From 35fb05ac01b189b72c90bc88c25eaf709886546a Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Mon, 2 Oct 2023 08:18:57 +0300 Subject: [PATCH 1/6] Add JWT authorization --- pom.xml | 21 ++++ .../config/ApplicationConfig.java | 50 ++++++++++ .../config/JwtAuthenticationFilter.java | 68 +++++++++++++ .../expensetrackerfaf/config/JwtService.java | 95 +++++++++++++++++++ .../config/SecurityConfiguration.java | 40 ++++++++ .../auth/AuthenticationController.java | 26 +++++ .../auth/AuthenticationRequest.java | 16 ++++ .../auth/AuthenticationResponse.java | 15 +++ .../controller/auth/RegisterRequest.java | 22 +++++ .../faf223/expensetrackerfaf/model/User.java | 80 +++------------- .../repository/UserRepository.java | 3 + .../security/PersonDetails.java | 12 ++- .../service/AuthenticationService.java | 45 +++++++++ 13 files changed, 423 insertions(+), 70 deletions(-) create mode 100644 src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationRequest.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationResponse.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java create mode 100644 src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java diff --git a/pom.xml b/pom.xml index d55c78f..e90d662 100644 --- a/pom.xml +++ b/pom.xml @@ -52,6 +52,27 @@ mysql-connector-j 8.1.0 + + io.jsonwebtoken + jjwt-api + 0.11.5 + + + io.jsonwebtoken + jjwt-impl + 0.11.5 + + + io.jsonwebtoken + jjwt-jackson + 0.11.5 + + + org.projectlombok + lombok + 1.18.20 + provided + diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java new file mode 100644 index 0000000..ad1ef47 --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java @@ -0,0 +1,50 @@ +package com.faf223.expensetrackerfaf.config; + +import com.faf223.expensetrackerfaf.repository.UserRepository; +import com.faf223.expensetrackerfaf.security.PersonDetails; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; + +@Configuration +public class ApplicationConfig { + + private final UserRepository repository; + + @Autowired + public ApplicationConfig(UserRepository repository) { + this.repository = repository; + } + + @Bean + public UserDetailsService userDetailsService() { + return username -> new PersonDetails(repository.findByEmail(username) + .orElseThrow(() -> new UsernameNotFoundException("User not found"))); + } + + @Bean + public AuthenticationProvider authenticationProvider() { + DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); + authProvider.setUserDetailsService(userDetailsService()); + authProvider.setPasswordEncoder(passwordEncoder()); + return authProvider; + } + + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { + return config.getAuthenticationManager(); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java new file mode 100644 index 0000000..ff21f3d --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java @@ -0,0 +1,68 @@ +package com.faf223.expensetrackerfaf.config; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.lang.NonNull; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +@Component +public class JwtAuthenticationFilter extends OncePerRequestFilter { + + private final JwtService jwtService; + private final UserDetailsService userDetailsService; + private final TokenRepository tokenRepository; + + public JwtAuthenticationFilter(JwtService jwtService, UserDetailsService userDetailsService) { + this.jwtService = jwtService; + this.userDetailsService = userDetailsService; + } + + @Override + protected void doFilterInternal( + @NonNull HttpServletRequest request, + @NonNull HttpServletResponse response, + @NonNull FilterChain filterChain + ) throws ServletException, IOException { + if (request.getServletPath().contains("/api/v1/auth")) { + filterChain.doFilter(request, response); + return; + } + final String authHeader = request.getHeader("Authorization"); + final String jwt; + final String userEmail; + if (authHeader == null || !authHeader.startsWith("Bearer ")) { + filterChain.doFilter(request, response); + return; + } + jwt = authHeader.substring(7); + userEmail = jwtService.extractUsername(jwt); + if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) { + UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail); + var isTokenValid = tokenRepository.findByToken(jwt) + .map(t -> !t.isExpired() && !t.isRevoked()) + .orElse(false); + if (jwtService.isTokenValid(jwt, userDetails) && isTokenValid) { + UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( + userDetails, + null, + userDetails.getAuthorities() + ); + authToken.setDetails( + new WebAuthenticationDetailsSource().buildDetails(request) + ); + SecurityContextHolder.getContext().setAuthentication(authToken); + } + } + filterChain.doFilter(request, response); + } +} \ No newline at end of file diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java b/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java new file mode 100644 index 0000000..ef1483b --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java @@ -0,0 +1,95 @@ +package com.faf223.expensetrackerfaf.config; + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.stereotype.Service; + +import java.security.Key; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; +import java.util.function.Function; + +@Service +public class JwtService { + + @Value("${application.security.jwt.secret-key}") + private String secretKey; + @Value("${application.security.jwt.expiration}") + private long jwtExpiration; + @Value("${application.security.jwt.refresh-token.expiration}") + private long refreshExpiration; + + public String extractUsername(String token) { + return extractClaim(token, Claims::getSubject); + } + + public T extractClaim(String token, Function claimsResolver) { + final Claims claims = extractAllClaims(token); + return claimsResolver.apply(claims); + } + + public String generateToken(UserDetails userDetails) { + return generateToken(new HashMap<>(), userDetails); + } + + public String generateToken( + Map extraClaims, + UserDetails userDetails + ) { + return buildToken(extraClaims, userDetails, jwtExpiration); + } + + public String generateRefreshToken( + UserDetails userDetails + ) { + return buildToken(new HashMap<>(), userDetails, refreshExpiration); + } + + private String buildToken( + Map extraClaims, + UserDetails userDetails, + long expiration + ) { + return Jwts + .builder() + .setClaims(extraClaims) + .setSubject(userDetails.getUsername()) + .setIssuedAt(new Date(System.currentTimeMillis())) + .setExpiration(new Date(System.currentTimeMillis() + expiration)) + .signWith(getSignInKey(), SignatureAlgorithm.HS256) + .compact(); + } + + public boolean isTokenValid(String token, UserDetails userDetails) { + final String username = extractUsername(token); + return (username.equals(userDetails.getUsername())) && !isTokenExpired(token); + } + + private boolean isTokenExpired(String token) { + return extractExpiration(token).before(new Date()); + } + + private Date extractExpiration(String token) { + return extractClaim(token, Claims::getExpiration); + } + + private Claims extractAllClaims(String token) { + return Jwts + .parserBuilder() + .setSigningKey(getSignInKey()) + .build() + .parseClaimsJws(token) + .getBody(); + } + + private Key getSignInKey() { + byte[] keyBytes = Decoders.BASE64.decode(secretKey); + return Keys.hmacShaKeyFor(keyBytes); + } +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java new file mode 100644 index 0000000..bdf878e --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java @@ -0,0 +1,40 @@ +package com.faf223.expensetrackerfaf.config; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +@Configuration +@EnableWebSecurity +public class SecurityConfiguration { + + private final JwtAuthenticationFilter jwtAuthFilter; + private final AuthenticationProvider authenticationProvider; + + @Autowired + public SecurityConfiguration(JwtAuthenticationFilter jwtAuthFilter, AuthenticationProvider authenticationProvider) { + this.jwtAuthFilter = jwtAuthFilter; + this.authenticationProvider = authenticationProvider; + } + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .csrf(csrf -> csrf.disable()) + .authorizeHttpRequests(auth -> auth + .requestMatchers("").permitAll() + .anyRequest().authenticated() + ) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authenticationProvider(authenticationProvider) + .