From b328bc30a8cc4b10a93f692c542de1fc2e5a370a Mon Sep 17 00:00:00 2001 From: MathewFrancis Date: Thu, 15 May 2025 11:54:32 +0530 Subject: [PATCH] JWT on login --- .../test1/mariadb_data/aria_log.00000001 | Bin 4898816 -> 4898816 bytes .../test1/mariadb_data/aria_log_control | Bin 52 -> 52 bytes .../test1/mariadb_data/asterisk_db/roles.ibd | Bin 81920 -> 81920 bytes .../test1/mariadb_data/asterisk_db/user.ibd | Bin 98304 -> 98304 bytes .../mariadb_data/asterisk_db/user_roles.ibd | Bin 81920 -> 81920 bytes .../test1/mariadb_data/ib_buffer_pool | 9 +- MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 | Bin 100663296 -> 100663296 bytes MySQL_conf_pbx/test1/mariadb_data/ibdata1 | Bin 12582912 -> 12582912 bytes MySQL_conf_pbx/test1/mariadb_data/undo001 | Bin 10485760 -> 10485760 bytes MySQL_conf_pbx/test1/mariadb_data/undo002 | Bin 10485760 -> 10485760 bytes .../com/example/cezenPBX/DAO/UserOpsDAO.java | 4 +- .../example/cezenPBX/DAO/UserOpsDAOImpl.java | 31 ++- .../DTO/user/AdminSetPasswordDTO.java | 2 +- .../config/CezenLoginSecurityChain.java | 6 +- .../CustomAuthenticationProviderForCezen.java | 227 +++++++----------- .../cezenPBX/controller/SignUpController.java | 9 +- .../security/JWTTokenGeneratorFilter.java | 3 +- .../security/JWTTokenValidatorFilter.java | 2 +- .../cezenPBX/service/PbxUserService.java | 5 +- 19 files changed, 125 insertions(+), 173 deletions(-) diff --git a/MySQL_conf_pbx/test1/mariadb_data/aria_log.00000001 b/MySQL_conf_pbx/test1/mariadb_data/aria_log.00000001 index 11fe1d34fd59eededc835d9c3d37191ec38a43b4..03dc234c3ab848bcbb3b1a48ddd8f34eb2099e1d 100644 GIT binary patch delta 221 zcmYkxxiSL*0D$3$E1O6Jaf^-nzHdU}W>wxq;Q_Yz-XO)cnY1c1YTm-@FlhWUfAz)j zOFI5po3wTvI(6xm5y;Bvkyp^Gs87EEC4+_x8!>9kxCv#GLKRb{&6qW3-hxF-maSN| zX5EHOTej`kwP)XfLr0FCs5*6~rtaK@OINPlxOM0LEec!7M>7fvVJk|dQeS^%lE=?n aDS2;3*}}trDE>m@sS-4@)%^U5KReID7EfjNiV@*od991k;&0QS=*&{#y_e zm#`>l$+DCctJb7tWCe28@o>1SbH}5`t`Z6$_ewW9izn?