigurationManager" enabled="true" />
-  <component name="JavaScriptSettings">
-    <option name="languageLevel" value="ES6" />
-  </component>
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK">
-    <output url="file://$PROJECT_DIR$/out" />
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/modules/LabSWPS.de.hhn.labsw.labswp_2019_sose_geocaching.iml b/.idea/modules/LabSWPS.de.hhn.labsw.labswp_2019_sose_geocaching.iml
deleted file mode 100644
index 92b5305..0000000
--- a/.idea/modules/LabSWPS.de.hhn.labsw.labswp_2019_sose_geocaching.iml
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module external.linked.project.id="labswp_2019_sose_geocaching" external.linked.project.path="$MODULE_DIR$/../.." external.root.project.path="$MODULE_DIR$/../.." external.system.id="GRADLE" external.system.module.group="de.hhn.labsw" external.system.module.version="0.0.1-SNAPSHOT" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="true">
-    <exclude-output />
-    <content url="file://$MODULE_DIR$/../..">
-      <excludeFolder url="file://$MODULE_DIR$/../../.gradle" />
-      <excludeFolder url="file://$MODULE_DIR$/../../build" />
-    </content>
-    <orderEntry type="inheritedJdk" />
-    <orderEntry type="sourceFolder" forTests="false" />
-  </component>
-</module>
\ No newline at end of file

From 99512b425010216ba27e77cdc6c47846796764a1 Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sat, 6 Apr 2019 12:29:09 +0200
Subject: [PATCH 03/11] Implemented Login with JWT

---
 build.gradle                                  |  5 ++
 .../bugageocaching/controller/Controller.java | 48 +++++++++++++++----
 .../labsw/bugageocaching/entities/Role.java   |  5 ++
 3 files changed, 50 insertions(+), 8 deletions(-)

diff --git a/build.gradle b/build.gradle
index 62a8c2c..94f19e8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -37,6 +37,11 @@ dependencies {
 
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '5.1.4.RELEASE'
 
+    //JWT
+    compile 'io.jsonwebtoken:jjwt-api:0.10.5'
+    runtime 'io.jsonwebtoken:jjwt-impl:0.10.5',
+            'io.jsonwebtoken:jjwt-jackson:0.10.5'
+
 }
 
 node {
diff --git a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
index a962339..d57fd8b 100644
--- a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
+++ b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
@@ -1,20 +1,27 @@
 package hhn.labsw.bugageocaching.controller;
 
 import com.google.gson.Gson;
+
 import hhn.labsw.bugageocaching.entities.*;
 import hhn.labsw.bugageocaching.exceptions.IllegalParameterException;
 import hhn.labsw.bugageocaching.repositories.*;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.crypto.bcrypt.BCrypt;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
-import java.util.Random;
+import javax.annotation.PostConstruct;
+import javax.xml.bind.DatatypeConverter;
+import java.security.Key;
+import java.security.SecureRandom;
+import java.util.*;
 import java.util.concurrent.atomic.AtomicLong;
+import java.util.logging.Logger;
 
 @RestController
 public class Controller {
@@ -44,6 +51,13 @@ public class Controller {
   StationReihenfolgeRepository stationReihenfolgeRepository;
 
   private AtomicLong counter = new AtomicLong();
+  byte[] key = new byte[64];
+
+  @PostConstruct
+  public void init(){
+    new SecureRandom().nextBytes(key);
+    System.out.println(Arrays.toString(key));
+  }
 
   @CrossOrigin(origins = "http://localhost:8081") // only for dev purpose
   @RequestMapping("/api/allCaches")
@@ -65,14 +79,32 @@ public class Controller {
       return ResponseEntity.status(404).body("User was not found");
     }
 
-    if (BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())) {
+    SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
+
+    if(BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())){
+      String token = Jwts.builder().setSubject(user.getUsername()).claim("admin", userRepository.findByUsername(user.getUsername()).getRoles().stream().anyMatch(x->x.getId()==0)).setExpiration(new Date(new Date().getTime() + (1000 * 60 * 60 * 24))).signWith(signatureAlgorithm, key).compact();
+      System.out.println(token);
+
+      Claims claims = Jwts.parser()
+          .setSigningKey(key)
+          .parseClaimsJws(token).getBody();
+      System.out.println("ID: " + claims.getId());
+      System.out.println("Subject: " + claims.getSubject());
+      System.out.println("Issuer: " + claims.getIssuer());
+      System.out.println("Admin: " + claims.get("admin"));
+      System.out.println("Expiration: " + claims.getExpiration());
+
+      return ResponseEntity.status(200).body(token);
+    }
+
+    /*if (BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())) {
       String token = user.getUsername() + BCrypt.hashpw(String.valueOf(System.currentTimeMillis() + counter.incrementAndGet()), BCrypt.gensalt());
       String hashedToken = BCrypt.hashpw(token, BCrypt.gensalt());
       userRepository.findByUsername(user.getUsername()).setToken(hashedToken);
       userRepository.save(userRepository.findByUsername(user.getUsername()));
       //return ResponseEntity.ok(new Gson().toJson(token));
       return ResponseEntity.status(200).body(token);
-    }
+    }*/
     return ResponseEntity.status(400).body("Es ist ein Fehler aufgetreten");
   }
 
@@ -132,14 +164,14 @@ public class Controller {
   @ResponseBody
   public ResponseEntity logout(@RequestParam String token) {
 //    System.out.println("logout");
-    User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
+    /*User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
 //    System.out.println(token);
 //    System.out.println(user.getToken());
     if (user == null || user.getToken().isEmpty()) {
       return ResponseEntity.status(404).body("User was not found");
     }
     user.setToken(null);
-    userRepository.save(user);
+    userRepository.save(user);*/
     return ResponseEntity.status(200).body("Token was deleted");
   }
 
diff --git a/src/main/java/hhn/labsw/bugageocaching/entities/Role.java b/src/main/java/hhn/labsw/bugageocaching/entities/Role.java
index 5019a0b..b5612bc 100644
--- a/src/main/java/hhn/labsw/bugageocaching/entities/Role.java
+++ b/src/main/java/hhn/labsw/bugageocaching/entities/Role.java
@@ -31,4 +31,9 @@ public class Role {
   public void setName(String name) {
     this.name = name;
   }
+
+  @Override
+  public String toString() {
+    return name;
+  }
 }

From e45bdb045661013bb47f9e26dc7a84bc9b708506 Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sat, 6 Apr 2019 12:36:13 +0200
Subject: [PATCH 04/11] Slight changes to jwt

---
 .../hhn/labsw/bugageocaching/controller/Controller.java     | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
index d57fd8b..ebb9744 100644
--- a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
+++ b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
@@ -82,7 +82,11 @@ public class Controller {
     SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
 
     if(BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())){
-      String token = Jwts.builder().setSubject(user.getUsername()).claim("admin", userRepository.findByUsername(user.getUsername()).getRoles().stream().anyMatch(x->x.getId()==0)).setExpiration(new Date(new Date().getTime() + (1000 * 60 * 60 * 24))).signWith(signatureAlgorithm, key).compact();
+      String token = Jwts.builder()
+          .setSubject(user.getUsername())
+          .claim("admin", userRepository.findByUsername(user.getUsername()).getRoles().stream().anyMatch(x->x.getId()==0)) //True if user is admin
+          .setExpiration(new Date(new Date().getTime() + (1000 * 60 * 60 * 24))) //One day expiration
+          .signWith(signatureAlgorithm, key).compact();
       System.out.println(token);
 