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); // will be executed before UsernamePasswordAuthenticationFilter + + return http.build(); + } +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java new file mode 100644 index 0000000..1285ee4 --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java @@ -0,0 +1,26 @@ +package com.faf223.expensetrackerfaf.controller.auth; + +import com.faf223.expensetrackerfaf.service.AuthenticationService; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +@RestController +@RequestMapping("api/v1/auth") +public class AuthenticationController { + + private final AuthenticationService service; + + public AuthenticationController(AuthenticationService service) { + this.service = service; + } + + @PostMapping("/register") + public ResponseEntity register(@RequestBody RegisterRequest request) { + return ResponseEntity.ok(service.register(request)); + } + + @PostMapping("/authenticate") + public ResponseEntity register(@RequestBody AuthenticationRequest request) { + return ResponseEntity.ok(service.authenticate(request)); + } +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationRequest.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationRequest.java new file mode 100644 index 0000000..63f7b1c --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationRequest.java @@ -0,0 +1,16 @@ +package com.faf223.expensetrackerfaf.controller.auth; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class AuthenticationRequest { + + private String email; + private String password; +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationResponse.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationResponse.java new file mode 100644 index 0000000..bc92552 --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationResponse.java @@ -0,0 +1,15 @@ +package com.faf223.expensetrackerfaf.controller.auth; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class AuthenticationResponse { + + private String token; +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java new file mode 100644 index 0000000..755a1e0 --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java @@ -0,0 +1,22 @@ +package com.faf223.expensetrackerfaf.controller.auth; + + +import com.faf223.expensetrackerfaf.model.Role; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class RegisterRequest { + + private String firstName; + private String lastName; + + private String email; + private String password; + private Role role; +} diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/User.java b/src/main/java/com/faf223/expensetrackerfaf/model/User.java index 1504f28..26b23fd 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/User.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/User.java @@ -1,18 +1,29 @@ package com.faf223.expensetrackerfaf.model; + import jakarta.persistence.*; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; import java.util.List; @Entity +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor @Table(name = "User") public class User { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private long id; - private String name; + private String firstName; + private String lastName; private String email; private String password; + @Enumerated(EnumType.STRING) private Role role; @@ -22,71 +33,4 @@ public class User { @OneToMany(mappedBy = "user") private List incomes; - public User(long id, String name, String email, String password, Role role, List expenses, List incomes) { - this.id = id; - this.name = name; - this.email = email; - this.password = password; - this.role = role; - this.expenses = expenses; - this.incomes = incomes; - } - - public User() {} - - public long getId() { - return id; - } - - public void setId(long id) { - this.id = id; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getEmail() { - return email; - } - - public void setEmail(String email) { - this.email = email; - } - - public String getPassword() { - return password; - } - - public void setPassword(String password) { - this.password = password; - } - - public Role getRole() { - return role; - } - - public void setRole(Role role) { - this.role = role; - } - - public List getExpenses() { - return expenses; - } - - public void setExpenses(List expenses) { - this.expenses = expenses; - } - - public List getIncomes() { - return incomes; - } - - public void setIncomes(List incomes) { - this.incomes = incomes; - } } diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java index c3edd6a..3049a85 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java @@ -3,5 +3,8 @@ package com.faf223.expensetrackerfaf.repository; import com.faf223.expensetrackerfaf.model.User; import org.springframework.data.jpa.repository.JpaRepository; +import java.util.Optional; + public interface UserRepository extends JpaRepository { + Optional findByEmail(String username); } diff --git a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java index cb18bc5..74770e1 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java +++ b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java @@ -1,16 +1,24 @@ package com.faf223.expensetrackerfaf.security; import com.faf223.expensetrackerfaf.model.Role; +import com.faf223.expensetrackerfaf.model.User; import jakarta.persistence.EnumType; import jakarta.persistence.Enumerated; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import java.util.Collection; import java.util.List; +@Data +@Builder +@NoArgsConstructor(force = true) +@AllArgsConstructor public class PersonDetails implements UserDetails { private final User user; @@ -34,7 +42,7 @@ public class PersonDetails implements UserDetails { @Override public String getUsername() { - return user.getUsername(); + return user.getEmail(); } @Override diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java new file mode 100644 index 0000000..d253038 --- /dev/null +++ b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java @@ -0,0 +1,45 @@ +package com.faf223.expensetrackerfaf.service; + +import com.faf223.expensetrackerfaf.config.JwtService; +import com.faf223.expensetrackerfaf.controller.auth.AuthenticationRequest; +import com.faf223.expensetrackerfaf.controller.auth.AuthenticationResponse; +import