From fcec6779428aa5d32a1895800d216c843fa20e7a Mon Sep 17 00:00:00 2001 From: MathewFrancis Date: Wed, 27 Aug 2025 13:41:49 +0530 Subject: [PATCH] Login complete --- .../CezenABSAuthenticationProvider.java | 156 ++---------------- .../config/CezenRoutsSecurityChain.java | 6 +- .../cezenBTC/controller/SignUpController.java | 19 ++- .../security/JWTTokenValidatorFilter.java | 2 +- 4 files changed, 36 insertions(+), 147 deletions(-) diff --git a/springHorse/src/main/java/com/example/cezenBTC/config/CezenABSAuthenticationProvider.java b/springHorse/src/main/java/com/example/cezenBTC/config/CezenABSAuthenticationProvider.java index 4eaf84a..cf04519 100644 --- a/springHorse/src/main/java/com/example/cezenBTC/config/CezenABSAuthenticationProvider.java +++ b/springHorse/src/main/java/com/example/cezenBTC/config/CezenABSAuthenticationProvider.java @@ -1,9 +1,7 @@ package com.example.cezenBTC.config; -import com.example.cezenBTC.DAO.UserOpsDAO; import com.example.cezenBTC.DTO.CenteralServerConect.ApiResponse; import com.example.cezenBTC.absbridge.model.LoginRequest; -import com.example.cezenBTC.entity.user.UserEntity; import com.example.cezenBTC.service.ABS.ABSServiceForLogIn; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationProvider; @@ -13,7 +11,6 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Component; import java.util.ArrayList; @@ -22,12 +19,6 @@ import java.util.List; @Component public class CezenABSAuthenticationProvider implements AuthenticationProvider/* */{ - @Autowired - private UserOpsDAO userOpsDAO; - - @Autowired - private PasswordEncoder passwordEncoder; - @Autowired private ABSServiceForLogIn absServiceForLogIn; @@ -61,39 +52,34 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/* //check for employee - UserEntity user = null; + ApiResponse user = null; try { //check if employee exists if yes then fetch details - user = this.userOpsDAO.getUserByUserStringId(userStringId); + user = this.absServiceForLogIn.loginInServiceListener( + new LoginRequest(userStringId, btId, "", pwd, "", "")); } catch (Exception e) { System.out.println(e.toString()); return null; } - Object returnData = null; - -// for(int i =0; i < 5; i++){ -// -// if(returnData != null && returnData) -// -// } + //LoginRequest{opCard='021804111066', btId='0483', usrId='', + //password='0660000', passwordEnc='', btMake=} + if(user == null) return null; // this need to change for ABS - if (passwordEncoder.matches(pwd, user.getPassword())) { + if (user.log() != null) { + + String authName = user.log().cUsrTyp(); //then it is a match a number of springs granted authorities List authorities = new ArrayList<>(); - //loop through the users authorities and add each of them to simple granted authority + // add the role to authorities try { - //check if user is part of permission set for admin signing in - boolean isAdmin = false; - for(var permission : user.getRoles()){ - if(permission.getRole().equals("ROLE_admin")) isAdmin = true; - } - if(!isAdmin) throw new BadCredentialsException("no employee permission for given employee"); + System.out.println("The role is "+ authName); + + authorities.add(new SimpleGrantedAuthority(authName)); - user.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole()))); } catch (Exception e) { //use/**/r doesn't have permissions or roles = null System.out.println(e.toString()); @@ -101,7 +87,7 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/* } System.out.println("Auth DONE"); - return new UsernamePasswordAuthenticationToken(user.getUserIdNumber()+","+btId, pwd, authorities); + return new UsernamePasswordAuthenticationToken(userStringId+","+btId+","+user.log().cUsrNm(), pwd, authorities); } else { throw new BadCredentialsException("Invalid password!"); } @@ -115,120 +101,6 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/* } -//package com.example.cezenBTC.config; -// -//import com.example.cezenBTC.DAO.UserOpsDAO; -//import com.example.cezenBTC.DTO.CenteralServerConect.ApiResponse; -//import com.example.cezenBTC.absbridge.model.LoginRequest; -//import com.example.cezenBTC.entity.user.UserEntity; -//import com.example.cezenBTC.service.ABS.ABSServiceForLogIn; -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.security.authentication.AuthenticationProvider; -//import org.springframework.security.authentication.BadCredentialsException; -//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -//import org.springframework.security.core.Authentication; -//import org.springframework.security.core.AuthenticationException; -//import org.springframework.security.core.GrantedAuthority; -//import org.springframework.security.core.authority.SimpleGrantedAuthority; -//import org.springframework.security.crypto.password.PasswordEncoder; -//import org.springframework.stereotype.Component; -// -//import java.util.ArrayList; -//import java.util.List; -// -//@Component -//public class CezenABSAuthenticationProvider implements AuthenticationProvider/* */{ -// -// @Autowired -// private UserOpsDAO userOpsDAO; -// -// @Autowired -// private PasswordEncoder passwordEncoder; -// -// @Autowired -// private ABSServiceForLogIn absServiceForLogIn; -// -// //@Override -// public Authentication authenticate(Authentication authentication) throws AuthenticationException { -// -// //get credentials from login form -// String[] karthickHamu = authentication.getName().split(","); -// String userStringId = karthickHamu[0]; -// String btId = karthickHamu[1]; -// String