       Claims claims = Jwts.parser()

From affd0a20f8de106c868be85cef11bb2522f28962 Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sat, 6 Apr 2019 12:39:45 +0200
Subject: [PATCH 05/11] MErge Conflict

---
 .../config/WebSecurityConfig.java             | 52 -------------------
 .../labsw/bugageocaching/entities/User.java   | 31 +++--------
 .../repositories/UserRepository.java          |  7 +--
 .../service/SecurityService.java              |  8 ---
 .../service/SecurityServiceImpl.java          | 48 -----------------
 .../service/UserDetailsServiceImpl.java       | 37 -------------
 .../bugageocaching/service/UserService.java   | 10 ----
 .../service/UserServiceImpl.java              | 33 ------------
 8 files changed, 8 insertions(+), 218 deletions(-)
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserService.java
 delete mode 100644 src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java

diff --git a/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java b/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
deleted file mode 100644
index 7af8e75..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package hhn.labsw.bugageocaching.config;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-
-@Configuration
-@EnableWebSecurity
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
-  @Qualifier("userDetailsServiceImpl")
-  @Autowired
-  private UserDetailsService userDetailsService;
-
-  @Bean
-  public BCryptPasswordEncoder bCryptPasswordEncoder() {
-    return new BCryptPasswordEncoder();
-  }
-
-  @Override
-  protected void configure(HttpSecurity http) throws Exception {
-    http
-        .authorizeRequests()
-        .antMatchers("/allCaches").permitAll()
-        .anyRequest().authenticated()
-        .and()
-        .formLogin()
-        .defaultSuccessUrl("/allCaches")
-        .permitAll()
-        .and()
-        .logout()
-        .permitAll();
-  }
-
-  @Bean
-  public AuthenticationManager customAuthenticationManager() throws Exception {
-    return authenticationManager();
-  }
-
-  @Autowired
-  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-    auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
-  }
-}
diff --git a/src/main/java/hhn/labsw/bugageocaching/entities/User.java b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
index 3e98d14..ff11f43 100644
--- a/src/main/java/hhn/labsw/bugageocaching/entities/User.java
+++ b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
@@ -1,11 +1,11 @@
 package hhn.labsw.bugageocaching.entities;
 
 import javax.persistence.*;
-<<<<<<< HEAD
+
 import java.util.Set;
-=======
+
 import java.util.List;
->>>>>>> develop
+
 
 @Entity
 @Table
@@ -21,20 +21,17 @@ public class User {
   private int rankingPointsSum;
   private String email;
   private String password;
-<<<<<<< HEAD
-=======
+
 
   @ManyToMany
   private List<Role> roles;
 
   private String token;
->>>>>>> develop
+
 
   @ManyToOne
   private Team team;
 
-  @ManyToMany
-  Set<Role> roles;
 
   @Transient
   private String passwordConfirm;
@@ -103,22 +100,6 @@ public class User {
     this.team = team;
   }
 
-<<<<<<< HEAD
-  public Set<Role> getRoles() {
-    return roles;
-  }
-
-  public void setRoles(Set<Role> roles) {
-    this.roles = roles;
-  }
-
-  public String getPasswordConfirm() {
-    return passwordConfirm;
-  }
-
-  public void setPasswordConfirm(String passwordConfirm) {
-    this.passwordConfirm = passwordConfirm;
-=======
   public List<Role> getRoles() {
     return roles;
   }
@@ -133,6 +114,6 @@ public class User {
 
   public void setToken(String token) {
     this.token = token;
->>>>>>> develop
+
   }
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java b/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
index 99b0fb2..df051fc 100644
--- a/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
+++ b/src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java
@@ -1,13 +1,10 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.User;
-<<<<<<< HEAD
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface UserRepository extends JpaRepository<User, Integer> {
-  User findByUsername(String username);
-=======
+
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 
@@ -19,5 +16,5 @@ public interface UserRepository extends CrudRepository<User, Integer> {
 
   @Query(value = "SELECT u.username, u.ranking_points_sum from user u order by ranking_points_sum DESC", nativeQuery = true)
   List<Object[]> getRankingList();
->>>>>>> develop
+
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java b/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
deleted file mode 100644
index aed5944..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java
+++ /dev/null
@@ -1,8 +0,0 @@
-package hhn.labsw.bugageocaching.service;
-
-public interface SecurityService {
-
-  String findLoggedInUsername();
-
-  void autoLogin(String username, String password);
-}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
deleted file mode 100644
index 9bdd3f6..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java
+++ /dev/null
@@ -1,48 +0,0 @@
-package hhn.labsw.bugageocaching.service;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.stereotype.Service;
-
-@Service
-public class SecurityServiceImpl implements SecurityService{
-
-  @Autowired
-  private AuthenticationManager authenticationManager;
-
-  @Qualifier("userDetailsServiceImpl")
-  @Autowired
-  private UserDetailsService userDetailsService;
-
-  private static final Logger logger = LoggerFactory.getLogger(SecurityServiceImpl.class);
-
-  @Override
-  public String findLoggedInUsername() {
-    Object userDetails = SecurityContextHolder.getContext().getAuthentication().getDetails();
-    if (userDetails instanceof UserDetails) {
-      return ((UserDetails)userDetails).getUsername();
-    }
-
-    return null;
-  }
-
-  @Override
-  public void autoLogin(String username, String password) {
-    UserDetails userDetails = userDetailsService.loadUserByUsername(username);
-    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
-
-    authenticationManager.authenticate(usernamePasswordAuthenticationToken);
-
-    if (usernamePasswordAuthenticationToken.isAuthenticated()) {
-      SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
-      logger.debug(String.format("Auto login %s successfully!", username));
-    }
-  }
-}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
deleted file mode 100644
index c261830..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package hhn.labsw.bugageocaching.service;
-
-import hhn.labsw.bugageocaching.entities.Role;
-import hhn.labsw.bugageocaching.entities.User;
-import hhn.labsw.bugageocaching.repositories.UserRepository;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import java.util.HashSet;
-import java.util.Set;
-
-@Service
-public class UserDetailsServiceImpl implements UserDetailsService {
-
-  @Autowired
-  private UserRepository userRepository;
-
-  @Override
-  @Transactional(readOnly = true)
-  public UserDetails loadUserByUsername(String username) {
-    User user = userRepository.findByUsername(username);
-    if (user == null) throw new UsernameNotFoundException(username);
-
-    Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
-    for (Role role : user.getRoles()){
-      grantedAuthorities.add(new SimpleGrantedAuthority(role.getName()));
-    }
-
-    return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);
-  }
-}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserService.java b/src/main/java/hhn/labsw/bugageocaching/service/UserService.java
deleted file mode 100644
index e5e1c0b..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/service/UserService.java
+++ /dev/null
@@ -1,10 +0,0 @@
-package hhn.labsw.bugageocaching.service;
-
-import hhn.labsw.bugageocaching.entities.User;
-
-public interface UserService {
-  void save(User user);
-
-  User findByUsername(String username);
-
-}
diff --git a/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java b/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java
deleted file mode 100644
index 6374d36..0000000
--- a/src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java
+++ /dev/null
@@ -1,33 +0,0 @@
-package hhn.labsw.bugageocaching.service;
-
-import hhn.labsw.bugageocaching.entities.User;
-import hhn.labsw.bugageocaching.repositories.RoleRepository;
-import hhn.labsw.bugageocaching.repositories.UserRepository;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.stereotype.Service;
-
-import java.util.HashSet;
-
-@Service
-public class UserServiceImpl implements UserService {
-
-  @Autowired
-  private UserRepository userRepository;
-  @Autowired
-  private RoleRepository roleRepository;
-  @Autowired
-  private BCryptPasswordEncoder bCryptPasswordEncoder;
-
-  @Override
-  public void save(User user) {
-    user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
-    user.setRoles(new HashSet<>(roleRepository.findAll()));
-    userRepository.save(user);
-  }
-
-  @Override
-  public User findByUsername(String username) {
-    return userRepository.findByUsername(username);
-  }
-}