-d31_7_{;@gs diff --git a/MySQL_conf_pbx/test1/mariadb_data/aria_log_control b/MySQL_conf_pbx/test1/mariadb_data/aria_log_control index d4b3e7492d2141f2e5a4277d435db9871a0955dd..0c8bf2c685b176b6c86515cd4bc8b1902254723c 100644 GIT binary patch delta 27 fcmXppnII?DajC$Gk%7T`krxAyVh~^j5)2FgS@#5o delta 27 gcmXppnIINH8z}0BPg~DgXcg diff --git a/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/roles.ibd b/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/roles.ibd index 8e7d863884df7303381b01802f118fb2727f738d..b92c3ff6d98fe1c3fdfdc1bf983d7725a69a7955 100644 GIT binary patch delta 243 zcmZo@U~On%-5_>AOF`dtKLY~rF)%UAY+wcp)G@FEX-23d*JOtSO6Jm;d1;xsrMW<5 z+zbrGr3FQ)KpqzZgTVh!4GauG1_(5ONroVQAJ_QAl-$g`jR!64CtgtDE?`JzU{}y@ u7Fx7)3Zs~o{6`GSd$3u~d~B)%qmmXr%Mo?~E$4#RX9%%R{-enj`N;r>9X7`R delta 181 zcmZo@U~On%-5_>Ai`mw7KLY~rF)%SyG%!I0SP>EooRb|6D2efA=A~ukmgX`rGH^36 z6qgnhr2=^y4_eqyyx_`Rz>v(q&TM<-lm`10Mlm^NLwsgWJSaNVlTnf=BMmb{b{+u$ DmhUIx diff --git a/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/user.ibd b/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/user.ibd index 95d8e61100ccca4b0a722b4f3f86c8a02447780b..6822d213d4f7aac5b5d4042990296461158c7dab 100644 GIT binary patch delta 451 zcmZo@U~6b#+aPv8OUd1JKLY{?GcYlHY+wcpG%&CNX-23d&t!)KO7*gtd1;xsrMW<5 z+zbrGr3FQ)Kpvk99|MEH{|^le3_K9!Ko$u2CYEHRmMgdwCFUh(7FQ=F7gZLN)T$UI zsu&umczG7(276dk`DbQ(M3k9_7*#p?7nW8;_y@UVyJdR1`-Pfk1m~t!_ys1Vm#3G6 zCs&3FIARuWA_rsL!VIH-vIR9#)B626EEmO>{QJ8k|?J&%>iWTL}D$S?m);^R4-!M KI#DGlrW^nZnQ^lK delta 266 zcmZo@U~6b#+aPv8i@Vr$KLY{?GcYk!G%!I0SP>Eo+>;#+D2efA=A~ukmgX`rGH^36 z6qgnhr2=^y4_eqyyx_`Rz>v(q&RzVAYrex2Mlm@q7JOz;JSaNVlTnfwBe_@t?x%=M Ya{!vjok_sV>7EY68Ooh`IImL>0GgOPFaQ7m diff --git a/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/user_roles.ibd b/MySQL_conf_pbx/test1/mariadb_data/asterisk_db/user_roles.ibd index 8d181c2379e094d8dd76a3feb7a0e7a76e02c2d9..50b6857561451d2e1c70aa2e2bdaa6c5e1cb74b1 100644 GIT binary patch delta 217 zcmZo@U~On%-5`2EnO!N$bw2|F2r)1*Oln{T3)C{O0%^v{76-Jnq%!l;GIL9FfzsRz z48^4dMX4YjgTVjK4GauCK+FZ!!_cttpoRU!3x?bU49N^Y((^b delta 174 zcmZo@U~On%-5`2Ep6!3V>wX3V5Mp3rsAyn<3b0N*C_35mfTS32W?oumZfPz9BLg=B yLvd+AQ7VwP@t}qM#0#$61q{gyK!a>nmWWSb6a|`@Ou)>ko{YqqncQQgBntqmW-N>V diff --git a/MySQL_conf_pbx/test1/mariadb_data/ib_buffer_pool b/MySQL_conf_pbx/test1/mariadb_data/ib_buffer_pool index 7603c98..919030e 100644 --- a/MySQL_conf_pbx/test1/mariadb_data/ib_buffer_pool +++ b/MySQL_conf_pbx/test1/mariadb_data/ib_buffer_pool @@ -9,11 +9,6 @@ 18,2 18,1 18,0 -16,4 -16,3 -16,2 -16,1 -16,0 14,4 14,3 14,2 @@ -166,20 +161,18 @@ 3,10 2,10 1,10 +3,49 3,9 2,9 1,9 3,8 2,8 1,8 -3,49 3,7 2,7 1,7 3,6 -2,46 2,6 -1,50 1,6 3,5 2,5 diff --git a/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 b/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 index e129207b17d0b40d907199e4ca438e8619a458d0..db57855fd7d890e80436b59ba5ee8ed958d767cd 100644 GIT binary patch delta 20991 zcmb{41z1+e`#11so;VX+C`l<&8Rd$rRLP0jvu67({`tuJ*BCizSZJL}FMXM2@CrYsUG`zQ(k4Kg zpwwGrD52GzQ`(=9m7Q}X7Z=~+x?ys*mF}F0Mx*g& zR&0vz{r0}a^>xo>)R5V&;jcdUGD%sg(>avYoo7GInGxkwT+i6gEy}w&71uGQuW+WX zGI}<%XXh2`jaqxl%%k?EzFN)T`F>jMk`MEgSuJ&*N^F#&p|YWhRI=@bOcQ2xKvPbW z?xnNP*ilmY?^d$aC@7%69)=`NURG#YoB$?$oVclp}r>t4tRkeTz|h=aa1 z2L6|$Gc0fTYNeD4TkR@kR?%H#?iSNLoor}cSIsB2bFwioc4)J;vy+XEWmGa_4K~(_ zQtF&%j>?>?hVqs-uldWqI?dozKOH^ibCsnd4X#Sh$5L>x)Ra(+f}yZ+-A{hTJ8Px- z&RW6WSxLLJ^v=4h?0qaX)X#XEc}QXQ`YQFtILX-#!4iBsJFlH^J&qJQZasMn1N6deWo(O;Z2 zTPwH>(PbDhw)Kp@pWK-#qn}89^xJcWCo8Qd=&LBx-6Y9TG)ZL@${$=Q_eE}|5HZSkQ|kLmPV$o-3OQ28feg^3>KYz@uR;q({J?^`F&qb z8cO-SmHja~du7lV$x0biLo!jO{VKV6^bAeBgvT$Cv#W?_LYv4|M3tN>_rz!n1xKSz zRF-y^DjG3~PoKu%<`VVBdk@kdLYT#^2(oQS~{D>S&zO3$)J4sxL`w0x-fFBg3< zUb;&q8vbYA>r3Jr(46Ky<#W=C|nZRmaNKHhi?#_8L)90|34=*Li{V+4rf-}?Ss54V2frT-jkeEije@~-8 zk^w0dJur<>J`F>pno+M#gGCv2-X^zKe*L4s9Bh;oX7r}S3)ASkp7jaQBO=)_x6>xn ziLyn`b`>v(;RZ8QcYY&x#jwo_4%=`8!* zZ@h_CZua++yVIK}ES}y(r$$J@9u+?c{%7$J=%?&uCOq?M}1RU%bTkKh2n@CiM!&=cN%Pz5Cqy zC?2&fKdI47c6Y}8Ksg*qtqUeKnyGk&O4W2&oMzRMJX{t%nBt3scSXWaYF9iVd-%;R zOKySBNg~f?sf2{lhs7#Ts^k%#IuQ?^YcFRzi^&?tu!sfM{*c=uuT8WCUpn&}4L}6#?owaYOWLl|Z z>FuHPOi$XzJJVKBdpG1Q8dhO!5Di4}`mA-pINEunygGb<9yHq)%bRGmf|)n>U&DtW zmV7=0?F!7knzg#36*+`rmAzTDgC2uu5VKqH?sTQq{_|I^oDEN0F^JJV26YgnlzJu{qi!+j?HYfm3fsfOG@w>|*@g|;F zZ?1O76SMBK-Y=lFCTyZX#>{P$C1#SRN0o_R zk~*NJK}nx3=?%_70h%gG+&hDl5)v;-&Z~RfTSFsAu@PN8R{IufNcUa$-^s~_)X97V zrb@^Lx+=CRDOo75K1dBbB7_(MO4J*&Sr<|gp%pcB&Vz{q%t>4;QyeH=dyT;OJ=uK(;Nt)%k@>BF{JYt!g zmt302p1%K@B$A6|l_!