kapcake/banking-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Add custom UserDetails and use mapping between entity and DTO

Browse Source
This commit is contained in:
kapcake
2023-05-10 00:11:30 +02:00
parent 0a3d3d25c6
commit ac4e9b69a3
6 changed files with 114 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/main/java/net/kapcake/bankingservice/config/AuthConfig.java Normal file
View File

@@ -0,0 +1,34 @@
package net.kapcake.bankingservice.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class AuthConfig {
@Bean
public SecurityFilterChain authenticationFilterChain(HttpSecurity http) throws Exception {
return http
.csrf().disable()
.authorizeHttpRequests(requests -> requests
.anyRequest().authenticated()
)
.httpBasic().and()
.sessionManagement(sessionManagement -> {
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
})
.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
}

10
src/main/java/net/kapcake/bankingservice/config/BankingServiceConfig.java
View File

@@ -1,14 +1,16 @@
package net.kapcake.bankingservice.config; package net.kapcake.bankingservice.config;
import org.modelmapper.ModelMapper;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.web.client.RestTemplate;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration @Configuration
public class BankingServiceConfig { public class BankingServiceConfig {
@Bean @Bean
public PasswordEncoder passwordEncoder() { public ModelMapper modelMapper() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder(); return new ModelMapper();
} }
} }

19
src/main/java/net/kapcake/bankingservice/controllers/AuthController.java Normal file
View File

@@ -0,0 +1,19 @@
package net.kapcake.bankingservice.controllers;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import net.kapcake.bankingservice.security.UserDetailsImpl;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@Slf4j
public class AuthController {
@PostMapping("/login")
public void login(HttpServletRequest request) {
Authentication auth = (Authentication) request.getUserPrincipal();
UserDetailsImpl user = (UserDetailsImpl) auth.getPrincipal();
log.info("User {} logged in.", user.getUsername());
}
}

12
src/main/java/net/kapcake/bankingservice/controllers/BankingServiceController.java
View File

@@ -1,7 +1,10 @@
package net.kapcake.bankingservice.controllers; package net.kapcake.bankingservice.controllers;
import net.kapcake.bankingservice.domain.BankAccount; import net.kapcake.bankingservice.model.domain.BankAccountDTO;
import net.kapcake.bankingservice.model.entities.BankAccount;
import net.kapcake.bankingservice.security.UserDetailsImpl;
import net.kapcake.bankingservice.services.AccountService; import net.kapcake.bankingservice.services.AccountService;
import org.modelmapper.ModelMapper;
import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
@@ -12,13 +15,16 @@ import java.util.List;
@RestController @RestController
public class BankingServiceController { public class BankingServiceController {
private final AccountService accountService; private final AccountService accountService;
private final ModelMapper modelMapper;
public BankingServiceController(AccountService accountService) { public BankingServiceController(AccountService accountService) {
this.accountService = accountService; this.accountService = accountService;
this.modelMapper = modelMapper;
} }
@GetMapping("/accounts") @GetMapping("/accounts")
public List<BankAccount> getAccounts(@AuthenticationPrincipal User user) { public List<BankAccountDTO> getAccounts(@AuthenticationPrincipal UserDetailsImpl authenticatedUser) {
return accountService.getAccounts(user); return accountService.getAccounts(authenticatedUser.user()).stream()
.map(account -> modelMapper.map(account, BankAccountDTO.class)).toList();
} }
} }

45
src/main/java/net/kapcake/bankingservice/security/UserDetailsImpl.java Normal file
View File

@@ -0,0 +1,45 @@
package net.kapcake.bankingservice.security;
import net.kapcake.bankingservice.model.entities.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;
public record UserDetailsImpl(User user) implements UserDetails {
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return null;
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}

4
src/main/java/net/kapcake/bankingservice/security/UserDetailsServiceImpl.java
View File

@@ -8,8 +8,6 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import static org.springframework.security.core.userdetails.User.withUsername;
@Service @Service
public class UserDetailsServiceImpl implements UserDetailsService { public class UserDetailsServiceImpl implements UserDetailsService {
private final UserRepository userRepository; private final UserRepository userRepository;
@@ -23,6 +21,6 @@ public class UserDetailsServiceImpl implements UserDetailsService {
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userRepository.findByUsername(username) User user = userRepository.findByUsername(username)
.orElseThrow(() -> new UsernameNotFoundException("User (" + username + ") does not exist")); .orElseThrow(() -> new UsernameNotFoundException("User (" + username + ") does not exist"));
return withUsername(username).password(user.getPassword()).authorities("USER").build(); return new UserDetailsImpl(user);
} }
} }