From d8780744a52b20334d920111848f51959fee0ca6 Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sat, 6 Apr 2019 16:10:01 +0200
Subject: [PATCH 06/11] Implemented JWT

---
 .../bugageocaching/controller/Controller.java | 135 ++++++++++++------
 .../labsw/bugageocaching/entities/User.java   |  11 --
 2 files changed, 89 insertions(+), 57 deletions(-)

diff --git a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
index ebb9744..6e4bbb1 100644
--- a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
+++ b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
@@ -6,6 +6,7 @@ import hhn.labsw.bugageocaching.entities.*;
 import hhn.labsw.bugageocaching.exceptions.IllegalParameterException;
 import hhn.labsw.bugageocaching.repositories.*;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.security.Keys;
@@ -54,7 +55,7 @@ public class Controller {
   byte[] key = new byte[64];
 
   @PostConstruct
-  public void init(){
+  public void init() {
     new SecureRandom().nextBytes(key);
     System.out.println(Arrays.toString(key));
   }
@@ -81,22 +82,23 @@ public class Controller {
 
     SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
 
-    if(BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())){
+    if (BCrypt.checkpw(user.getPassword(), userRepository.findByUsername(user.getUsername()).getPassword())) {
       String token = Jwts.builder()
           .setSubject(user.getUsername())
-          .claim("admin", userRepository.findByUsername(user.getUsername()).getRoles().stream().anyMatch(x->x.getId()==0)) //True if user is admin
+          .claim("admin", userRepository.findByUsername(user.getUsername()).getRoles().stream().anyMatch(x -> x.getId() == 0)) //True if user is admin
           .setExpiration(new Date(new Date().getTime() + (1000 * 60 * 60 * 24))) //One day expiration
-          .signWith(signatureAlgorithm, key).compact();
-      System.out.println(token);
+          .signWith(signatureAlgorithm, key)
+          .compact();
+      /*System.out.println(token);
 
-      Claims claims = Jwts.parser()
+      Claims claims = Jwts.parser() //Parse JWT
           .setSigningKey(key)
           .parseClaimsJws(token).getBody();
       System.out.println("ID: " + claims.getId());
       System.out.println("Subject: " + claims.getSubject());
       System.out.println("Issuer: " + claims.getIssuer());
       System.out.println("Admin: " + claims.get("admin"));
-      System.out.println("Expiration: " + claims.getExpiration());
+      System.out.println("Expiration: " + claims.getExpiration());*/
 
       return ResponseEntity.status(200).body(token);
     }
@@ -122,35 +124,46 @@ public class Controller {
 
       Bearbeitet bearbeitet = new Bearbeitet();
 
-      User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
-      if (user == null) {
-        return ResponseEntity.status(404).body("User was not found");
-      }
-      bearbeitet.setUser(user);
+      try {
+        Claims claims = Jwts.parser() //Parse JWT
+            .setSigningKey(key)
+            .parseClaimsJws(token).getBody();
 
-      Optional<Cache> cacheOptional = cacheRepository.findById(Integer.valueOf(cacheID));
-      if (cacheOptional.isPresent()) {
-        Cache cache = cacheOptional.get();
-        bearbeitet.setCache(cache);
 
-        Station startStation = cache.getStartStation();
-        bearbeitet.setAktuelleStation(startStation);
-      } else {
-        return ResponseEntity.status(404).body("Couldnt find Cache " + cacheID);
-      }
+        User user = userRepository.findByUsername(claims.getSubject());
+        if (user == null) {
+          return ResponseEntity.status(404).body("User was not found");
+        }
+        bearbeitet.setUser(user);
 
-      Optional<CacheAccesDefinition> cacheAccesDefinitionOptional =
-          cacheAccesDefinitionRepository.findById(0); // angefangen
-      if (cacheAccesDefinitionOptional.isPresent()) {
-        CacheAccesDefinition cacheAccesDefinition = cacheAccesDefinitionOptional.get();
-        bearbeitet.setCacheAccesDefinition(cacheAccesDefinition);
-      } else {
-        return ResponseEntity.status(404).body("There is no cacheAccesDefinition with the ID " + 0);
+        Optional<Cache> cacheOptional = cacheRepository.findById(Integer.valueOf(cacheID));
+        if (cacheOptional.isPresent()) {
+          Cache cache = cacheOptional.get();
+          bearbeitet.setCache(cache);
+
+          Station startStation = cache.getStartStation();
+          bearbeitet.setAktuelleStation(startStation);
+        } else {
+          return ResponseEntity.status(404).body("Couldnt find Cache " + cacheID);
         }
 
-      bearbeitetRepository.save(bearbeitet);
+        Optional<CacheAccesDefinition> cacheAccesDefinitionOptional =
+            cacheAccesDefinitionRepository.findById(0); // angefangen
+        if (cacheAccesDefinitionOptional.isPresent()) {
+          CacheAccesDefinition cacheAccesDefinition = cacheAccesDefinitionOptional.get();
+          bearbeitet.setCacheAccesDefinition(cacheAccesDefinition);
+        } else {
+          return ResponseEntity.status(404).body("There is no cacheAccesDefinition with the ID " + 0);
+        }
 
-      return ResponseEntity.status(200).body(new Gson().toJson(bearbeitet));
+        bearbeitetRepository.save(bearbeitet);
+
+        return ResponseEntity.status(200).body(new Gson().toJson(bearbeitet));
+      } catch (ExpiredJwtException e) {
+        return ResponseEntity.status(400).body("JWT Token expired");
+      } catch (Exception e){
+        return ResponseEntity.status(400).body("JWT Token invalid");
+      }
 
     } else { // kein angemeldeter User startet den cache(es wird nur der cache als parameter übergeben)
       Optional<Cache> cacheOptional = cacheRepository.findById(Integer.valueOf(cacheID));
@@ -163,6 +176,7 @@ public class Controller {
     }
   }
 