@bB6(mDZv@I+pWXwG1Jx z=*igoSqkyo`6=fsJv^;={!oneFw2=AgXCmWJP%@Jk#jeKW{auvP zI}A?6uCc=j8?X54BxOmMBum#>jedr=O4v)OgtE+0DxP}PP@=evE?F;WGBn8tG?Iq7 zMqSY=gTkfCN@qKxSeu~Yx@1HCZ_nPH|GSd(O`5Mf_o0&Oy5iAWve%os#=0vNPHW5S zGiQvwuGTjCAuFygoLir2o$Jc1s|I^huRn*bL?xj3=@hv#tt9oj==5qSP|B#NQs9PK zlGWi$vna{TMM<{latHg|V(f+`Ett5HPMwo;8O7KQ6k}_^!SO`KA8FYs!vtI$s(H%1RgAZ8m7#mBv3Rzs%W| zzjj0@tchgLZu1herhaF8l$ZZrX@2z)3Htd$Y>4G7*O1pbTsrp1JucJ?!(x#hK%HhuG z3SnwNCfbOCEW;^^yks^LTZr!li?o4oHSWA`*J_>2764sJR5PTdflr!>h+Br<_fcNHP(ejRK=Mvj7&t=q?mpjOXa>waR_mr#1byu`Jt9GU4I+l7T zUT%TUK@r7H$j2`?=%KvW;cbl@vCdsQtmL+sp(u8ER^vt}cAV82qS|qYbnlB>Aafgu zmbe))*Itw18O0_(Tzx{h)mn0jxW^`svNe*mbWI^j9Sc1zoF=UH^FaXxOC8)&BT8cFNW2PPvNT?b`GXcf0QMTIYVLZV`F4&V3tvN@)>| z$jUk;*FhO4Zgt&1%YUQRI?Acnl3tzO?edbXe6&mdM>k#vPx<*0X+@IvO*HcqXohRvhrb<#H8 zg%)MSq_GBkkm8J!KdHBPZZDVO+}^tF(9-XCNh2OSlLaq-*`MbVi!jfpB(0FV)!F4{ zD(2$NY-e@4L%C+R;>~qBwLf*)>Hg{58#R}D6N@SdQNAQ*O>BWjspX4kHi~`L)bGx- zinW?&)s4z4Uo3Ky`#8;8ba4r?ZW7I(tNp22uP=V^TyCFx6Dz-dvHg(R6pvEt7v4ysvD7w=nD55W1Qz$LtT2Z~1YuX<*SA(q zkqqinf-1(bNm^trdP?RG7wxe#&abY|Xc5ICPNbon;&+b<pjsF+xz@w8f2|uysb55&Ak(ppI0qi zhTn92MvvvC3vX;RmBn7VGC<@NizCl#G_^qKqOOoAUF@%#w4vl_?Rk4+2em^rd7u8r zTHvmuqOOp+xkc#`cd`2eJX9@RMB5$g^U#BOc|?I*Lp-(d4z+YK;~N0qkk$Idp`3Qh z&q#lmcTudC+NUO?Q54%7)S!&}R;>U}o;13g)3&o#-`Rm2S%P5J|0I9`dTD?W#tW%D&=MB0S{R(jHab z?#8wBLiJjDLH@OLsbWQ4OF!Zj3}10Y1!Ey97}IpahujM0Q3+ZGaWly3a)Jjcm`A8! z+V#|T_0<-`2cbND5FRuCiX%T2QN!$8O#^(a&cbqs$(fH>nb)W*^J=~_x7O)OB%!iWEoyTq1sC>~>7kNc8I8`Ok%VGOqkEdl7v>_b>W6o2+0rw{E5<)|&_IuNty*<; zj|%S;*}%I-hfcBmy_z&^8PPjBCcJluclAWSxQ?-%0%F_tsXO?)tNKw}`W~xjqbp{o zi)J;yh9B@{-c_yG>rQTc=%)ZJv&-l<3)k%P)ob>7`R7K;#sN~vq-VLaNw2Ic@?^|H zBWv`@R3hj^x$v(Ov5}E=O6AsJ&*)f5-J))-B)Mg z#kSK!m6c&qIqT=_nQi)FJl|{S`Cgv2MhUx0H#1(Sg+$Xs#dej+Dc_?IX@n)$wKc3dGEPrH|U*JAAA2c z9o_hRcXXrd&XCN-)ab~jboRU2bYw%>#BRs46*#g%GSn!}@{4-gDcPKgJX!9MO{NphOkMgpWd;mb&Q70ix$!24YuUS+ja;M6Jt~3l@wTLF`*vzftM$>5x4MS|qd>92zYjEWorIapb z6i`VUn*0ymvXgo9+~biqR>v-z8knl!(BsT3HEx%2Wxw3^9=$G2}or!|yRlrKDK z?r9D3p?q<6dFzsde0N1l9Kg)kra?ZoaoI;^3OND=jmd~a)UdMvMBcw;)O`Pyf| zS~{$uw4#3DY58Fd>X#_>w8klX$Piro%xxrEiqo1*4@$c|wvLZ4GgXpbNwV`x_96Yv z{vX})vSe+(97^F=2s4AETDUqGq|~b@mBYQrmwYErxA1wOl<%omclVb{%WQ+a<+26u zhF~*aq;BR5^EdM()1o%>oZKBJ@5Y!F+kCBA8SI}{g>H=Do}NaRlScmN##qBPeTGN- z`-Me&2E+x&)sKkl(AGV%b$mp>sNm{-k~;Km8sagucjLCf0nNPp+6C43_YUss-PHfP zE!64kfW7LCv7CS17_(ybDR%~_H^y>)cw@|pP5v4-ykKo;rB9|RumyX)@Z^Sq#i14c znWmFBD_dsz+$Bpb4s!