Login complete

springHorse/src/main/java/com/example/cezenBTC/config/CezenABSAuthenticationProvider.java

@@ -1,9 +1,7 @@
 package com.example.cezenBTC.config;
 
-import com.example.cezenBTC.DAO.UserOpsDAO;
 import com.example.cezenBTC.DTO.CenteralServerConect.ApiResponse;
 import com.example.cezenBTC.absbridge.model.LoginRequest;
-import com.example.cezenBTC.entity.user.UserEntity;
 import com.example.cezenBTC.service.ABS.ABSServiceForLogIn;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationProvider;
@@ -13,7 +11,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 
 import java.util.ArrayList;
@@ -22,12 +19,6 @@ import java.util.List;
 @Component
 public class CezenABSAuthenticationProvider implements AuthenticationProvider/* */{
 
-    @Autowired
-    private UserOpsDAO userOpsDAO;
-
-    @Autowired
-    private PasswordEncoder passwordEncoder;
-
     @Autowired
     private ABSServiceForLogIn absServiceForLogIn;
 
@@ -61,39 +52,34 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/*
 
 
         //check for employee
-        UserEntity user = null;
+        ApiResponse user = null;
         try {
             //check if employee exists if yes then fetch details
-            user = this.userOpsDAO.getUserByUserStringId(userStringId);
+            user = this.absServiceForLogIn.loginInServiceListener(
+                    new LoginRequest(userStringId, btId, "", pwd, "", ""));
         } catch (Exception e) {
             System.out.println(e.toString());
             return null;
         }
 
-        Object returnData = null;
+        //LoginRequest{opCard='021804111066', btId='0483', usrId='',
-
+        //password='0660000', passwordEnc='', btMake=}
-//        for(int i =0; i < 5; i++){
+        if(user == null) return null;
-//
-//            if(returnData != null && returnData)
-//
-//        }
 
         // this need to change for ABS
-        if (passwordEncoder.matches(pwd, user.getPassword())) {
+        if (user.log() != null) {
+
+            String authName = user.log().cUsrTyp();
 
             //then it is a match a number of springs granted authorities
             List<GrantedAuthority> authorities = new ArrayList<>();
 
-            //loop through the users authorities and add each of them to simple granted authority
+            // add the role to authorities
             try {
-                //check if user is part of permission set for admin signing in
+                System.out.println("The role is "+ authName);
-                boolean isAdmin = false;
+
-                for(var permission : user.getRoles()){
+                authorities.add(new SimpleGrantedAuthority(authName));
-                    if(permission.getRole().equals("ROLE_admin")) isAdmin = true;
-                }
-                if(!isAdmin) throw new BadCredentialsException("no employee permission for given employee");
 
-                user.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole())));
             } catch (Exception e) {
                 //use/**/r doesn't have permissions or roles = null
                 System.out.println(e.toString());
@@ -101,7 +87,7 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/*
             }
             System.out.println("Auth DONE");
 
-            return new UsernamePasswordAuthenticationToken(user.getUserIdNumber()+","+btId, pwd, authorities);
+            return new UsernamePasswordAuthenticationToken(userStringId+","+btId+","+user.log().cUsrNm(), pwd, authorities);
         } else {
             throw new BadCredentialsException("Invalid password!");
         }
@@ -115,120 +101,6 @@ public class CezenABSAuthenticationProvider implements AuthenticationProvider/*
 }
 