pwd = authentication.getCredentials().toString(); -// -// System.out.println("user Id " + userStringId + " password " + pwd); -// -// -// //sanity check -// if (userStringId.isEmpty() || pwd.isEmpty()) return null; -// -// // validate if the user input consists of only numbers -// // and in the number rage is only 12 -// try{ -// if(userStringId.length() != 12){ -// System.out.println("Number not equal to 12"); -// return null; -// } -// Double.parseDouble(userStringId); -// }catch (Exception e){ -// System.out.println(e.toString()); -// return null; -// } -// -// -// //check for employee -// ApiResponse user = null; -// try { -// //check if employee exists if yes then fetch details -// user = this.absServiceForLogIn.loginInServiceListener( -// new LoginRequest(userStringId, btId, "", pwd, "", "")); -// } catch (Exception e) { -// System.out.println(e.toString()); -// return null; -// } -// -// //LoginRequest{opCard='021804111066', btId='0483', usrId='', -// //password='0660000', passwordEnc='', btMake=} -// if(user == null) return null; -// -// // this need to change for ABS -// if (user.log() == null) { -// -// //then it is a match a number of springs granted authorities -// List authorities = new ArrayList<>(); -// -// //loop through the users authorities and add each of them to simple granted authority -// try { -// //check if user is part of permission set for admin signing in -// boolean isAdmin = false; -// for(var permission : user.getRoles()){ -// if(permission.getRole().equals("ROLE_admin")) isAdmin = true; -// } -// if(!isAdmin) throw new BadCredentialsException("no employee permission for given employee"); -// -// user.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole()))); -// } catch (Exception e) { -// //use/**/r doesn't have permissions or roles = null -// System.out.println(e.toString()); -// return null; -// } -// System.out.println("Auth DONE"); -// -// return new UsernamePasswordAuthenticationToken(user.getUserIdNumber()+","+btId, pwd, authorities); -// } else { -// throw new BadCredentialsException("Invalid password!"); -// } -// } -// -// @Override -// public boolean supports(Class authentication) { -// //tells spring that i want to support username password style of auth -// return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); -// } -//} -// - diff --git a/springHorse/src/main/java/com/example/cezenBTC/config/CezenRoutsSecurityChain.java b/springHorse/src/main/java/com/example/cezenBTC/config/CezenRoutsSecurityChain.java index 509f92b..98c796b 100755 --- a/springHorse/src/main/java/com/example/cezenBTC/config/CezenRoutsSecurityChain.java +++ b/springHorse/src/main/java/com/example/cezenBTC/config/CezenRoutsSecurityChain.java @@ -11,6 +11,7 @@ import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; @@ -115,7 +116,7 @@ public class CezenRoutsSecurityChain { "/cezen/set_password", "/cezen/add_extension", "/abs/*" - ).hasAnyRole("admin") + ).hasAnyRole("OPTR") //any one who is authenticated can access /logout .requestMatchers("/user/getXSRfToken","/user/ping", "/logout").authenticated() //all the rest are open to public @@ -133,6 +134,7 @@ public class CezenRoutsSecurityChain { // to encode the password @Bean public PasswordEncoder passwordEncoder() { - return new BCryptPasswordEncoder(); + return NoOpPasswordEncoder.getInstance(); } + } diff --git a/springHorse/src/main/java/com/example/cezenBTC/controller/SignUpController.java b/springHorse/src/main/java/com/example/cezenBTC/controller/SignUpController.java index ee59638..baee3dc 100755 --- a/springHorse/src/main/java/com/example/cezenBTC/controller/SignUpController.java +++ b/springHorse/src/main/java/com/example/cezenBTC/controller/SignUpController.java @@ -30,8 +30,8 @@ public class SignUpController { } // and a login route - @GetMapping("/login") - public UserDataDTO login(){ + @GetMapping("/login/old") + public UserDataDTO loginOld(){ Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); @@ -48,4 +48,19 @@ public class SignUpController { // forgot password + + @GetMapping("/login") + public UserDataDTO login(){ + + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + // this is to venerate karthik garu and hamu + String[] garuHamu = authentication.getName().split(","); + + String op = "User Id is -" + garuHamu[0] + "- the betting terminal id is -" + garuHamu[1] + "- The name is -"+ garuHamu[2]+"-"; + + System.out.println(op); + + return new UserDataDTO(garuHamu[0], garuHamu[2], garuHamu[1]); + } } diff --git a/springHorse/src/main/java/com/example/cezenBTC/security/JWTTokenValidatorFilter.java b/springHorse/src/main/java/com/example/cezenBTC/security/JWTTokenValidatorFilter.java index 186fcd7..a7a0184 100755 --- a/springHorse/src/main/java/com/example/cezenBTC/security/JWTTokenValidatorFilter.java +++ b/springHorse/src/main/java/com/example/cezenBTC/security/JWTTokenValidatorFilter.java @@ -64,7 +64,7 @@ public class JWTTokenValidatorFilter extends OncePerRequestFilter { //if successful the result will be stored in SecurityContextHolder Authentication auth = new UsernamePasswordAuthenticationToken(username, null, //this comes in a string of comas and values - AuthorityUtils.commaSeparatedStringToAuthorityList(authorities)); + AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_" + authorities)); SecurityContextHolder.getContext().setAuthentication(auth); } catch (Exception e) { throw new BadCredentialsException("Invalid Token received!");