byte/expensetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add JWT authentication

Browse Source
This commit is contained in:
DmitriiCravcenco
2023-10-03 12:20:14 +03:00
parent f8b0c58034
commit 5e0000d532
12 changed files with 109 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/java/com/faf223/expensetrackerfaf/config/ApplicationConfig.java
View File

@@ -1,5 +1,6 @@
package com.faf223.expensetrackerfaf.config;
import com.faf223.expensetrackerfaf.repository.CredentialRepository;
import com.faf223.expensetrackerfaf.repository.UserRepository;
import com.faf223.expensetrackerfaf.security.PersonDetails;
import org.springframework.beans.factory.annotation.Autowired;
@@ -17,17 +18,18 @@ import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class ApplicationConfig {
private final UserRepository repository;
private final UserRepository userRepository;
private final CredentialRepository credentialRepository;
@Autowired
public ApplicationConfig(UserRepository repository) {
this.repository = repository;
public ApplicationConfig(UserRepository userRepository, CredentialRepository credentialRepository) {
this.userRepository = userRepository;
this.credentialRepository = credentialRepository;
}
@Bean
public UserDetailsService userDetailsService() {
return username -> new PersonDetails(repository.findByEmail(username)
.orElseThrow(() -> new UsernameNotFoundException("User not found")));
return username -> new PersonDetails(credentialRepository.findByEmail(username).orElseThrow((() -> new UsernameNotFoundException("User not found"))));
}
@Bean

16
src/main/java/com/faf223/expensetrackerfaf/config/JwtAuthenticationFilter.java
View File

@@ -20,7 +20,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
private final JwtService jwtService;
private final UserDetailsService userDetailsService;
private final TokenRepository tokenRepository;
public JwtAuthenticationFilter(JwtService jwtService, UserDetailsService userDetailsService) {
this.jwtService = jwtService;
@@ -48,18 +47,11 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
userEmail = jwtService.extractUsername(jwt);
if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) {
UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail);
var isTokenValid = tokenRepository.findByToken(jwt)
.map(t -> !t.isExpired() && !t.isRevoked())
.orElse(false);
if (jwtService.isTokenValid(jwt, userDetails) && isTokenValid) {
if (jwtService.isTokenValid(jwt, userDetails)) {
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
userDetails,
null,
userDetails.getAuthorities()
);
authToken.setDetails(
new WebAuthenticationDetailsSource().buildDetails(request)
);
userDetails, null, userDetails.getAuthorities());
authToken.setDetails(new WebAuthenticationDetailsSource()
.buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authToken);
}
}

12
src/main/java/com/faf223/expensetrackerfaf/config/JwtService.java
View File

@@ -45,17 +45,7 @@ public class JwtService {
return buildToken(extraClaims, userDetails, jwtExpiration);
}
public String generateRefreshToken(
UserDetails userDetails
) {
return buildToken(new HashMap<>(), userDetails, refreshExpiration);
}
private String buildToken(
Map<String, Object> extraClaims,
UserDetails userDetails,
long expiration
) {
private String buildToken(Map<String, Object> extraClaims, UserDetails userDetails, long expiration) {
return Jwts
.builder()
.setClaims(extraClaims)

2
src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java
View File

@@ -28,7 +28,7 @@ public class SecurityConfiguration {
http
.csrf(csrf -> csrf.disable())
.authorizeHttpRequests(auth -> auth
.requestMatchers("").permitAll()
.requestMatchers("/api/v1/auth/**").permitAll()
.anyRequest().authenticated()
)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))