com.faf223.expensetrackerfaf.controller.auth.RegisterRequest; +import com.faf223.expensetrackerfaf.model.Role; +import com.faf223.expensetrackerfaf.model.User; +import com.faf223.expensetrackerfaf.repository.UserRepository; +import com.faf223.expensetrackerfaf.security.PersonDetails; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Service; + +@Service +public class AuthenticationService { + + private final UserRepository repository; + private final PasswordEncoder passwordEncoder; + private final JwtService jwtService; + + public AuthenticationService(UserRepository repository, PasswordEncoder passwordEncoder, JwtService jwtService) { + this.repository = repository; + this.passwordEncoder = passwordEncoder; + this.jwtService = jwtService; + } + + public AuthenticationResponse authenticate(AuthenticationRequest request) { + + } + + public AuthenticationResponse register(RegisterRequest request) { + User user = User.builder() + .firstName(request.getFirstName()) + .lastName(request.getLastName()) + .email(request.getEmail()) + .password(passwordEncoder.encode(request.getPassword())) + .role(request.getRole()) + .build(); + repository.save(user); + String jwtToken = jwtService.generateToken(new PersonDetails(user)); + return AuthenticationResponse.builder() + .token(jwtToken) + .build(); + } +} From 5e0000d53253e3f6492448ba032b2dff335c3643 Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Tue, 3 Oct 2023 12:20:14 +0300 Subject: [PATCH 2/6] Add JWT authentication --- .../config/ApplicationConfig.java | 12 +++-- .../config/JwtAuthenticationFilter.java | 16 ++----- .../expensetrackerfaf/config/JwtService.java | 12 +---- .../config/SecurityConfiguration.java | 2 +- .../controller/auth/RegisterRequest.java | 8 ++-- .../expensetrackerfaf/model/Credential.java | 45 +++++++++++------ .../faf223/expensetrackerfaf/model/Role.java | 2 +- .../faf223/expensetrackerfaf/model/User.java | 26 +++++----- .../repository/CredentialRepository.java | 3 ++ .../repository/UserRepository.java | 5 +- .../security/PersonDetails.java | 23 ++++----- .../service/AuthenticationService.java | 48 +++++++++++++------ 12 files changed, 109 insertions(+), 93 deletions(-) diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java index ad1ef47..cc96a0b 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java @@ -1,5 +1,6 @@ package com.faf223.expensetrackerfaf.config; +import com.faf223.expensetrackerfaf.repository.CredentialRepository; import com.faf223.expensetrackerfaf.repository.UserRepository; import com.faf223.expensetrackerfaf.security.PersonDetails; import org.springframework.beans.factory.annotation.Autowired; @@ -17,17 +18,18 @@ import org.springframework.security.crypto.password.PasswordEncoder; @Configuration public class ApplicationConfig { - private final UserRepository repository; + private final UserRepository userRepository; + private final CredentialRepository credentialRepository; @Autowired - public ApplicationConfig(UserRepository repository) { - this.repository = repository; + public ApplicationConfig(UserRepository userRepository, CredentialRepository credentialRepository) { + this.userRepository = userRepository; + this.credentialRepository = credentialRepository; } @Bean public UserDetailsService userDetailsService() { - return username -> new PersonDetails(repository.findByEmail(username) - .orElseThrow(() -> new UsernameNotFoundException("User not found"))); + return username -> new PersonDetails(credentialRepository.findByEmail(username).orElseThrow((() -> new UsernameNotFoundException("User not found")))); } @Bean diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java index ff21f3d..934a4b1 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java @@ -20,7 +20,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtService jwtService; private final UserDetailsService userDetailsService; - private final TokenRepository tokenRepository; public JwtAuthenticationFilter(JwtService jwtService, UserDetailsService userDetailsService) { this.jwtService = jwtService; @@ -48,18 +47,11 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { userEmail = jwtService.extractUsername(jwt); if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) { UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail); - var isTokenValid = tokenRepository.findByToken(jwt) - .map(t -> !t.isExpired() && !t.isRevoked()) - .orElse(false); - if (jwtService.isTokenValid(jwt, userDetails) && isTokenValid) { + if (jwtService.isTokenValid(jwt, userDetails)) { UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( - userDetails, - null, - userDetails.getAuthorities() - ); - authToken.setDetails( - new WebAuthenticationDetailsSource().buildDetails(request) - ); + userDetails, null, userDetails.getAuthorities()); + authToken.setDetails(new WebAuthenticationDetailsSource() + .buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authToken); } } diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java b/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java index ef1483b..a9904f9 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java @@ -45,17 +45,7 @@ public class JwtService { return buildToken(extraClaims, userDetails, jwtExpiration); } - public String generateRefreshToken( - UserDetails userDetails - ) { - return buildToken(new HashMap<>(), userDetails, refreshExpiration); - } - - private String buildToken( - Map extraClaims, - UserDetails userDetails, - long expiration - ) { + private String buildToken(Map extraClaims, UserDetails userDetails, long expiration) { return Jwts .builder() .setClaims(extraClaims) diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java index bdf878e..c4a4fae 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java @@ -28,7 +28,7 @@ public class SecurityConfiguration { http .csrf(csrf -> csrf.disable()) .authorizeHttpRequests(auth -> auth - .requestMatchers("").permitAll() + .requestMatchers("/api/v1/auth/**").permitAll() .anyRequest().authenticated() ) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java index 755a1e0..ca50bad 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/RegisterRequest.java @@ -13,10 +13,10 @@ import lombok.NoArgsConstructor; @NoArgsConstructor public class RegisterRequest { - private String firstName; - private String lastName; - - private String email; + private String firstname; // Change field name to match JSON + private String lastname; // Change field name to match JSON + private String username; // Change field name to match JSON + private String email; // Change field name to match JSON private String password; private Role role; } diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java b/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java index aa2b4bd..bc477c0 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java @@ -1,20 +1,35 @@ -package com.faf223.expensetrackerfaf.model; + package com.faf223.expensetrackerfaf.model; -import jakarta.persistence.*; -import lombok.Data; + import jakarta.persistence.