+  //Eigentlich brauchen wir mit JWT keine Logout Methode mehr.
   @CrossOrigin(origins = "http://localhost:8081") // only for dev purpose
   @RequestMapping("/api/logout")
   @ResponseBody
@@ -183,9 +197,9 @@ public class Controller {
   @RequestMapping("/api/createStation")
   @ResponseBody
   public ResponseEntity createStation(@RequestParam String description,
-                               @RequestParam String latitude,
-                               @RequestParam String longitude,
-                               @RequestParam String solution) {
+                                      @RequestParam String latitude,
+                                      @RequestParam String longitude,
+                                      @RequestParam String solution) {
 
     if (description.length() == 0 || latitude.length() == 0 || longitude.length() == 0 || solution.length() == 0) {
       return ResponseEntity.status(400).body("At least one Argument was empty");
@@ -233,8 +247,21 @@ public class Controller {
   @RequestMapping("/api/checkAdmin")
   @ResponseBody
   public ResponseEntity checkAdmin(@RequestParam String token) {
-    User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
-    if(user == null){
+
+    try {
+      Claims claims = Jwts.parser() //Parse JWT
+          .setSigningKey(key)
+          .parseClaimsJws(token).getBody();
+
+      return ResponseEntity.status(200).body(claims.get("admin"));
+    }catch (ExpiredJwtException e) {
+      return ResponseEntity.status(400).body("JWT Token expired");
+    } catch (Exception e){
+      return ResponseEntity.status(400).body("JWT Token invalid");
+    }
+
+    /*User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
+    if (user == null) {
       return ResponseEntity.status(404).body("User was not found");
     }
     for (Role role : user.getRoles()) {
@@ -242,7 +269,7 @@ public class Controller {
         return ResponseEntity.status(200).body("User is Admin");
       }
     }
-    return ResponseEntity.status(401).body("User is no Admin");
+    return ResponseEntity.status(401).body("User is no Admin");*/
   }
 
   //Bis hier
@@ -257,10 +284,10 @@ public class Controller {
   @RequestMapping("/api/createCache")
   @ResponseBody
   public ResponseEntity createCache(@RequestParam String description,
-                             @RequestParam String name,
-                             @RequestParam String rankingPoints,
-                             @RequestParam(value = "rewardID", defaultValue = "-1") String rewardID,
-                             @RequestParam List<Station> stationen) {
+                                    @RequestParam String name,
+                                    @RequestParam String rankingPoints,
+                                    @RequestParam(value = "rewardID", defaultValue = "-1") String rewardID,
+                                    @RequestParam List<Station> stationen) {
 
     if (description.length() == 0 || name.length() == 0 || rankingPoints.length() == 0 || stationen.size() == 0) {
       return ResponseEntity.status(400).body("Fields can´t be empty");
@@ -340,7 +367,14 @@ public class Controller {
   @ResponseBody
   public ResponseEntity getMyCaches(@RequestParam String token) {
     try {
-      User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
+
+      Claims claims = Jwts.parser() //Parse JWT
+          .setSigningKey(key)
+          .parseClaimsJws(token).getBody();
+
+
+      User user = userRepository.findByUsername(claims.getSubject());
+
       if (user != null) {
         ArrayList<Bearbeitet> bearbeitetList = new ArrayList<>();
 
@@ -353,8 +387,10 @@ public class Controller {
       } else {
         return ResponseEntity.status(404).body("User was not found in the database");
       }
-    } catch (StringIndexOutOfBoundsException e) {
-      return ResponseEntity.status(400).body("Invalid token");
+    } catch (ExpiredJwtException e) {
+      return ResponseEntity.status(400).body("JWT Token expired");
+    } catch (Exception e){
+      return ResponseEntity.status(400).body("JWT Token invalid");
     }
   }
 
@@ -370,14 +406,21 @@ public class Controller {
   @ResponseBody
   public ResponseEntity getUser(@RequestParam String token) {
     try {
-      User user = userRepository.findByUsername(token.substring(0, token.indexOf("$")));
+      Claims claims = Jwts.parser() //Parse JWT
+          .setSigningKey(key)
+          .parseClaimsJws(token).getBody();
+
+
+      User user = userRepository.findByUsername(claims.getSubject());
       if (user != null) {
         return ResponseEntity.status(200).body(new Gson().toJson(user));
       } else {
         return ResponseEntity.status(404).body("User was not found in the database");
       }
-    } catch (StringIndexOutOfBoundsException e) {
-      return ResponseEntity.status(400).body("Invalid token");
+    } catch (ExpiredJwtException e) {
+      return ResponseEntity.status(400).body("JWT Token expired");
+    } catch (Exception e){
+      return ResponseEntity.status(400).body("JWT Token invalid");
     }
   }
 }
diff --git a/src/main/java/hhn/labsw/bugageocaching/entities/User.java b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
index ff11f43..0b546f6 100644
--- a/src/main/java/hhn/labsw/bugageocaching/entities/User.java
+++ b/src/main/java/hhn/labsw/bugageocaching/entities/User.java
@@ -26,9 +26,6 @@ public class User {
   @ManyToMany
   private List<Role> roles;
 
-  private String token;
-
-
   @ManyToOne
   private Team team;
 
@@ -108,12 +105,4 @@ public class User {
     this.roles = roles;
   }
 
-  public String getToken() {
-    return token;
-  }
-
-  public void setToken(String token) {
-    this.token = token;
-
-  }
 }

From f28418a8ca1572e32a4e4091c5e84dff0f5cacbe Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Sat, 6 Apr 2019 16:16:13 +0200
Subject: [PATCH 07/11] Merged develop into max/backend

---
 build.gradle | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/build.gradle b/build.gradle
index 6ebd538..1a8425f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -35,15 +35,15 @@ dependencies {
     //JSON Parser
     implementation 'com.google.code.gson:gson:2.8.5'
 
-<<<<<<< HEAD
+
     compile 'org.springframework.boot:spring-boot-starter-tomcat'
     compile 'org.springframework.boot:spring-boot-starter-security'
     compile 'org.springframework.boot:spring-boot-starter-actuator'
     compile 'org.springframework.boot:spring-boot-starter-aop'
     compile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
-=======
+
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '5.1.4.RELEASE'
->>>>>>> develop
+
 
     //JWT
     compile 'io.jsonwebtoken:jjwt-api:0.10.5'

From 560e90b7606076b9665c075911e630ec2d41d5be Mon Sep 17 00:00:00 2001
From: Timo Volkmann <volkmann@stud.hs-heilbronn.de>
Date: Mon, 8 Apr 2019 14:46:37 +0200
Subject: [PATCH 08/11] continued work on Cache and Station

---
 frontend/src/pages/Cache.vue     | 39 +++++++++++++++++++++++++++++++-
 frontend/src/pages/Error404.vue  |  2 +-
 frontend/src/pages/Login.vue     |  4 ++--
 frontend/src/pages/Overview.vue  |  6 +++++
 frontend/src/store/auth/state.js |  2 +-
 5 files changed, 48 insertions(+), 5 deletions(-)

diff --git a/frontend/src/pages/Cache.vue b/frontend/src/pages/Cache.vue
index 513310e..6fee21b 100644
--- a/frontend/src/pages/Cache.vue
+++ b/frontend/src/pages/Cache.vue
@@ -14,6 +14,15 @@
           label="Beschreibung"
         />
         <q-input class="col" dense stack-label filled v-model="text" label="Punktewert"/>
+        <q-input
+          v-model="reward"
+          dense
+          stack-label
+          filled
+          autogrow
+          type="textarea"
+          label="Belohnung"
+        />
         <p class="text-h6">Stationen</p>
         <q-list bordered separator class="rounded-borders" >
 
