Merge branch 'backend/max' of https://bitbucket-student.it.hs-heilbronn.de/scm/labswp19/labswp_2019_sose_geocaching into backend/max

build.gradle

@@ -35,7 +35,15 @@ dependencies {
     //JSON Parser
     implementation 'com.google.code.gson:gson:2.8.5'
 
+<<<<<<< HEAD
+    compile 'org.springframework.boot:spring-boot-starter-tomcat'
+    compile 'org.springframework.boot:spring-boot-starter-security'
+    compile 'org.springframework.boot:spring-boot-starter-actuator'
+    compile 'org.springframework.boot:spring-boot-starter-aop'
+    compile group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '1.2.0.RELEASE'
+=======
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '5.1.4.RELEASE'
+>>>>>>> develop
 
     //JWT
     compile 'io.jsonwebtoken:jjwt-api:0.10.5'

src/main/java/hhn/labsw/bugageocaching/Application.java

@@ -3,11 +3,18 @@ package hhn.labsw.bugageocaching;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 
 @SpringBootApplication
 public class Application{
 
-  public static void main(String[] args) {
+  /**@Override
+  protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+    return application.sources(Application.class);
+  }**/
+
+  public static void main(String[] args) throws Exception {
     SpringApplication.run(Application.class, args);
   }
 }

src/main/java/hhn/labsw/bugageocaching/config/WebSecurityConfig.java

@@ -0,0 +1,52 @@
+package hhn.labsw.bugageocaching.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+  @Qualifier("userDetailsServiceImpl")
+  @Autowired
+  private UserDetailsService userDetailsService;
+
+  @Bean
+  public BCryptPasswordEncoder bCryptPasswordEncoder() {
+    return new BCryptPasswordEncoder();
+  }
+
+  @Override
+  protected void configure(HttpSecurity http) throws Exception {
+    http
+        .authorizeRequests()
+        .antMatchers("/allCaches").permitAll()
+        .anyRequest().authenticated()
+        .and()
+        .formLogin()
+        .defaultSuccessUrl("/allCaches")
+        .permitAll()
+        .and()
+        .logout()
+        .permitAll();
+  }
+
+  @Bean
+  public AuthenticationManager customAuthenticationManager() throws Exception {
+    return authenticationManager();
+  }
+
+  @Autowired
+  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
+  }
+}

src/main/java/hhn/labsw/bugageocaching/entities/User.java

@@ -1,7 +1,11 @@
 package hhn.labsw.bugageocaching.entities;
 
 import javax.persistence.*;
+<<<<<<< HEAD
+import java.util.Set;
+=======
 import java.util.List;
+>>>>>>> develop
 
 @Entity
 @Table
@@ -17,15 +21,24 @@ public class User {
   private int rankingPointsSum;
   private String email;
   private String password;
+<<<<<<< HEAD
+=======
 
   @ManyToMany
   private List<Role> roles;
 
   private String token;
+>>>>>>> develop
 
   @ManyToOne
   private Team team;
 
+  @ManyToMany
+  Set<Role> roles;
+
+  @Transient
+  private String passwordConfirm;
+
   public int getId() {
     return id;
   }
@@ -90,6 +103,22 @@ public class User {
     this.team = team;
   }
 
+<<<<<<< HEAD
+  public Set<Role> getRoles() {
+    return roles;
+  }
+
+  public void setRoles(Set<Role> roles) {
+    this.roles = roles;
+  }
+
+  public String getPasswordConfirm() {
+    return passwordConfirm;
+  }
+
+  public void setPasswordConfirm(String passwordConfirm) {
+    this.passwordConfirm = passwordConfirm;
+=======
   public List<Role> getRoles() {
     return roles;
   }
@@ -104,5 +133,6 @@ public class User {
 
   public void setToken(String token) {
     this.token = token;
+>>>>>>> develop
   }
 }

src/main/java/hhn/labsw/bugageocaching/repositories/BearbeitetRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Bearbeitet;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface BearbeitetRepository extends CrudRepository<Bearbeitet, Integer> {
+public interface BearbeitetRepository extends JpaRepository<Bearbeitet, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/CacheAccesDefinitionRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.CacheAccesDefinition;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface CacheAccesDefinitionRepository extends CrudRepository<CacheAccesDefinition, Integer> {
+public interface CacheAccesDefinitionRepository extends JpaRepository<CacheAccesDefinition, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/CacheRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Cache;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface CacheRepository extends CrudRepository<Cache, Integer> {
+public interface CacheRepository extends JpaRepository<Cache, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/RewardRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Reward;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface RewardRepository extends CrudRepository<Reward, Integer> {
+public interface RewardRepository extends JpaRepository<Reward, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/RoleRepository.java