|>hgPiYk;lJd<4#jI?)mu}cPaI0{r(FduXw>|TISC6yn^vn zc}j(X(QblY3AqkRVNo!?y2^i3s9=mz)PgZ$R0&75U=+d`c=-5l3R8#R_JU=CY9AlM#ESNLZ*?jLI(-;(NCLs_hOgi-RIVZ`5hOd;^0D}bpUleyA^MqTN|of=ltT9 zquyRCTpTJ(&d@d~9zTkWt8;uFPbaoXp63oYDI3J zdpD1sKz^#FWSz}RN7bO|@g^nt4I;7g@pMI1gIIF&szJHuq_Vg#lw!kE>qRw4OY9f6 zN*n%O>3L3C?!$_4EID+QN^hl zs+RsGoM#Bbjjh~Ls*Hj%PC0f_G8glr@~zZ^j%!6iu}koT-<5As>dBL{Rkh8yib`wG zv*wm>YStQMOFWkoX<9|pZ%U=hc`usr4mPe?@IHA2o=dSw@SH`|Z8TpxcXGNO{`fue z9_D#->$c2>^n6ZuG?R;T~_uKEQHKU3q#d&MF z67&jvV5>3)zQF3eKwZ7l@>cIq_ED{BT%)}&H_NMPKH7_gI_1c{A%%`dJ}On7NVYnc zq$ld>h&hVZ<@yn@f&F;pZ3muPqR4kw3B!l|PD^ui+ z3;m|iTQOy@Xon9TosMMsQKy;qK4$9ih%Nsm9gmF8a?L4pJo52|5*Caz7v8Iz+5nF4Nqe?EL?DL?SYrV_CPa1@q~Mg`Q96Uq>YWHH88N$NG}{Trq`E zo*?&#M4f`y=-L^Nv01y z&EZoLZvWRIiD)vFeQoV|uFxR~A4c9G3B5mYNaCE(`&d=HKPQWp;*cb>IwjlI>2~yg zos#e-bV}0Kaqq-JrzAXC-YE$sQ_GBUO_Ek3*|&w6$LS;zMuvsZKj>vQgM zpI1&;v%?l=V^L06r+4G$?14CEx28|9M)!FMN&67LBPY(+eVQcrH5wWg@7}v>*wFOe~T7_{F{4s^7C?U(x}70p&=1{-Tf1XG-=%~TCF0I^1m5AYW0O9 zY8mnQUuA?f+k7g`Q7t1r|FDd(W)07bT`Oy;;uA+q*7{@|F)cgfzNBCkVU2&KSzt0A z^oI|9oi4c3!7geU@wreLVa=wwhPh$CT%zumi}Ux(QszZfXJ6DZ!t>O#hwJjnh%YiF z!4^2+TCX*7U3{%Zlo4NUiC-10Ba*(Tb%gWGk#Bmab%bc2S4WHuVwNFSyo&gOooAsh z*ok&4*~E3noaFwCHN68}CDl?+DS^Q)Vs7oo4t_ zrqFll+zWlDPPCZKmVb%5$FqteLu6HMzr_hufqXcD>VI)>1ZAAvinrGpDC2BfjhfNi z!Ku%`zd+|%=nHhBSrU8T*ZvewD~b(~R+m)p2#RO-ajd&1IS^?#iS{{2JBp{RmE%x? zmg2(Spz|#B4LaURAH#N;W&b93!&59aJdsr&^RFYQq%Q@F4yVSyZF@%}NU;%pox}(p zYchT4sg6&5L*Iq_;Wy~K3Vnl)w>JbZlRg#O$;oCIjM%QkU<~xVLHY`vIC7$=KrKv8 z&AW)(U-O5H4sZvDj+`=sX#k^J{N+mn5MP?}DD~H{`queM647HA-QwFAnw;c}1Nf@*1TS zJZGZx_==okK-p#Clsv6H@4&bsB~L5PlSjqe>s<6VIuq`iSz=E6GXv z#yVQ+U#i7QKv0o|%A_s%h03s$3lT*XDy^?beis}?KC;}*IQq-adq^M0%hoUY;J&O7i4JaB?G@@us5k%31qA5i)islr- z6fG!PQnaFIO%X!ThN3M+JBs!c9Vj|dbfV}?(S@QbMK_A>6g?