@@ -26,12 +35,40 @@
 
             <q-item-section top>
               <q-item-label lines="1">
-                <!--<span class="text-weight-medium">[quasarframework/quasar]</span>-->
                 <span class="text-grey-8">Beschreibung:</span>
               </q-item-label>
               <q-item-label lines="1" class="q-mt-xs text-body2">
                 <span class="cursor-pointer">Dies ist der Anfang der Beschreibung...</span>
               </q-item-label>
+              <q-item-label caption lines="1">
+                Code: 123456
+              </q-item-label>
+            </q-item-section>
+
+            <q-item-section side>
+              <div class="text-grey-8 q-gutter-xs">
+                <q-btn class="" color="" flat dense round icon="delete" />
+                <q-btn class="" color="" flat dense round icon="edit" />
+              </div>
+            </q-item-section>
+          </q-item>
+          <q-item>
+            <q-item-section avatar>
+              <q-avatar color="primary" text-color="white">
+                1
+              </q-avatar>
+            </q-item-section>
+
+            <q-item-section top>
+              <q-item-label lines="1">
+                <span class="text-grey-8">Beschreibung:</span>
+              </q-item-label>
+              <q-item-label lines="1" class="q-mt-xs text-body2">
+                <span class="cursor-pointer">Dies ist der Anfang der Beschreibung...</span>
+              </q-item-label>
+              <q-item-label caption lines="1">
+                Code: 123456
+              </q-item-label>
             </q-item-section>
 
             <q-item-section side>
diff --git a/frontend/src/pages/Error404.vue b/frontend/src/pages/Error404.vue
index a091bac..75cff24 100644
--- a/frontend/src/pages/Error404.vue
+++ b/frontend/src/pages/Error404.vue
@@ -5,7 +5,7 @@
     </p>
     <p class="text-faded">Sorry, nothing here...<strong>(404)</strong></p>
     <q-btn color="secondary" style="width:200px;" @click="$router.push('/')"
-      >Go back</q-btn
+      >Zur Startseite</q-btn
     >
   </div>
 </template>
diff --git a/frontend/src/pages/Login.vue b/frontend/src/pages/Login.vue
index cb0e8cc..320019d 100644
--- a/frontend/src/pages/Login.vue
+++ b/frontend/src/pages/Login.vue
@@ -123,11 +123,11 @@
           })
           .then((response) => {
             console.log("GET/POST http://localhost:8080/api/logout/ - response: " + response.data);
-            localStorage.removeItem('userToken');
-            this.evalAuthentication();
           })
           .catch((error) => {
           });
+        localStorage.removeItem('userToken');
+        this.evalAuthentication();
       },
     },
   };
diff --git a/frontend/src/pages/Overview.vue b/frontend/src/pages/Overview.vue
index 7560bed..019aac8 100644
--- a/frontend/src/pages/Overview.vue
+++ b/frontend/src/pages/Overview.vue
@@ -51,6 +51,9 @@
             </q-expansion-item>
             </q-card>
           </q-list>
+          <div v-if="hasAdminState" class="row">
+            <q-btn @click="addCache" unelevated color="primary" stack icon="add" label="Neuer Cache" class="full-width"/>
+          </div>
         </q-tab-panel>
 
 
@@ -108,6 +111,9 @@
             this.caches = response.data;
           })
       },
+      addCache() {
+        this.$router.push({ path: `/cache` })
+      },
       startCache(cacheID) {
         const userToken = JSON.parse(localStorage.getItem('userToken'));
         let params = { cacheID: cacheID };
diff --git a/frontend/src/store/auth/state.js b/frontend/src/store/auth/state.js
index 0e9581a..1fee418 100644
--- a/frontend/src/store/auth/state.js
+++ b/frontend/src/store/auth/state.js
@@ -7,6 +7,6 @@ export default {
     email: "test@user.com",
     rankingPointsSum: 345,
     isAuthenticated: false,
-    isAdmin: false,
+    isAdmin: true,
   },
 }

From 2723c59056449b2d03f8e9fff40e950d750d83ce Mon Sep 17 00:00:00 2001
From: Timo Volkmann <volkmann@stud.hs-heilbronn.de>
Date: Tue, 9 Apr 2019 03:41:05 +0200
Subject: [PATCH 09/11] changes in Cache & Station Editpages, worked on
 cacheCollector store

---
 frontend/src/pages/Cache.vue                  | 243 +++++++++++-------
 frontend/src/pages/Overview.vue               |  13 +-
 frontend/src/pages/StationEdit.vue            |  36 ++-
 frontend/src/router/routes.js                 |  18 +-
 frontend/src/store/auth/mutations.js          |   1 -
 frontend/src/store/cacheCollector/getters.js  |  12 +-
 .../src/store/cacheCollector/mutations.js     |  57 +++-
 frontend/src/store/cacheCollector/state.js    |  37 ++-
 8 files changed, 307 insertions(+), 110 deletions(-)

diff --git a/frontend/src/pages/Cache.vue b/frontend/src/pages/Cache.vue
index 6fee21b..5d6b325 100644
--- a/frontend/src/pages/Cache.vue
+++ b/frontend/src/pages/Cache.vue
@@ -1,111 +1,182 @@
 <template>
   <div>
-    <form>
-      <div class="q-pa-md q-gutter-y-md">
-        <p class="text-h5">Cache erstellen/bearbeiten</p>
-        <q-input class="col" dense stack-label filled v-model="text" label="Name"/>
-        <q-input
-          v-model="description"
-          dense
-          stack-label
-          filled
-          autogrow
-          type="textarea"
-          label="Beschreibung"
-        />
-        <q-input class="col" dense stack-label filled v-model="text" label="Punktewert"/>
-        <q-input
-          v-model="reward"
-          dense
-          stack-label
-          filled
-          autogrow
-          type="textarea"
-          label="Belohnung"
-        />
-        <p class="text-h6">Stationen</p>
-        <q-list bordered separator class="rounded-borders" >
+<!--    <div :is="stationComponent" @q-tb="scrollToBottomState" :stationObject="tempStation">STATION</div>-->
+<!--    <div v-show="!stationComponent">-->
+      <form>
+        <div class="q-pa-md q-gutter-y-md">
+          <p class="text-h5">{{ isNewCache ? "Neuen Cache erstellen" : "Cache bearbeiten"}}</p>
+          <q-input class="col" dense stack-label filled v-model="tempCache.name" label="Name" @change="cacheToStore"/>
+          <q-input
+            v-model="tempCache.description"
+            dense
+            stack-label
+            filled
+            autogrow
+            type="textarea"
+            label="Beschreibung"
+            @change="cacheToStore"
+          />
+          <q-input class="col" dense stack-label filled v-model="tempCache.rankingPoints" label="Punktewert"
+                   @change="cacheToStore"/>
+          <q-input
+            v-model="tempCache.reward"
+            dense
+            stack-label
+            filled
+            autogrow
+            type="textarea"
+            label="Belohnung"
+            @change="cacheToStore"
+          />
+          <p class="text-h6">Stationen</p>
+          <q-list bordered separator class="rounded-borders">
 
-          <q-item>
-            <q-item-section avatar>
-              <q-avatar color="primary" text-color="white">
-                1
-              </q-avatar>
-            </q-item-section>
+            <q-item v-for="(station, index) in cache.stationen" :key="index">
+              <q-item-section avatar>
+                <q-avatar color="primary" text-color="white">
+                  {{ index + 1 }}
+                </q-avatar>
+              </q-item-section>
 