@@ -0,0 +1,7 @@
+package hhn.labsw.bugageocaching.repositories;
+
+import hhn.labsw.bugageocaching.entities.Role;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface RoleRepository extends JpaRepository<Role, Integer> {
+}

src/main/java/hhn/labsw/bugageocaching/repositories/StationRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Station;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface StationRepository extends CrudRepository<Station, Integer> {
+public interface StationRepository extends JpaRepository<Station, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/TeamRepository.java

@@ -1,7 +1,8 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.Team;
+import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.repository.CrudRepository;
 
-public interface TeamRepository extends CrudRepository<Team, Integer> {
+public interface TeamRepository extends JpaRepository<Team, Integer> {
 }

src/main/java/hhn/labsw/bugageocaching/repositories/UserRepository.java

@@ -1,6 +1,13 @@
 package hhn.labsw.bugageocaching.repositories;
 
 import hhn.labsw.bugageocaching.entities.User;
+<<<<<<< HEAD
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.repository.CrudRepository;
+
+public interface UserRepository extends JpaRepository<User, Integer> {
+  User findByUsername(String username);
+=======
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 
@@ -12,4 +19,5 @@ public interface UserRepository extends CrudRepository<User, Integer> {
 
   @Query(value = "SELECT u.username, u.ranking_points_sum from user u order by ranking_points_sum DESC", nativeQuery = true)
   List<Object[]> getRankingList();
+>>>>>>> develop
 }

src/main/java/hhn/labsw/bugageocaching/service/SecurityService.java

@@ -0,0 +1,8 @@
+package hhn.labsw.bugageocaching.service;
+
+public interface SecurityService {
+
+  String findLoggedInUsername();
+
+  void autoLogin(String username, String password);
+}

src/main/java/hhn/labsw/bugageocaching/service/SecurityServiceImpl.java

@@ -0,0 +1,48 @@
+package hhn.labsw.bugageocaching.service;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.stereotype.Service;
+
+@Service
+public class SecurityServiceImpl implements SecurityService{
+
+  @Autowired
+  private AuthenticationManager authenticationManager;
+
+  @Qualifier("userDetailsServiceImpl")
+  @Autowired
+  private UserDetailsService userDetailsService;
+
+  private static final Logger logger = LoggerFactory.getLogger(SecurityServiceImpl.class);
+
+  @Override
+  public String findLoggedInUsername() {
+    Object userDetails = SecurityContextHolder.getContext().getAuthentication().getDetails();
+    if (userDetails instanceof UserDetails) {
+      return ((UserDetails)userDetails).getUsername();
+    }
+
+    return null;
+  }
+
+  @Override
+  public void autoLogin(String username, String password) {
+    UserDetails userDetails = userDetailsService.loadUserByUsername(username);
+    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
+
+    authenticationManager.authenticate(usernamePasswordAuthenticationToken);
+
+    if (usernamePasswordAuthenticationToken.isAuthenticated()) {
+      SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
+      logger.debug(String.format("Auto login %s successfully!", username));
+    }
+  }
+}

src/main/java/hhn/labsw/bugageocaching/service/UserDetailsServiceImpl.java

@@ -0,0 +1,37 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.Role;
+import hhn.labsw.bugageocaching.entities.User;
+import hhn.labsw.bugageocaching.repositories.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.HashSet;
+import java.util.Set;
+
+@Service
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+  @Autowired
+  private UserRepository userRepository;
+
+  @Override
+  @Transactional(readOnly = true)
+  public UserDetails loadUserByUsername(String username) {
+    User user = userRepository.findByUsername(username);
+    if (user == null) throw new UsernameNotFoundException(username);
+
+    Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
+    for (Role role : user.getRoles()){
+      grantedAuthorities.add(new SimpleGrantedAuthority(role.getName()));
+    }
+
+    return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);
+  }
+}

src/main/java/hhn/labsw/bugageocaching/service/UserService.java

@@ -0,0 +1,10 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.User;
+
+public interface UserService {
+  void save(User user);
+
+  User findByUsername(String username);
+
+}

src/main/java/hhn/labsw/bugageocaching/service/UserServiceImpl.java

@@ -0,0 +1,33 @@
+package hhn.labsw.bugageocaching.service;
+
+import hhn.labsw.bugageocaching.entities.User;
+import hhn.labsw.bugageocaching.repositories.RoleRepository;
+import hhn.labsw.bugageocaching.repositories.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.util.HashSet;
+
+@Service
+public class UserServiceImpl implements UserService {
+
+  @Autowired
+  private UserRepository userRepository;
+  @Autowired
+  private RoleRepository roleRepository;
+  @Autowired
+  private BCryptPasswordEncoder bCryptPasswordEncoder;
+
+  @Override
+  public void save(User user) {
+    user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
+    user.setRoles(new HashSet<>(roleRepository.findAll()));
+    userRepository.save(user);
+  }
+
+  @Override
+  public User findByUsername(String username) {
+    return userRepository.findByUsername(username);
+  }
+}