 
-//package com.example.cezenBTC.config;
-//
-//import com.example.cezenBTC.DAO.UserOpsDAO;
-//import com.example.cezenBTC.DTO.CenteralServerConect.ApiResponse;
-//import com.example.cezenBTC.absbridge.model.LoginRequest;
-//import com.example.cezenBTC.entity.user.UserEntity;
-//import com.example.cezenBTC.service.ABS.ABSServiceForLogIn;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.security.authentication.AuthenticationProvider;
-//import org.springframework.security.authentication.BadCredentialsException;
-//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-//import org.springframework.security.core.Authentication;
-//import org.springframework.security.core.AuthenticationException;
-//import org.springframework.security.core.GrantedAuthority;
-//import org.springframework.security.core.authority.SimpleGrantedAuthority;
-//import org.springframework.security.crypto.password.PasswordEncoder;
-//import org.springframework.stereotype.Component;
-//
-//import java.util.ArrayList;
-//import java.util.List;
-//
-//@Component
-//public class CezenABSAuthenticationProvider implements AuthenticationProvider/* */{
-//
-//    @Autowired
-//    private UserOpsDAO userOpsDAO;
-//
-//    @Autowired
-//    private PasswordEncoder passwordEncoder;
-//
-//    @Autowired
-//    private ABSServiceForLogIn absServiceForLogIn;
-//
-//    //@Override
-//    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-//
-//        //get credentials from login form
-//        String[] karthickHamu = authentication.getName().split(",");
-//        String userStringId = karthickHamu[0];
-//        String btId = karthickHamu[1];
-//        String pwd = authentication.getCredentials().toString();
-//
-//        System.out.println("user Id " + userStringId + " password " + pwd);
-//
-//
-//        //sanity check
-//        if (userStringId.isEmpty() || pwd.isEmpty()) return null;
-//
-//        // validate if the user input consists of only numbers
-//        // and in the number rage is only 12
-//        try{
-//            if(userStringId.length() != 12){
-//                System.out.println("Number not equal to 12");
-//                return null;
-//            }
-//            Double.parseDouble(userStringId);
-//        }catch (Exception e){
-//            System.out.println(e.toString());
-//            return null;
-//        }
-//
-//
-//        //check for employee
-//        ApiResponse user = null;
-//        try {
-//            //check if employee exists if yes then fetch details
-//            user = this.absServiceForLogIn.loginInServiceListener(
-//                    new LoginRequest(userStringId, btId, "", pwd, "", ""));
-//        } catch (Exception e) {
-//            System.out.println(e.toString());
-//            return null;
-//        }
-//
-//        //LoginRequest{opCard='021804111066', btId='0483', usrId='',
-//        //password='0660000', passwordEnc='', btMake=}
-//        if(user == null) return null;
-//
-//        // this need to change for ABS
-//        if (user.log() == null) {
-//
-//            //then it is a match a number of springs granted authorities
-//            List<GrantedAuthority> authorities = new ArrayList<>();
-//
-//            //loop through the users authorities and add each of them to simple granted authority
-//            try {
-//                //check if user is part of permission set for admin signing in
-//                boolean isAdmin = false;
-//                for(var permission : user.getRoles()){
-//                    if(permission.getRole().equals("ROLE_admin")) isAdmin = true;
-//                }
-//                if(!isAdmin) throw new BadCredentialsException("no employee permission for given employee");
-//
-//                user.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole())));
-//            } catch (Exception e) {
-//                //use/**/r doesn't have permissions or roles = null
-//                System.out.println(e.toString());
-//                return null;
-//            }
-//            System.out.println("Auth DONE");
-//
-//            return new UsernamePasswordAuthenticationToken(user.getUserIdNumber()+","+btId, pwd, authorities);
-//        } else {
-//            throw new BadCredentialsException("Invalid password!");
-//        }
-//    }
-//
-//    @Override
-//    public boolean supports(Class<?> authentication) {
-//        //tells spring that i want to support username password style of auth
-//        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
-//    }
-//}
-//
-
 
 
 

springHorse/src/main/java/com/example/cezenBTC/config/CezenRoutsSecurityChain.java

@@ -11,6 +11,7 @@ import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@@ -115,7 +116,7 @@ public class CezenRoutsSecurityChain {
                                 "/cezen/set_password",
                                 "/cezen/add_extension",
                                 "/abs/*"
-                        ).hasAnyRole("admin")
+                        ).hasAnyRole("OPTR")
                         //any one who is authenticated can access /logout
                         .requestMatchers("/user/getXSRfToken","/user/ping", "/logout").authenticated()
                         //all the rest are open to public
@@ -133,6 +134,7 @@ public class CezenRoutsSecurityChain {
     // to encode the password
     @Bean
     public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
+        return NoOpPasswordEncoder.getInstance();
     }
+
 }

springHorse/src/main/java/com/example/cezenBTC/controller/SignUpController.java

@@ -30,8 +30,8 @@ public class SignUpController {
     }
 
     // and a login route
-    @GetMapping("/login")
+    @GetMapping("/login/old")
-    public UserDataDTO login(){
+    public UserDataDTO loginOld(){
 
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 
@@ -48,4 +48,19 @@ public class SignUpController {
 
 
     // forgot password
+
+    @GetMapping("/login")
+    public UserDataDTO login(){
+
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        // this is to venerate karthik garu and hamu
+        String[] garuHamu =  authentication.getName().split(",");
+
+        String op = "User Id is -" + garuHamu[0] + "- the betting terminal id is -" + garuHamu[1] + "- The name is -"+ garuHamu[2]+"-";
+
+        System.out.println(op);
+
+        return new UserDataDTO(garuHamu[0], garuHamu[2], garuHamu[1]);
+    }
 }

springHorse/src/main/java/com/example/cezenBTC/security/JWTTokenValidatorFilter.java

@@ -64,7 +64,7 @@ public class JWTTokenValidatorFilter extends OncePerRequestFilter {
                 //if successful the result will be stored in SecurityContextHolder
                 Authentication auth = new UsernamePasswordAuthenticationToken(username, null,
                         //this comes in a string of comas and values
-                        AuthorityUtils.commaSeparatedStringToAuthorityList(authorities));
+                        AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_" + authorities));
                 SecurityContextHolder.getContext().setAuthentication(auth);
             } catch (Exception e) {
                 throw new BadCredentialsException("Invalid Token received!");