-            <q-item-section top>
-              <q-item-label lines="1">
-                <span class="text-grey-8">Beschreibung:</span>
-              </q-item-label>
-              <q-item-label lines="1" class="q-mt-xs text-body2">
-                <span class="cursor-pointer">Dies ist der Anfang der Beschreibung...</span>
-              </q-item-label>
-              <q-item-label caption lines="1">
-                Code: 123456
-              </q-item-label>
-            </q-item-section>
+              <q-item-section top>
+                <q-item-label lines="1">
+                  <span class="text-grey-8">ID: {{ station.id ? station.id : "keine" }}</span>
+                </q-item-label>
+                <q-item-label lines="1" class="q-mt-xs text-body2">
+                  <span class="cursor-pointer">{{ station.description }}</span>
+                </q-item-label>
+                <q-item-label caption lines="1">
+                  Code: {{ station.code }}
+                </q-item-label>
+              </q-item-section>
 
-            <q-item-section side>
-              <div class="text-grey-8 q-gutter-xs">
-                <q-btn class="" color="" flat dense round icon="delete" />
-                <q-btn class="" color="" flat dense round icon="edit" />
-              </div>
-            </q-item-section>
-          </q-item>
-          <q-item>
-            <q-item-section avatar>
-              <q-avatar color="primary" text-color="white">
-                1
-              </q-avatar>
-            </q-item-section>
+              <q-item-section side>
+                <div class="text-grey-8 q-gutter-xs">
+                  <q-btn disable @click="deleteStation" class="" color="" flat dense round icon="delete"/>
+                  <q-btn @click="editStation(index)" class="" color="" flat dense round icon="edit"/>
+                </div>
+              </q-item-section>
+            </q-item>
 
-            <q-item-section top>
-              <q-item-label lines="1">
-                <span class="text-grey-8">Beschreibung:</span>
-              </q-item-label>
-              <q-item-label lines="1" class="q-mt-xs text-body2">
-                <span class="cursor-pointer">Dies ist der Anfang der Beschreibung...</span>
-              </q-item-label>
-              <q-item-label caption lines="1">
-                Code: 123456
-              </q-item-label>
-            </q-item-section>
-
-            <q-item-section side>
-              <div class="text-grey-8 q-gutter-xs">
-                <q-btn class="" color="" flat dense round icon="delete" />
-                <q-btn class="" color="" flat dense round icon="edit" />
-              </div>
-            </q-item-section>
-          </q-item>
-
-        </q-list>
-        <div class="row reverse">
-          <q-btn @click="addStation" unelevated color="primary" label="Station hinzufügen" icon-right="add"/>
+          </q-list>
+          <div class="row reverse">
+            <q-btn @click="addStation" unelevated color="primary" label="Station hinzufügen" icon-right="add"/>
+          </div>
+          <div class="row q-mt-xl">
+            <q-btn @click="saveCache" class="full-width" unelevated stack color="positive" label="Cache speichern"
+                   icon="save_alt"/>
+          </div>
         </div>
-        <div class="row q-mt-xl">
-          <q-btn @click="saveCache" class="full-width" unelevated stack color="positive" label="Cache speichern" icon="save_alt"/>
-        </div>
-      </div>
-    </form>
+      </form>
+<!--    </div>-->
   </div>
 </template>
 
 <script>
+  // import station from './StationEdit'
+  import {mapGetters} from 'vuex';
+
   export default {
     name: "Cache",
     data() {
       return {
-        text: ""
+        // stationComponent: null,
+        scrolldown: false,
+        isNewCache: this.$route.params.id === undefined,
+        tempCache: {},
       }
     },
+    // components: {
+    //   station
+    // },
+    beforeCreate: function () {
+    },
+    created: function () {
+      console.log("isNewCache: " + this.isNewCache);
+      console.log("fetch Caches from Store");
+      this.tempCache = JSON.parse(JSON.stringify(this.cache))
+    },
+    beforeMount: function () {
+    },
+    mounted: function () {
+      console.log("Scrolldown: " + this.scrolldown)
+    },
+    updated: function () {
+      if (this.scrolldown) {
+        console.log("scroll down...");
+        window.scrollTo(0, document.body.scrollHeight);
+        this.scrolldown = false
+      }
+      //this.SET_CACHE(this.tempCache);
+      //this.scrollToBottom();
+    },
     methods: {
+      // ...mapMutations([
+      //   'cacheCollector/SET_CACHE',
+      //   'cacheCollector/ADD_STATION',
+      //   'cacheCollector/REMOVE_STATION',
+      //   'cacheCollector/RESET_NEW_CACHE',
+      //   'cacheCollector/LOAD_REMOTE_CACHE'
+      // ]),
+      // swapComponent: function (component) {
+      //   this.stationComponent = component;
+      // },
+      cacheToStore() {
+        // push tempCache to Store
+        console.log("set Cache");
+        this.$store.commit('cacheCollector/SET_CACHE', JSON.parse(JSON.stringify(this.tempCache)));
+        // this.SET_CACHE(JSON.parse(JSON.stringify(this.tempCache)));
+      },
       addStation() {
+        this.$router.push({ path: '/station' });
+        //this.swapComponent(station);
+        // create Station and add it to array tempCache.stationen
+      },
+      editStation(index) {
+        console.log("editStation("+index+")");
+        const station = this.cache.stationen[index];
+        console.log(station)
+        if (station.hasOwnProperty('id') ) {
+          this.$router.push({ path: '/station/'+station.id});
+        } else {
+          // TODO Stationen bearbeitbar machen bevor sie abgeschickt werden. Am besten Station Objekt als Übergabe Parameter bei Router
+          this.$store.commit('cacheCollector/SET_TEMPSTATION', station);
+          this.$router.push({ path: `/station?local=${index}` }); // add parameter
+        }
+      },
+      deleteStation() {
 
       },
       saveCache() {
-
-      }
+        // commit to store, send to api, if success -> reset store
+        if (this.isNewCache) {
+          console.log(this.cache);
+          console.log(JSON.stringify(this.cache));
+          this.$axios.post('http://localhost:8080/api/createCache', this.cache)
+            .then((response) => {
+              console.log("POST api/createCache: " + response.statusText);
+              this.$router.push({ path: '/overview' });
+            })
+            .catch((error) => {
+            });
+          } else {
+          // TODO update existing Cache
+        }
+        },
+    },
+    computed: {
+      ...mapGetters({
+        cache: 'cacheCollector/GET_CACHE'
+      }),
+      // computedCache: {
+      //   set(value) {
+      //     console.log("set cache")
+      //   },
+      //   get() {
+      //     console.log("get cache");
+      //     return this.$store.getters.cacheCollector.GET_CACHE
+      //   }
+      // }
     }
   }
 </script>
diff --git a/frontend/src/pages/Overview.vue b/frontend/src/pages/Overview.vue
index 019aac8..f3b3353 100644
--- a/frontend/src/pages/Overview.vue
+++ b/frontend/src/pages/Overview.vue
@@ -45,8 +45,8 @@
               </q-item>
               <q-item class="q-pr-sm reverse q-gutter-x-sm">
                 <q-btn @click="startCache(cache.id)" unelevated color="positive" stack icon="arrow_forward" label="Starten" size="sm"/>
-                <q-btn v-if="hasAdminState" @click="startCache(cache.id)" unelevated color="amber" stack icon="edit" label="Bearbeiten" size="sm"/>
-                <q-btn v-if="hasAdminState" @click="startCache(cache.id)" unelevated color="negative" stack icon="delete" label="Löschen" size="sm"/>
+                <q-btn v-if="hasAdminState" @click="editCache(cache.id)" unelevated color="amber" stack icon="edit" label="Bearbeiten" size="sm"/>
+                <q-btn v-if="hasAdminState" @click="deleteCache(cache.id)" unelevated color="negative" stack icon="delete" label="Löschen" size="sm"/>
               </q-item>
             </q-expansion-item>
             </q-card>
@@ -114,6 +114,10 @@
       addCache() {
         this.$router.push({ path: `/cache` })
       },
+      editCache() {
+      },
+      removeCache() {
+      },
       startCache(cacheID) {
         const userToken = JSON.parse(localStorage.getItem('userToken'));
         let params = { cacheID: cacheID };
@@ -124,8 +128,9 @@
 
