[ADD] JWT WITH SPRING SECURITY ADDED

69efc884 · Mauro Paolo Josue Zuñiga Mallqui · b8ffb757 · 69efc884 · 69efc884 · b8ffb757
Commit 69efc884 authored Dec 20, 2023 by Mauro Paolo Josue Zuñiga Mallqui
7 changed files
--- a/src/main/java/web/multitask/app/api/AppApi.java
+++ b/src/main/java/web/multitask/app/api/AppApi.java
@@ -5,6 +5,7 @@ import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 import web.multitask.app.mysql.ProcedureMysql;
+import web.multitask.app.repository.UserRespository;
 @RestController
 @CrossOrigin("*")
@@ -12,9 +13,11 @@ import web.multitask.app.mysql.ProcedureMysql;
 public class AppApi {
    final ProcedureMysql procedureMysql;
+    final UserRespository userRepo;
-    public AppApi(ProcedureMysql procedureMysql) {
+    public AppApi(ProcedureMysql procedureMysql, UserRespository userRepo) {
        this.procedureMysql = procedureMysql;
+        this.userRepo = userRepo;
    }
    @PostMapping("/procedure")
@@ -34,4 +37,9 @@ public class AppApi {
        }
    }
+    @GetMapping("/users")
+    public String getUsers (){
+        return new JSONObject().put("data", userRepo.findAll()).put("message", "Success").put("status", true).toString();
+    }
 }
\ No newline at end of file
--- a/src/main/java/web/multitask/app/config/SecurityConfig.java
+++ b/src/main/java/web/multitask/app/config/SecurityConfig.java
@@ -49,8 +49,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        http
                 .cors(AbstractHttpConfigurer::disable).csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(
-                        authorizeRequests -> authorizeRequests.antMatchers("/test/admin").hasRole("ADMIN")
+                        authorizeRequests -> authorizeRequests
-                                .antMatchers("/test/user").hasRole("USER")
+                                .antMatchers("/test/admin").hasAuthority("ADMIN")
+                                .antMatchers("/test/user").hasAuthority("USER")
                                 .antMatchers(HttpMethod.GET, "/**").permitAll()
                                .antMatchers(HttpMethod.POST, "/**").permitAll()
                                .anyRequest()

--- a/src/main/java/web/multitask/app/model/ERole.java
+++ b/src/main/java/web/multitask/app/model/ERole.java
-package web.multitask.app.model;
-public enum ERole {
-    ROLE_USER,
-    ROLE_MODERATOR,
-    ROLE_ADMIN
-}
\ No newline at end of file
--- a/src/main/java/web/multitask/app/model/Role.java
+++ b/src/main/java/web/multitask/app/model/Role.java
 package web.multitask.app.model;
 ;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.NonNull;
 import lombok.Setter;
 import javax.persistence.*;
-@Getter
-@Setter
 @Entity
 @Table(name = "roles")
+@Getter
 public class Role {
+    @NonNull
    @Id
-    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Integer id;
+    private int id;
+    @NonNull
-    @Enumerated(EnumType.STRING)
+    private String descripcion;
-    @Column(length = 20)
-    private ERole name;
-    public Role() {
-    }
-    public Role(ERole name) {
-        this.name = name;
-    }
 }
\ No newline at end of file
--- a/src/main/java/web/multitask/app/provider/HeaderAuthenticationProvider.java
+++ b/src/main/java/web/multitask/app/provider/HeaderAuthenticationProvider.java
-package web.multitask.app.provider;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import java.util.ArrayList;
-import org.springframework.stereotype.Component;
-@Component
-public class HeaderAuthenticationProvider implements AuthenticationProvider {
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        String name = authentication.getName();
-        String password = authentication.getCredentials().toString();
-        return new UsernamePasswordAuthenticationToken(
-                name, password, new ArrayList<>());
-    }
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return authentication.equals(UsernamePasswordAuthenticationToken.class);
-    }
-}
\ No newline at end of file
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -4,7 +4,7 @@ spring.datasource.password=asd123
 spring.datasource.driverClassName=com.mysql.cj.jdbc.Driver
 server.port=8080
 server.address=0.0.0.0
+spring.jpa.show-sql=true
 app.jwtSecret=9a4f2c8d3b7a1e6f45c8a0b3f267d8b1d4e6f3c8a9d2b5f8e3a9c8b5f6v8a3d9
+spring.jpa.hibernate.ddl-auto = update
 spring.security.filter.order=1
\ No newline at end of file
--- a/target/app.war
+++ b/target/app.war