*; + import lombok.AllArgsConstructor; + import lombok.Data; + import lombok.NoArgsConstructor; -@Data -@Entity(name = "credentials") -public class Credential { - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long credentialId; + @Data + @Entity(name = "credentials") + @NoArgsConstructor + @AllArgsConstructor + public class Credential { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private Long credentialId; - @ManyToOne - @JoinColumn(name = "user_uuid") - private User user; + @ManyToOne + @JoinColumn(name = "user_uuid") + private User user; - private String email; - private String password; -} + private String email; + private String password; + + @Enumerated(EnumType.STRING) + private Role role; + + public Credential(User user, String email, String password) { + this.user = user; + this.email = email; + this.password = password; + + this.role = Role.USER; + } + } diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Role.java b/src/main/java/com/faf223/expensetrackerfaf/model/Role.java index d9393e8..cb47b04 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Role.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Role.java @@ -2,5 +2,5 @@ package com.faf223.expensetrackerfaf.model; public enum Role { - UNREGISTERED, REGISTERED, ADMIN; + USER, ADMIN } diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/User.java b/src/main/java/com/faf223/expensetrackerfaf/model/User.java index 26b23fd..c0d84bf 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/User.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/User.java @@ -9,28 +9,32 @@ import lombok.NoArgsConstructor; import java.util.List; -@Entity +@Entity(name = "users") @Data @Builder @NoArgsConstructor @AllArgsConstructor -@Table(name = "User") public class User { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private long id; - private String firstName; - private String lastName; - private String email; - private String password; + @Column(name = "user_uuid") + @GeneratedValue(strategy = GenerationType.UUID) + private String userUuid; - @Enumerated(EnumType.STRING) - private Role role; + @Column(name = "name") + private String firstName; + + @Column(name = "surname") + private String lastName; + + @Column(name = "username") + private String username; + + @Transient + private String password; @OneToMany(mappedBy = "user") private List expenses; @OneToMany(mappedBy = "user") private List incomes; - } diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/CredentialRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/CredentialRepository.java index 346136a..065212d 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/CredentialRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/CredentialRepository.java @@ -4,6 +4,9 @@ import com.faf223.expensetrackerfaf.model.Credential; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; +import java.util.Optional; + @Repository public interface CredentialRepository extends JpaRepository { + Optional findByEmail(String email); } \ No newline at end of file diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java index 3049a85..74c1b83 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java @@ -3,8 +3,5 @@ package com.faf223.expensetrackerfaf.repository; import com.faf223.expensetrackerfaf.model.User; import org.springframework.data.jpa.repository.JpaRepository; -import java.util.Optional; - -public interface UserRepository extends JpaRepository { - Optional findByEmail(String username); +public interface UserRepository extends JpaRepository { } diff --git a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java index 74770e1..d57d48e 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java +++ b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java @@ -1,10 +1,6 @@ package com.faf223.expensetrackerfaf.security; -import com.faf223.expensetrackerfaf.model.Role; -import com.faf223.expensetrackerfaf.model.User; -import jakarta.persistence.EnumType; -import jakarta.persistence.Enumerated; -import lombok.AllArgsConstructor; +import com.faf223.expensetrackerfaf.model.Credential; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; @@ -18,31 +14,28 @@ import java.util.List; @Data @Builder @NoArgsConstructor(force = true) -@AllArgsConstructor +//@AllArgsConstructor public class PersonDetails implements UserDetails { - private final User user; + private final Credential credential; - @Enumerated(EnumType.STRING) - private Role role; - - public PersonDetails(User user) { - this.user = user; + public PersonDetails(Credential credential) { + this.credential = credential; } @Override public Collection getAuthorities() { - return List.of(new SimpleGrantedAuthority(role.name())); + return List.of(new SimpleGrantedAuthority(credential.getRole().name())); } @Override public String getPassword() { - return user.getPassword(); + return credential.getPassword(); } @Override public String getUsername() { - return user.getEmail(); + return credential.getEmail(); } @Override diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java index d253038..b3c1ce5 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java @@ -4,42 +4,62 @@ import com.faf223.expensetrackerfaf.config.JwtService; import com.faf223.expensetrackerfaf.controller.auth.AuthenticationRequest; import com.faf223.expensetrackerfaf.controller.auth.AuthenticationResponse; import com.faf223.expensetrackerfaf.controller.auth.RegisterRequest; -import com.faf223.expensetrackerfaf.model.Role; +import com.faf223.expensetrackerfaf.model.Credential; import com.faf223.expensetrackerfaf.model.User; +import com.faf223.expensetrackerfaf.repository.CredentialRepository; import com.faf223.expensetrackerfaf.repository.UserRepository; import com.faf223.expensetrackerfaf.security.PersonDetails; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; @Service public class AuthenticationService { - private final UserRepository repository; + private final UserRepository userRepository; + private final CredentialRepository credentialRepository; private final PasswordEncoder passwordEncoder; private final JwtService jwtService; + private final AuthenticationManager authenticationManager; - public AuthenticationService(UserRepository repository, PasswordEncoder passwordEncoder, JwtService jwtService) { - this.repository = repository; + public AuthenticationService(UserRepository repository, CredentialRepository credentialRepository, PasswordEncoder passwordEncoder, JwtService jwtService, AuthenticationManager authenticationManager) { + this.userRepository = repository; + this.credentialRepository = credentialRepository; this.passwordEncoder = passwordEncoder; this.jwtService = jwtService; - } - - public AuthenticationResponse authenticate(AuthenticationRequest request) { - + this.authenticationManager = authenticationManager; } public AuthenticationResponse register(RegisterRequest request) { + User user = User.builder() - .firstName(request.getFirstName()) - .lastName(request.getLastName()) - .email(request.getEmail()) + .firstName(request.getFirstname()) + .lastName(request.getLastname()) .password(passwordEncoder.encode(request.getPassword())) - .role(request.getRole()) + .username(request.getUsername()) .build(); - repository.save(user); - String jwtToken = jwtService.generateToken(new PersonDetails(user)); + System.out.println(user); + userRepository.save(user); + Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword())); + credentialRepository.save(credential); + + String jwtToken = jwtService.generateToken(new PersonDetails(credential)); return AuthenticationResponse.builder() .token(jwtToken) .build(); } + + public AuthenticationResponse authenticate(AuthenticationRequest request) { + authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(request.getEmail(), request.getPassword())); + + Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found"))); + + String jwtToken = jwtService.generateToken(new PersonDetails(credential)); + return AuthenticationResponse.builder() + .token(jwtToken) + .build(); + } + } From b396c1c1378b7b799ab87845043bd49a00c61a40 Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Wed, 4 Oct 2023 08:57:52 +0300 Subject: [PATCH 3/6] Fix bugs caused by Expense/Income controllers --- .../expensetrackerfaf/config/ApplicationConfig.java | 9 ++------- .../config/JwtAuthenticationFilter.java | 7 ++----- .../config/SecurityConfiguration.java | 9 ++------- .../controller/ExpenseController.java | 6 +++--- .../controller/IncomeController.java | 7 ++++--- .../expensetrackerfaf/controller/UserController.java | 7 ++++--- .../com/faf223/expensetrackerfaf/model/Expense.java | 6 +++++- .../com/faf223/expensetrackerfaf/model/Income.java | 4 ++++ .../java/com/faf223/expensetrackerfaf/model/User.java | 11 +++++------ .../expensetrackerfaf/security/PersonDetails.java | 7 ++----- .../service/AuthenticationService.java | 10 ++-------- .../expensetrackerfaf/service/ExpenseService.java | 6 +++--- .../expensetrackerfaf/service/IncomeService.java | 7 ++++--- .../faf223/expensetrackerfaf/service/UserService.java | 6 +++--- 14 files changed, 45 insertions(+), 57 deletions(-) diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java index cc96a0b..57d1823 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java @@ -3,7 +3,7 @@ package com.faf223.expensetrackerfaf.config; import com.faf223.expensetrackerfaf.repository.CredentialRepository; import com.faf223.expensetrackerfaf.repository.UserRepository; import com.faf223.expensetrackerfaf.security.PersonDetails; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -16,17 +16,12 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration +@RequiredArgsConstructor public class ApplicationConfig { private final UserRepository userRepository; private final CredentialRepository credentialRepository; - @Autowired - public ApplicationConfig(UserRepository userRepository, CredentialRepository credentialRepository) { - this.userRepository = userRepository; - this.credentialRepository = credentialRepository; - } - @Bean public UserDetailsService userDetailsService() { return username -> new PersonDetails(credentialRepository.findByEmail(username).orElseThrow((() -> new UsernameNotFoundException("User not found")))); diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java index 934a4b1..1f91bc6 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java @@ -4,6 +4,7 @@ import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; import org.springframework.lang.NonNull; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; @@ -16,16 +17,12 @@ import org.springframework.web.filter.OncePerRequestFilter; import java.io.IOException; @Component +@RequiredArgsConstructor public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtService jwtService; private final UserDetailsService userDetailsService; - public JwtAuthenticationFilter(JwtService jwtService, UserDetailsService userDetailsService) { - this.jwtService = jwtService; - this.userDetailsService = userDetailsService; - } - @Override protected void doFilterInternal( @NonNull HttpServletRequest request, diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java index c4a4fae..9b2956f 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java @@ -1,6 +1,6 @@ package com.faf223.expensetrackerfaf.config; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationProvider; @@ -12,17 +12,12 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @Configuration @EnableWebSecurity +@RequiredArgsConstructor public class SecurityConfiguration { private final JwtAuthenticationFilter jwtAuthFilter; private final AuthenticationProvider authenticationProvider; - @Autowired - public SecurityConfiguration(JwtAuthenticationFilter jwtAuthFilter, AuthenticationProvider authenticationProvider) { - this.jwtAuthFilter = jwtAuthFilter; - this.authenticationProvider = authenticationProvider; - } - @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/ExpenseController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/ExpenseController.java index 9769c9a..1f8b092 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/ExpenseController.java +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/ExpenseController.java @@ -2,7 +2,7 @@ package com.faf223.expensetrackerfaf.controller; import com.faf223.expensetrackerfaf.model.Expense; import com.faf223.expensetrackerfaf.service.ExpenseService; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -13,10 +13,10 @@ import java.util.List; @RestController @RequestMapping("/expenses") +@RequiredArgsConstructor public class ExpenseController { - @Autowired - private ExpenseService expenseService; + private final ExpenseService expenseService; @GetMapping("/user/{userUuid}") public ResponseEntity> getExpensesByUser(@PathVariable String userUuid) { diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/IncomeController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/IncomeController.java index 078c65a..69cb37b 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/IncomeController.java +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/IncomeController.java @@ -2,7 +2,7 @@ package com.faf223.expensetrackerfaf.controller; import com.faf223.expensetrackerfaf.model.Income; import com.faf223.expensetrackerfaf.service.IncomeService; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -13,9 +13,10 @@ import java.util.List; @RestController @RequestMapping("/incomes") +@RequiredArgsConstructor public class IncomeController { - @Autowired - private IncomeService incomeService; + + private final IncomeService incomeService; @GetMapping("/user/{userUuid}") public ResponseEntity> getIncomesByUser(@PathVariable String userUuid) { diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/UserController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/UserController.java index a9de44e..b9724fb 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/UserController.java +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/UserController.java @@ -2,7 +2,7 @@ package com.faf223.expensetrackerfaf.controller; import com.faf223.expensetrackerfaf.model.User; import com.faf223.expensetrackerfaf.service.UserService; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -11,13 +11,14 @@ import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/users") +@RequiredArgsConstructor public class UserController { - @Autowired - private UserService userService; + private final UserService userService; @GetMapping("/{userUuid}") public ResponseEntity getUser(@PathVariable String userUuid) { + // TODO: Create a DTO class that will be returned instead of User(password: null and uuid are returned inside of the user object) User user = userService.getUserById(userUuid); if (user != null) { return ResponseEntity.ok(user); diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Expense.java b/src/main/java/com/faf223/expensetrackerfaf/model/Expense.java index 67df9cf..e241d20 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Expense.