         this.$axios.get('http://localhost:8080/api/startCache', { params })
           .then((response) => {
-            console.log("Angefangen: " + response.data);
-            let stationID = response.data.aktuelleStation.id;
+            console.log(response.data);
+            // let stationID = response.data.stationen[0].id;
+            let stationID = this.caches.find(x => x.id === cacheID).stationen[0].id;
             console.log(stationID);
             this.$router.push({ path: `/station/${stationID}` })
           })
diff --git a/frontend/src/pages/StationEdit.vue b/frontend/src/pages/StationEdit.vue
index 547869f..a8e413c 100644
--- a/frontend/src/pages/StationEdit.vue
+++ b/frontend/src/pages/StationEdit.vue
@@ -28,7 +28,7 @@
     <q-input class="col" dense stack-label filled v-model="station.solution" label="Lösung" />
     <q-input class="col q-mt-md" dense stack-label filled v-model="station.code" label="Code" readonly/>
     <div class="row reverse q-mt-md q-gutter-x-md">
-      <q-btn @click="addStation" unelevated color="primary" label="Speichern" icon-right="add"/>
+      <q-btn @click="saveStation" unelevated color="primary" label="Speichern" icon-right="add"/>
       <q-btn @click="dismiss" unelevated color="negative" label="verwerfen" icon-right="delete"/>
     </div>
 
@@ -36,13 +36,13 @@
 </template>
 
 <script>
+  import {mapGetters} from 'vuex';
   export default {
     name: "Station",
 
     data() {
       return {
         description: "Rätsel, Aufgabe und Informationen zur Station.",
-        text:"v-model !!",
         latlang: "",
         station: {
           description: "description",
@@ -51,20 +51,27 @@
           solution: "solution",
           code: 357547
         },
+        isNewStation: true,
+        // stationObject: null,
       }
     },
+    // props: [ 'stationObject' ],
     created: function() {
+      this.station = this.tempStation;
+      console.log(this.station);
     },
     beforeMount: function() {
     },
     mounted: function() {
-      console.log("'id' from url: "+this.$route.params.id);
+      this.isNewStation = this.$route.params.pos === undefined;
+      console.log("neu: "+this.isNewStation);
+      console.log("pos: "+this.$route.params.pos);
       this.concatLatlang();
     },
     computed: {
-      // concatLatlang() {
-      //   return this.station.lattitude+", "+this.station.longitude
-      // }
+      ...mapGetters({
+        tempStation: 'cacheCollector/GET_TEMPSTATION'
+      }),
     },
     methods: {
       separateLatlang() {
@@ -79,11 +86,22 @@
       concatLatlang() {
         this.latlang = this.station.lattitude+", "+this.station.longitude;
       },
-      addStation() {
-
+      saveStation() {
+        //this.$parent.swapComponent(null);
+        // this.$emit('q-tb');
+        console.log("saveStation(): ");
+        if (isNewStation) {
+          this.$store.commit('cacheCollector/ADD_STATION', this.station);
+        } else {
+          this.$store.commit('cacheCollector/EDIT_STATION', this.$route.params.pos, this.station);
+          this.$store.commit('cacheCollector/SET_TEMPSTATION', null);
+        }
+        this.$router.push({ path: `/cache` });
+        console.log("station saved..");
       },
       dismiss() {
-
+        this.$emit('q-tb');
+        this.$router.push({ path: `/cache` });
       }
     }
   }
diff --git a/frontend/src/router/routes.js b/frontend/src/router/routes.js
index ce6b632..2b285ca 100644
--- a/frontend/src/router/routes.js
+++ b/frontend/src/router/routes.js
@@ -15,7 +15,12 @@ const routes = [
     children: [{ path: "", component: () => import("pages/Cache.vue") }]
   },
   {
-    path: "/station/",
+    path: "/cache/:id",
+    component: () => import("layouts/MyLayout.vue"),
+    children: [{ path: "", component: () => import("pages/Cache.vue") }]
+  },
+  {
+    path: "/station?local=:pos",
     component: () => import("layouts/MyLayout.vue"),
     children: [{ path: "", component: () => import("pages/StationEdit.vue") }]
   },
@@ -24,6 +29,17 @@ const routes = [
     component: () => import("layouts/MyLayout.vue"),
     children: [{ path: "", component: () => import("pages/StationView.vue") }]
   },
+  {
+    path: "/station/",
+    component: () => import("layouts/MyLayout.vue"),
+    // props: true,
+    children: [{
+      path: "",
+      component: () => import("pages/StationEdit.vue"),
+      // props: true
+      //props: ['stationObject']
+    }]
+  },
   {
     path: "/login/",
     component: () => import("layouts/MyLayout.vue"),
diff --git a/frontend/src/store/auth/mutations.js b/frontend/src/store/auth/mutations.js
index 46266c0..3a5c061 100644
--- a/frontend/src/store/auth/mutations.js
+++ b/frontend/src/store/auth/mutations.js
@@ -1,4 +1,3 @@
-import axios from 'axios'
 export const SET_AUTHENTICATED = (state) => {
     console.log("SET_AUTHENTICATED()");
     console.log(JSON.parse(localStorage.getItem('userToken')));
diff --git a/frontend/src/store/cacheCollector/getters.js b/frontend/src/store/cacheCollector/getters.js
index cc054a3..b2b2dbe 100644
--- a/frontend/src/store/cacheCollector/getters.js
+++ b/frontend/src/store/cacheCollector/getters.js
@@ -1,4 +1,8 @@
-/*
-export function someGetter (state) {
-}
-*/
+export const GET_CACHE = (state) => {
+  console.log("GET_CACHE: retrieve cache from store. ");
+  return state.newCache;
+};
+export const GET_TEMPSTATION = (state) => {
+  console.log("GET_TEMPSTATION: retrieve cache from store. ");
+  return state.tempStation;
+};
diff --git a/frontend/src/store/cacheCollector/mutations.js b/frontend/src/store/cacheCollector/mutations.js
index 63131e2..ee2cab7 100644
--- a/frontend/src/store/cacheCollector/mutations.js
+++ b/frontend/src/store/cacheCollector/mutations.js
@@ -1,4 +1,53 @@
-/*
-export function someMutation (state) {
-}
-*/
+export const SET_CACHE = (state, cache) => {
+  console.log("SET_CACHE: save cache to store. ")
+  state.newCache = cache;
+};
+export const SET_TEMPSTATION = (state, station) => {
+  console.log("SET_TEMPSTATION: add new station to cache: "+station);
+  state.tempStation = station;
+};
+export const ADD_STATION = (state, station) => {
+  console.log("ADD_STATION: add new station to cache: "+station);
+  state.newCache.stationen.push(station);
+};
+export const EDIT_STATION = (state, index, station) => {
+  console.log("ADD_STATION: add new station to cache: "+station);
+  state.newCache.stationen[index] = station;
+};
+export const REMOVE_STATION = (state, index) => {
+  console.log("ADD_STATION: add new station to cache: "+station);
+  state.newCache.stationen.splice(index,1);
+};
+export const RESET_NEW_CACHE = (state) => {
+  state.newCache = {
+    id: null,
+    name: "",
+    description: "",
+    rankingPoints: 0,
+    stationen: []
+  };
+  console.log("resetted new Cache");
+};
+export const LOAD_REMOTE_CACHE = (state, id) => {
+  console.log("LOAD_REMOTE_CACHE: get caches from remote");
+  this.$axios.get('http://localhost:8080/api/allCaches')
+    .then((response) => {
+      const allCaches = JSON.parse(response.data);
+      console.log("Caches: " + allCaches.length);
+      if (response.data === undefined || allCaches.length === 0) {
+        console.log("aborted processing data.");
+        return;
+      }
+      let cacheToSet = null;
+      for (let cache in allCaches) {
+        console.log("Cachedata: ");
+        console.log(cache.id);
+        console.log(cache.name);
+        if (cache.id === id) {
+          cacheToSet = cache;
+          console.log("found matching ID: setted cache to store.");
+          break;
+        }
+      }
+    });
+};
diff --git a/frontend/src/store/cacheCollector/state.js b/frontend/src/store/cacheCollector/state.js
index 40b8bc3..3836b13 100644
--- a/frontend/src/store/cacheCollector/state.js
+++ b/frontend/src/store/cacheCollector/state.js
@@ -1,3 +1,38 @@
 export default {
-  //
+  newCache: {
+    name: "Blumencache",
+    description: "Dieser Cache umfasst 4 Stationen mit Rätseln rund um das Thema Blumen",
+    rankingPoints: 100,
+    stationen: [
+      {
+        description: "Ein kleines winterliches Schlaginstrument. Welche Blume ist damit gemeint?",
+        longitude: 9.206628,
+        lattitude: 49.147734,
+        code: 213812,
+        solution: "Schneeglöckchen"
+      },
+      {
+        description: "Ein blühendes Federvieh. Welche Blume ist damit gemeint?",
+        longitude: 9.206806,
+        lattitude: 49.147318,
+        code: 237823,
+        solution: "Gänseblümchen"
+      },
+      {
+        description: "Eine wertvolle Farbe. Welche Blume ist damit gemeint?",
+        longitude: 9.207844,
+        lattitude: 49.148032,
+        code: 899423,
+        solution: "Edelweiß"
+      },
+      {
+        description: "Ein Zerkleinerungsgerät in der Brüllöffnung eines Raubtieres. Welche Blume ist damit gemeint?",
+        longitude: 9.207649,
+        lattitude: 49.150142,
+        code: 347923,
+        solution: "Löwenzahn"
+      }
+    ]
+  },
+  tempStation: {},
 }