<Q%s?lN->RMI>ii%nG~}qW>ch4%%PY| zkxHRZ%%hl3kw&qAVj;yMip3O5DAFmGQY@obPO*YwCB-U=)f8(e)>5paSWmHmVk5;S zip>;TD1N2Lpva`yO0kXNH;U~PJ1DX!vMF{_?4sCBv4>(W#XgGt6u(m(p!kF0Pl~@N z4pJPVI81Sb;wZ&2isKX~C{9wGqBu=)hT<&6Ig0ZX7bq@LT%x#4afRY4#WjlS6gMbt zQrx1rO>u|fF2y~H`xFl-9#TA_cuetx;wi=76#q~>qj*m7g5o7b4#g{q*A#Ck-cr1y zcu(Z;iq8~ZD85pBo5Gyg3<{tHI-myzAORy_42l60U<%BDIj{hhzzSG{;=l%! z03|^wP#Tm0WkESm9@qjqU=JLC3@QLe-~`k$yWppapb~Hel|dCy6;uOmz#Vu1Pv8Z- zfe-Kne!w482Q@$ds0nI;Ku{ah0d+w=P#-h^4M8K&7zBYPpebkunuB1_0<;9JKx+^J z+JLs89cT|afR3OO=nT4muAm#}4tju|pce=QVIUmz1`!|<^Z`+zFNg;HKz|Se27rMe z77PM$ARZ)uL@*c(0YkwsFdU2kBf%)}6Zjb+#U=o-Nrhutn z8ki1dfSF(xm<>|E955H80tL(i^FbO|02YEpU@=$%(!o-&3@isLz)G+RtOjeqTCfhR z2OGdfunBAiTfna%17w1&U>o=iYzI3)7RUxW!7i{H>;ZehKCmDB4i11nz@OkRa1a~< zhrtnW6dVJ`!3l5@oC2r88E_Vy1Lwg7a1mSrm%$Zq6sa;2n4mK7fzl6Zj0ifUn>iqvcOaKQN#L zI-myzAORy_42l60U<%BDIj{hhzzSG{;=l%!03|^wP#Tm0WkESm9@qjqU=JLC3@QLe z-~`k$yWppapb~Hel|dCy6;uOmz#Vu1Pv8Z-fe-Kne!w482Q@$ds0nI;Ku{ah0d+w= zP#-h^4M8K&7zBYPpebkunuB1_0<;9JKx+^J+JLs89cT|afR3OO=nT4muAm#}4tju| zpce=QVIUmz1`!|<^Z`+zFNg;HKz|Se27rMe77PM$ARZ)uL@*c(0YkwsFdU2kBf%)} z6Zjb+#U=o-Nrhutn8ki1dfSF(xm<>|E955H80tL(i^FbO| z02YEpU@=$%(!o-&3@isLz)G+RtOjeqTCfhR2OGdfunBAiTfna%17w1&U>o=iYzI3) z7RUxW!7i{H>;ZehKCmDB4i11nz@OkRa1a~sa;2n4mK7fzl6Zj0ifUn@2mX<#q{lI`0=zty=fCP+yF(?L1fGIEo=D-420xMt* ziUS)^0+a-$Kxt40lm+ELd0-3dfIV;kGN=F?ffG>2?1G;vf=a*@R0dT*RZtDM0e9d5 zJb@SR20p+S_yK=V9n=5;peCpV0zqw12h;`iKz+~vGz5)6V-N(IfTo}sXbyrw3(yj@ z0STG30fq0Mr62V|F1Plekz;G}Ej0B^=PvB>e1d_pMFb0eTzkqRIJeU9`f=OU9 zm;$DPX<#~-0cL_(U^YkrbHH4X3KTF8%m-;;0ayqYfyH16NC!*7GO!%104u>Nuo|oZ zYr#6O9&7*`!6vX7YyrQ543G)7f^Fb8upR6GSs)wi1iQd)um|h~`@nwiJ2(LT0DpqN zz(H^b90o_gQE&_#2PeQua0;9TXTVu-4x9%Uz(sHgTn1ObRd5Yl2RFb?a0}c9cfeh6 z58MY2z(eo|JO)p|Q}8$V2RsAM!3*#bznLwETg_AP6)8O+hoz90Y?Fpe1MpT7wYK2DAn3Kzq;ubOfD1XV3+7 z1>Hb*&;#@Yy+9}k1L2@IhyanG4~PPNK{V(G`hyrS01O1NU=WA{@gM;tg27-27z&1g z;a~(92}XgRz|SBFB!kgl3>XW30pq}UFab;ilfYy!1xy9gz;rMJ%mlN*Y>)!xfVm(Q zC}19#57NK_un;T)i@_3*4wiytU^!R;R)SSvHCO}If^}d$*Z?+yO<*(F0)7Pi{KKt46cBy;2O9NZh)KM7Pt-WfV z7vLqx0k6Po@CLjE@4$QT0el3Xz-RCUdEGP%c16yDR?12N2K?UFloPauJ7yMKaR06J`GN=No zf@;7GxC0O13A}(e@BzNS5BP)Xpauv4H9;*92x@~mpf0Ef>VpQLA!q~|gCNiZGzHB- za}W$#fR>;YXbnO@8_*WC1MNWv&=GV3ok17S6?6mLK@ZRq^a7zE41|N;AOb{!J|GJ8 z1<{}%=nrDR05A~5f;{hJz7cBp3yL0zZQ!kPJqHF<>nC1&jmZ z!2~c7Oaha^6fhM`1Jl6_FcZuIvq1`&1LlHMpn!Q`K1c%#z(TMHECx$JI#>#pf#qNY zSP52v)nE-+3)X@4U<23)Hi6Ax3-}defK0FzYy-c6?O+GU0@+|E*adcjJzy``2lj*C z!2$3G_!ImE4uV7AFgOB^f@9z~H~~(AQ{Xf>1I~hT;5@hhE`m$oGPnY+f@|P9xB+g0 zTi`ah1MY%*;68W&9)d^UF?a%=g1^B(;2C%hUVxV%2fPBW!5i=vyaVsS2k;Sm0-wPb N@YS%HmOn%I{{bgSSH%DT delta 7490 zcmXBYcl40+-^cM^dk+<9??