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Expense.java @@ -1,6 +1,8 @@ package com.faf223.expensetrackerfaf.model; +import com.fasterxml.jackson.annotation.JsonIgnore; import jakarta.persistence.*; import lombok.Data; +import lombok.ToString; import java.math.BigDecimal; import java.time.LocalDate; @@ -12,8 +14,10 @@ public class Expense { @GeneratedValue(strategy = GenerationType.IDENTITY) private Long expenseId; - @ManyToOne + @ManyToOne() @JoinColumn(name = "user_uuid") + @ToString.Exclude + @JsonIgnore private User user; @ManyToOne diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Income.java b/src/main/java/com/faf223/expensetrackerfaf/model/Income.java index 38344a7..e6e1b45 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Income.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Income.java @@ -1,7 +1,9 @@ package com.faf223.expensetrackerfaf.model; +import com.fasterxml.jackson.annotation.JsonIgnore; import jakarta.persistence.*; import lombok.Data; +import lombok.ToString; import java.math.BigDecimal; import java.time.LocalDate; @@ -15,6 +17,8 @@ public class Income { @ManyToOne @JoinColumn(name = "user_uuid") + @ToString.Exclude + @JsonIgnore private User user; @ManyToOne diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/User.java b/src/main/java/com/faf223/expensetrackerfaf/model/User.java index c0d84bf..339416f 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/User.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/User.java @@ -2,10 +2,7 @@ package com.faf223.expensetrackerfaf.model; import jakarta.persistence.*; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; +import lombok.*; import java.util.List; @@ -32,9 +29,11 @@ public class User { @Transient private String password; - @OneToMany(mappedBy = "user") + @OneToMany(mappedBy = "user", fetch = FetchType.LAZY) + @ToString.Exclude private List expenses; - @OneToMany(mappedBy = "user") + @OneToMany(mappedBy = "user", fetch = FetchType.LAZY) + @ToString.Exclude private List incomes; } diff --git a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java index d57d48e..97aa9ca 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java +++ b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java @@ -1,6 +1,7 @@ package com.faf223.expensetrackerfaf.security; import com.faf223.expensetrackerfaf.model.Credential; +import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; @@ -14,15 +15,11 @@ import java.util.List; @Data @Builder @NoArgsConstructor(force = true) -//@AllArgsConstructor +@AllArgsConstructor public class PersonDetails implements UserDetails { private final Credential credential; - public PersonDetails(Credential credential) { - this.credential = credential; - } - @Override public Collection getAuthorities() { return List.of(new SimpleGrantedAuthority(credential.getRole().name())); diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java index b3c1ce5..4532cc0 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java @@ -9,6 +9,7 @@ import com.faf223.expensetrackerfaf.model.User; import com.faf223.expensetrackerfaf.repository.CredentialRepository; import com.faf223.expensetrackerfaf.repository.UserRepository; import com.faf223.expensetrackerfaf.security.PersonDetails; +import lombok.RequiredArgsConstructor; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -16,6 +17,7 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; @Service +@RequiredArgsConstructor public class AuthenticationService { private final UserRepository userRepository; @@ -24,14 +26,6 @@ public class AuthenticationService { private final JwtService jwtService; private final AuthenticationManager authenticationManager; - public AuthenticationService(UserRepository repository, CredentialRepository credentialRepository, PasswordEncoder passwordEncoder, JwtService jwtService, AuthenticationManager authenticationManager) { - this.userRepository = repository; - this.credentialRepository = credentialRepository; - this.passwordEncoder = passwordEncoder; - this.jwtService = jwtService; - this.authenticationManager = authenticationManager; - } - public AuthenticationResponse register(RegisterRequest request) { User user = User.builder() diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java b/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java index 443ca0d..5838dc0 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java @@ -2,16 +2,16 @@ package com.faf223.expensetrackerfaf.service; import com.faf223.expensetrackerfaf.model.Expense; import com.faf223.expensetrackerfaf.repository.ExpenseRepository; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import java.util.List; @Service +@RequiredArgsConstructor public class ExpenseService { - @Autowired - private ExpenseRepository expenseRepository; + private final ExpenseRepository expenseRepository; public List getExpensesByUserId(String userUuid) { return expenseRepository.findByUserUserUuid(userUuid); diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java b/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java index 5ca97d1..376c0e2 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java @@ -2,15 +2,16 @@ package com.faf223.expensetrackerfaf.service; import com.faf223.expensetrackerfaf.model.Income; import com.faf223.expensetrackerfaf.repository.IncomeRepository; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import java.util.List; @Service +@RequiredArgsConstructor public class IncomeService { - @Autowired - private IncomeRepository incomeRepository; + + private final IncomeRepository incomeRepository; public List getIncomesByUserId(String userUuid) { return incomeRepository.findByUserUserUuid(userUuid); diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/UserService.java b/src/main/java/com/faf223/expensetrackerfaf/service/UserService.java index e9c3798..389aed4 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/UserService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/UserService.java @@ -2,14 +2,14 @@ package com.faf223.expensetrackerfaf.service; import com.faf223.expensetrackerfaf.model.User; import com.faf223.expensetrackerfaf.repository.UserRepository; -import org.springframework.beans.factory.annotation.Autowired; +import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @Service +@RequiredArgsConstructor public class UserService { - @Autowired - private UserRepository userRepository; + private final UserRepository userRepository; public User getUserById(String userUuid) { return userRepository.findById(userUuid).orElse(null); From c666092cd33700b51ace27f625e024ca37f590fd Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Thu, 5 Oct 2023 19:04:38 +0300 Subject: [PATCH 4/6] Delete file --- .../controller/MainController.java | 66 ------------------- 1 file changed, 66 deletions(-) delete mode 100644 src/main/java/com/faf223/expensetrackerfaf/controller/MainController.java diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/MainController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/MainController.java deleted file mode 100644 index 47ba33b..0000000 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/MainController.java +++ /dev/null @@ -1,66 +0,0 @@ -//package com.faf223.expensetrackerfaf.controller; -// -//import com.faf223.expensetrackerfaf.model.Expense; -//import com.faf223.expensetrackerfaf.model.Income; -//import com.faf223.expensetrackerfaf.model.Role; -//import com.faf223.expensetrackerfaf.model.User; -//import org.springframework.web.bind.annotation.