From 14049730a4db9ec0c366a238cf701edda4dfa02b Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Tue, 9 Apr 2019 13:24:33 +0200
Subject: [PATCH 10/11] Changed something, that previously worked without the
 anotation...

---
 build.gradle                                         | 12 ++++++------
 .../java/hhn/labsw/bugageocaching/Application.java   |  3 ++-
 .../labsw/bugageocaching/controller/Controller.java  |  4 ++--
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/build.gradle b/build.gradle
index 1a8425f..9ac2ca4 100644
--- a/build.gradle
+++ b/build.gradle
@@ -36,14 +36,14 @@ dependencies {
     implementation 'com.google.code.gson:gson:2.8.5'
 
 
-    compile 'org.springframework.boot:spring-boot-starter-tomcat'
-    compile 'org.springframework.boot:spring-boot-starter-security'
-    compile 'org.springframework.boot:spring-boot-starter-actuator'
-    compile 'org.springframework.boot:spring-boot-starter-aop'
-    compile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
+    //compile 'org.springframework.boot:spring-boot-starter-tomcat'
+    //compile 'org.springframework.boot:spring-boot-starter-security'
+    //compile 'org.springframework.boot:spring-boot-starter-actuator'
+    //compile 'org.springframework.boot:spring-boot-starter-aop'
+    //ompile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
 
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '5.1.4.RELEASE'
-
+    compile group: 'at.favre.lib', name: 'bcrypt', version: '{latest-version}'
 
     //JWT
     compile 'io.jsonwebtoken:jjwt-api:0.10.5'
diff --git a/src/main/java/hhn/labsw/bugageocaching/Application.java b/src/main/java/hhn/labsw/bugageocaching/Application.java
index 0212443..3a6de76 100644
--- a/src/main/java/hhn/labsw/bugageocaching/Application.java
+++ b/src/main/java/hhn/labsw/bugageocaching/Application.java
@@ -3,10 +3,11 @@ package hhn.labsw.bugageocaching;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 
-@SpringBootApplication
+@SpringBootApplication(exclude = { SecurityAutoConfiguration.class })
 public class Application{
 
   /**@Override
diff --git a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
index 1b0d3b1..73daf44 100644
--- a/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
+++ b/src/main/java/hhn/labsw/bugageocaching/controller/Controller.java
@@ -89,7 +89,7 @@ public class Controller {
           .setExpiration(new Date(new Date().getTime() + (1000 * 60 * 60 * 24))) //One day expiration
           .signWith(signatureAlgorithm, key)
           .compact();
-      /*System.out.println(token);
+      System.out.println(token);
 
       Claims claims = Jwts.parser() //Parse JWT
           .setSigningKey(key)
@@ -98,7 +98,7 @@ public class Controller {
       System.out.println("Subject: " + claims.getSubject());
       System.out.println("Issuer: " + claims.getIssuer());
       System.out.println("Admin: " + claims.get("admin"));
-      System.out.println("Expiration: " + claims.getExpiration());*/
+      System.out.println("Expiration: " + claims.getExpiration());
 
       return ResponseEntity.status(200).body(token);
     }

From 40661fb689ec1ccdebd5cefcfbb36591a6a40b38 Mon Sep 17 00:00:00 2001
From: Maximilian Leopold <max.leopold2111@gmail.com>
Date: Tue, 9 Apr 2019 16:01:48 +0200
Subject: [PATCH 11/11] Build fail fixed

---
 build.gradle                                            | 2 +-
 src/main/java/hhn/labsw/bugageocaching/Application.java | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.gradle b/build.gradle
index 9ac2ca4..58e161e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -43,7 +43,7 @@ dependencies {
     //ompile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
 
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '5.1.4.RELEASE'
-    compile group: 'at.favre.lib', name: 'bcrypt', version: '{latest-version}'
+    //compile group: 'at.favre.lib', name: 'bcrypt', version: '{latest-version}'
 
     //JWT
     compile 'io.jsonwebtoken:jjwt-api:0.10.5'
diff --git a/src/main/java/hhn/labsw/bugageocaching/Application.java b/src/main/java/hhn/labsw/bugageocaching/Application.java
index 3a6de76..1eb29fa 100644
--- a/src/main/java/hhn/labsw/bugageocaching/Application.java
+++ b/src/main/java/hhn/labsw/bugageocaching/Application.java
@@ -12,7 +12,7 @@ public class Application{
 
   /**@Override
   protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
-    return application.sources(Application.class);
+  return application.sources(Application.class);
   }**/
 
   public static void main(String[] args) throws Exception {