}TpDzr;`NEB^aMmwX@lA_Qah|-{?rJV-tL4$^950QqZ z_He%+=f2K)KF<4`&;PGKt^orEBn*faB+r;SPnrMuQsgN!I$yD*qiW4+usqSE6q_=n zNs)W_|G(rO?j?7I{e>1+$+$Mdz=XjGi3TSm9-NS5a6;0-3CWfvB%g3O(f^iD%$=fL zq9KVVrHE2SsiM?Tnka3QE=nI|h%!d^MVX?^QI_cb=z%C}^k9@N${yv2az?qL+)S0QIY78sAyCyDjt=H9*q*BlF?()<58)obW|pKB6>1Y5 zi^@k8qKZ+asB%;#sv12VRg0=eHKLkPt*CZXC#oCOi|R+uL=B>6qlVFQ(eqKGsB!c{ z^kUQ`Y8o|*nnx|7mQkzdrRe3Tb<`$m8?}qtN3TS$Mz2M$M;)S$QKzVL)FtW~b&I-3 zZ$xiKZ$)oMJ))jbujrkqcho298}*C&NAE@hqW7YK(V*!4=!0l*G$i^k`Y8H18X66Y zhDRf!kSGoqQ% ztmvC)b~GoN8_kR6N8d&ZqJ`0-XmPY8S{f~jmPg-3E25Rrs%Uleee^@LCR!V6gqJz<)=x}r- zIvO2|jz=e=KcbV-pV42@sp#+MbaW;<8=Z^(iOxqCqKna`=yG%=`Zu~7U5l)- zt>|`iC%PNmi~bv$cv7N~5fUQ_k|G(BBLz|-6;dM&(jpzwBLgzxK4d~>WWoJ-09o-M zvLQQiASZGmH}W7a@*zJ8pdbpNFdo9gD1t{&6va>+CGaQ`P!f;fag;)7l))2t5>KHl z%Aq_epdu=vGOC~|o<=oPM-9|OE!0LG)I~ki$1`YvXVDPP;dwMdW4wSD(F9G=49(F3 zEzt@u;bpW&8?;3`w8txW6|doSbU;URLT7YAS9C*nyn#3I7T!h=^h7VbgWl+azUYVk zcozfk9tL6%-p2xd#xK}~-PnV@_!ax`8-B-r9Kb;w!eJc2Q5?f@oWLJA zi9hidPT_By#u=Q&IsAk3xPXhegv+>se{mJpa2+>r6Sr_1cW@W?@L!^szr=AQLSiIA zQY1riq(DlfLTaQzTBJjIWI#sThfK(fEVv&JAS)h3He^Q*l&>MZw7yZy5?_vPn!$1te`}hEZF$5ptBYcdZ z7>3~(fsq)6(HMiV7>7^rDL%t^e2yNt$b1)b4 zFdyGy0TyBr7GnvPVi}g>JFLJ;tio!1j~}oGYq1XNu>l*g37fG6Tk#`)!ZvKj4(!Cw z_yxPL8+))9zhWPL!|&LS12~97IE*7WieosA6Zius@hASmDg2GoID@k|hktM$7jO}m za2Z$dFRtPmuHy!7;udb>4({R}{!1M5mn4ovNQ@*%ieyNR6iA6wNR2c|i*!hj49JN4 zkO`TQ1^43tWW|HXhV00JoXCaT$b-Ddhx{mjf+&Q-cnA-p2p&OE6hm>8z@tb&Nj!$f zQ3|C|22bEgJcY6-hw`X^il~IjsDi3^8r4u8HBb|^P#bkn7xhpd&!7RGMMFG?=g|m_ z@d92%6EsCLG)D`xL@T_6m(dz+&=&2`9bdZQ2eq96L>T@1i`7>Gf5A0J>ahTubdgpV;4!!R5pFcPCM8e=dPOvP9D8q+WxGcXgg@C{~T4(4JW=Hpu|z(Op-Vl2T@EW>hqhZR_f zRalMh@dMUiE!JT@Hee$*VKcU1D}KaJ*oN)cft~mnzhD=3V-NP?SM0-Y_#OLk00(gh zhj9c)aSX?C0)OBn{={E6g}-qcXK)th@DI-80xsebF5?RR#Z_Fxb=<&B+`?