*; -// -//import java.util.List; -// -//@RestController -//public class MainController { -// -// @GetMapping("/") -// public String helloWorld() { -// return "Hello, World!"; -// } -// -// @GetMapping("/users/get/{id}") -// public User getUser(@PathVariable int id) { -// return new User(id, "Test", null, null, null, null, null, null); -// } -// -// @PostMapping("/users/set/{id}/name") -// public String setName(@PathVariable int id, -// @RequestParam("name") String name) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/email") -// public String setEmail(@PathVariable int id, -// @RequestParam("email") String email) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/login") -// public String setLogin(@PathVariable int id, -// @RequestParam("login") String login) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/password") -// public String setPassword(@PathVariable int id, -// @RequestParam("password") String password) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/role") -// public String setRole(@PathVariable int id, -// @RequestParam("role") Role role) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/expenses") -// public String setExpenses(@PathVariable int id, -// @RequestParam("expenses") List expenses) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -// @PostMapping("/users/set/{id}/incomes") -// public String setIncomes(@PathVariable int id, -// @RequestParam("incomes")List incomes) { -// throw new UnsupportedOperationException("Waiting for the DB."); -// } -// -//} From a6ed3794fe6aaf9acb3520cc497a57c675683442 Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Thu, 5 Oct 2023 19:14:28 +0300 Subject: [PATCH 5/6] Fix mapper + DTO --- .../config/SecurityConfiguration.java | 1 + .../auth/AuthenticationController.java | 2 +- .../expensetrackerfaf/dto/UserCreationDTO.java | 8 +++++++- .../faf223/expensetrackerfaf/dto/UserDTO.java | 3 ++- .../dto/mappers/UserMapper.java | 16 +++++++--------- .../repository/ExpenseRepository.java | 3 ++- .../repository/IncomeRepository.java | 3 ++- .../repository/UserRepository.java | 3 +++ .../service/AuthenticationService.java | 4 ++-- .../service/ExpenseService.java | 13 ++++++++++++- .../expensetrackerfaf/service/IncomeService.java | 13 ++++++++++++- 11 files changed, 51 insertions(+), 18 deletions(-) diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java index 9b2956f..4e5d318 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java @@ -24,6 +24,7 @@ public class SecurityConfiguration { .csrf(csrf -> csrf.disable()) .authorizeHttpRequests(auth -> auth .requestMatchers("/api/v1/auth/**").permitAll() + .requestMatchers("/encomes").hasRole("ADMIN") .anyRequest().authenticated() ) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) diff --git a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java index 1285ee4..1f375ea 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java +++ b/src/main/java/com/faf223/expensetrackerfaf/controller/auth/AuthenticationController.java @@ -20,7 +20,7 @@ public class AuthenticationController { } @PostMapping("/authenticate") - public ResponseEntity register(@RequestBody AuthenticationRequest request) { + public ResponseEntity authenticate(@RequestBody AuthenticationRequest request) { return ResponseEntity.ok(service.authenticate(request)); } } diff --git a/src/main/java/com/faf223/expensetrackerfaf/dto/UserCreationDTO.java b/src/main/java/com/faf223/expensetrackerfaf/dto/UserCreationDTO.java index b947426..7c0452b 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/dto/UserCreationDTO.java +++ b/src/main/java/com/faf223/expensetrackerfaf/dto/UserCreationDTO.java @@ -6,5 +6,11 @@ import lombok.Data; @Data @AllArgsConstructor public class UserCreationDTO { - private String uuid; + + private String firstname; + private String lastname; + private String username; + private String email; + private String password; + } diff --git a/src/main/java/com/faf223/expensetrackerfaf/dto/UserDTO.java b/src/main/java/com/faf223/expensetrackerfaf/dto/UserDTO.java index 9f79253..ff95f52 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/dto/UserDTO.java +++ b/src/main/java/com/faf223/expensetrackerfaf/dto/UserDTO.java @@ -6,8 +6,9 @@ import lombok.Data; @Data @AllArgsConstructor public class UserDTO { - private String uuid; + private String name; private String surname; private String username; + } diff --git a/src/main/java/com/faf223/expensetrackerfaf/dto/mappers/UserMapper.java b/src/main/java/com/faf223/expensetrackerfaf/dto/mappers/UserMapper.java index a403a24..9a64e4b 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/dto/mappers/UserMapper.java +++ b/src/main/java/com/faf223/expensetrackerfaf/dto/mappers/UserMapper.java @@ -10,19 +10,17 @@ import org.springframework.stereotype.Component; @Component public class UserMapper { - private final UserService userService; - - @Autowired - public UserMapper(UserService userService) { - this.userService = userService; - } - public UserDTO toDto(User user) { - return new UserDTO(user.getUuid(), user.getName(), user.getSurname(), user.getUsername()); + return new UserDTO(user.getFirstName(), user.getLastName(), user.getUsername()); } public User toUser(UserCreationDTO userDTO) { - return userService.getUserById(userDTO.getUuid()); + User user = new User(); + user.setFirstName(userDTO.getFirstname()); + user.setLastName(userDTO.getLastname()); + user.setUsername(userDTO.getUsername()); + + return user; } } diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/ExpenseRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/ExpenseRepository.java index 38fb2fb..f96f68e 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/ExpenseRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/ExpenseRepository.java @@ -1,6 +1,7 @@ package com.faf223.expensetrackerfaf.repository; import com.faf223.expensetrackerfaf.model.Expense; +import com.faf223.expensetrackerfaf.model.User; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; @@ -8,5 +9,5 @@ import java.util.List; @Repository public interface ExpenseRepository extends JpaRepository { - List findByUserUuid(String userUuid); + List findByUser(User user); } diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/IncomeRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/IncomeRepository.java index 2f199af..3f4f94d 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/IncomeRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/IncomeRepository.java @@ -1,6 +1,7 @@ package com.faf223.expensetrackerfaf.repository; import com.faf223.expensetrackerfaf.model.Income; +import com.faf223.expensetrackerfaf.model.User; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; @@ -8,5 +9,5 @@ import java.util.List; @Repository public interface IncomeRepository extends JpaRepository { - List findByUserUuid(String userUuid); + List findByUser(User user); } diff --git a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java index 74c1b83..d370b0a 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java +++ b/src/main/java/com/faf223/expensetrackerfaf/repository/UserRepository.java @@ -3,5 +3,8 @@ package com.faf223.expensetrackerfaf.repository; import com.faf223.expensetrackerfaf.model.User; import org.springframework.data.jpa.repository.JpaRepository; +import java.util.Optional; + public interface UserRepository extends JpaRepository { + Optional getUserByUserUuid(String userUuid); } diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java index 4532cc0..0fdb7fe 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java @@ -34,7 +34,7 @@ public class AuthenticationService { .password(passwordEncoder.encode(request.getPassword())) .username(request.getUsername()) .build(); - System.out.println(user); +// System.out.println(user); userRepository.save(user); Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword())); credentialRepository.save(credential); @@ -48,7 +48,7 @@ public class AuthenticationService { public AuthenticationResponse authenticate(AuthenticationRequest request) { authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(request.getEmail(), request.getPassword())); - Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found"))); + Credential credential = credentialRepository.findByEmail(request.getEmail()).orElseThrow((() -> new UsernameNotFoundException("User not found"))); String jwtToken = jwtService.generateToken(new PersonDetails(credential)); return AuthenticationResponse.builder() diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java b/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java index 19ab2c2..0683998 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java @@ -1,25 +1,36 @@ package com.faf223.expensetrackerfaf.service; import com.faf223.expensetrackerfaf.model.Expense; +import com.faf223.expensetrackerfaf.model.User; import com.faf223.expensetrackerfaf.repository.ExpenseRepository; +import com.faf223.expensetrackerfaf.repository.UserRepository; import lombok.RequiredArgsConstructor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import java.util.ArrayList; import java.util.List; +import java.util.Optional; @Service @RequiredArgsConstructor public class ExpenseService { private final ExpenseRepository expenseRepository; + private final UserRepository userRepository; public void createOrUpdateExpense(Expense expense) { expenseRepository.save(expense); } public List getExpensesByUserId(String userUuid) { - return expenseRepository.findByUserUuid(userUuid); + + Optional user = userRepository.getUserByUserUuid(userUuid); + if (user.isPresent()) { + return expenseRepository.findByUser(user.get()); + } + + return new ArrayList<>(); } public List getExpenses() { diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java b/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java index 23e60ea..63e1bab 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/IncomeService.java @@ -1,18 +1,23 @@ package com.faf223.expensetrackerfaf.service; import com.faf223.expensetrackerfaf.model.Income; +import com.faf223.expensetrackerfaf.model.User; import com.faf223.expensetrackerfaf.repository.IncomeRepository; +import com.faf223.expensetrackerfaf.repository.UserRepository; import lombok.RequiredArgsConstructor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import java.util.ArrayList; import java.util.List; +import java.util.Optional; @Service @RequiredArgsConstructor public class IncomeService { private final IncomeRepository incomeRepository; + private final UserRepository userRepository; public void createOrUpdateIncome(Income income) { incomeRepository.save(income); @@ -23,7 +28,13 @@ public class IncomeService { } public List getIncomesByUserId(String userUuid) { - return incomeRepository.findByUserUuid(userUuid); + + Optional user = userRepository.getUserByUserUuid(userUuid); + if (user.isPresent()) { + return incomeRepository.findByUser(user.get()); + } + + return new ArrayList<>(); } public Income getIncomeById(long id) { From 7f6a0c1f92954c4b8531c42cc3c2f001cc10e7e8 Mon Sep 17 00:00:00 2001 From: DmitriiCravcenco Date: Thu, 5 Oct 2023 22:25:05 +0300 Subject: [PATCH 6/6] Fixed JWT Role assignment and method access --- .../expensetrackerfaf/config/SecurityConfiguration.java | 2 +- .../java/com/faf223/expensetrackerfaf/model/Credential.java | 2 +- src/main/java/com/faf223/expensetrackerfaf/model/Role.java | 2 +- .../com/faf223/expensetrackerfaf/security/PersonDetails.java | 4 ++-- .../expensetrackerfaf/service/AuthenticationService.java | 3 +-- 5 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java index 4e5d318..ea7f8b9 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java @@ -24,7 +24,7 @@ public class SecurityConfiguration { .csrf(csrf -> csrf.disable()) .authorizeHttpRequests(auth -> auth .requestMatchers("/api/v1/auth/**").permitAll() - .requestMatchers("/encomes").hasRole("ADMIN") + .requestMatchers("/expenses").hasRole("ADMIN") .anyRequest().authenticated() ) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java b/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java index bc477c0..f993e9f 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Credential.java @@ -29,7 +29,7 @@ this.email = email; this.password = password; - this.role = Role.USER; + this.role = Role.ROLE_USER; } } diff --git a/src/main/java/com/faf223/expensetrackerfaf/model/Role.java b/src/main/java/com/faf223/expensetrackerfaf/model/Role.java index cb47b04..ea04328 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/model/Role.java +++ b/src/main/java/com/faf223/expensetrackerfaf/model/Role.java @@ -2,5 +2,5 @@ package com.faf223.expensetrackerfaf.model; public enum Role { - USER, ADMIN + ROLE_USER, ROLE_ADMIN } diff --git a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java index 97aa9ca..f805e79 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java +++ b/src/main/java/com/faf223/expensetrackerfaf/security/PersonDetails.java @@ -10,7 +10,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import java.util.Collection; -import java.util.List; +import java.util.Collections; @Data @Builder @@ -22,7 +22,7 @@ public class PersonDetails implements UserDetails { @Override public Collection getAuthorities() { - return List.of(new SimpleGrantedAuthority(credential.getRole().name())); + return Collections.singletonList(new SimpleGrantedAuthority(credential.getRole().toString())); } @Override diff --git a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java index 0fdb7fe..96cb4a4 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java +++ b/src/main/java/com/faf223/expensetrackerfaf/service/AuthenticationService.java @@ -31,10 +31,9 @@ public class AuthenticationService { User user = User.builder() .firstName(request.getFirstname()) .lastName(request.getLastname()) - .password(passwordEncoder.encode(request.getPassword())) .username(request.getUsername()) .build(); -// System.out.println(user); + userRepository.save(user); Credential credential = new Credential(user, request.getEmail(), passwordEncoder.encode(request.getPassword())); credentialRepository.save(credential);