_#!Cl0G9fdv;C?)StauRFkR3UY6S6#X79V25iJ8Y{nLB z#gF(2+prxwuoFMy7wp1r?7?3AihcMEzhgfR;2;j+Fpl6Tj^Q{?;18U{pZE)>@HbB5 z49?;l{=s=%z(ribWn96(xQc7IjvKg%TeyuoxQl!EFKNtQvN#eUF_IuDk|8-#ASF^E zHPRq0(jh%EAS3QWCS*ny+>Zy46%QgCvLgp_A{TNa5Aq@(@}mF>q7Vw>Av}yCcmzdJ z48>6bk0Jpj@faRQDU?PTJb@?i6w0C;%A*1*q7o{j3aa91R6}*tKuy#_ZPY?!849oEyR$wJoVKu(T4_Je>Scmo4fQ{IM&Desi_z^#08@6KycH(FJf?e2+J=lw1 zu@ArDckIUj9K<0U#t|IFF&xJU{DG7B6Mx|p{>EvX!C9QcKRAyIxQI)*j4SvTS8)y3 daRWDT3%79xcX2P-nwY<2_gXK{82|Qq{~xYPF^m8J diff --git a/MySQL_conf_pbx/test1/mariadb_data/ibdata1 b/MySQL_conf_pbx/test1/mariadb_data/ibdata1 index 1fa06ce6d1bb0239c4e307104f27c1dec41ac5b0..c4dc296a83723bb0ea1cff7a3a4c942ccf38a99c 100644 GIT binary patch delta 1779 zcmb7D`%_e97(Qn=*Z_m&+J+aF17xiVh!$i4k101(h+7g8wk)>|7S{#j7IMnt)6I(e zM%xwBGRq3IEwW^$hHR#3`mKK>$e9{{$j;e|L@>RSPm{a^d!YSAUgE`|=%=EeO=mbmB;wt~x#t*mRxF-RKcmKm<*>1OF;u7jQN48`!=Rp+x?zZ)gfT&9c21b$ z(%iXnOwL4iT!D8^jzNB?*|~6O&%(HG-)lmgHN~4>EXtd-tKON!+{t-k!jM$7f?KSr z*g?7^M^kTUc|%K2OV?prU-dq_wX@NR7Khc|o^Ctl2+G^$mscwCoOL_+CIul8pCCRa!`QTW^r6=w4eQXCAZ(OZm~>4j2|*2 zkNoeqCaiDr^wz zw?HF=Z4J5ji{EFGXTlVd`CpIy6!4hj`D@p7y3b>h$8CZ!O-y&^!8jn^^v=PknoRQ4 zUk$I)OeT4*n2c7l&tpjjgXH<)R`TCOED=Y<6A8rKgo(I^NF+8An~2TC79xo-6Ul@` zq!6h@8gVbNmAH?%pRf?yi0#AcioQBG74l|&U$O*}yyCTfT$iCW?a zQAa#Q)DuUErwJ?3K-h>zqKRlGT8LJ{PCP@j5$%M7=pc>}PU1M>B07mKqMJBD^boy7 zAJIV#D~O3#0BDG;v(@0@hNeM_>B0R i_=1=rW{Jzh72-?6OMFFqP0SJB5LbzBiSN$i+WbEriScCs delta 1824 zcma)6T~JhI7(U_%*=~t~V`!7=>5_cMBYP#s6>8_i`>8iWDsJpgrVHeP;8Q+=jJMVkmXP)=>9Lus? zR`S@w)@_IFv@>j%?Y1-REPIljZBMpy>|EQ^W4NUoUPE+W^qZj)aWopR{LxvK5iRYO z169=`9&oz@-J2E#{XO0S(JlS)yqRKwTo%ter2ml^7>XNJRjxpHS=S+FkH~kpVsYuW z@`Ac{eW1<~e|w@QtgPr3;nE$Q7eeCv0=Gh3U%qy*$MBUoDpy_6#wAzNwF8!(dXX{i z(6V}Al=^a-_UveCX>ZYlmaS=#_SSHtvJ`9IvS_RLJ-bzF(A77qHFj+I+fln z^EDh>S~@*uW&7%7he~K%lr9WmB$Q~{=&k%46(EVyOTy|F>IAjW`1}LM<3@9pOZObve)Ys?MW_2zMc$yUhsWwkt?kiNJ*WHfH~z3V z2D6~0=!U^LHHZG2r8aUzl53ll(#Ic$Qj^_MpT(HAP-wcCm)>dD#GTGnEJotbmV=Rf z&2pcvPm`BmdOc~r$=OcLFG4c3!Yq(KuQdH~^$IgAqOxD|d*;_^-Sz2OnK|7N&mD0q2dSXQhvr^%ljdXCJk z8Bb34DEE?o`emrroGN3r=8WReFq)R3JkYu(#0l?hZj8v#2D4BO*O{5=0>vbStWNBg zXEvDm@_VNWQCVwx11TcmRPObOp$SCok;bq*Q?EL4c(a+69=@(dXIAF4YTqUQ4AYAW z&aK%=n1q+eCwxQ!;U@}-sl+s*h?q_Uh+?9Im_d{hw-L7!Gl^NmY+?>Emnb9V5%Y;V zh#;|mC?_h2g~TG_PU0?NF>yDsgt&)TO597_M^qBah$;faa$*H>Ke3WnMLa+}NK_Lw zL@lwJSVOEO))5a8>xnvI1Mx6XPdq|wBsLL`5}S#~h{uU1h$o3H#8%=dB1CK>8i?&g zBe8>cnou2RB6bnGiDsgO*hB0kT8Vu`n1~QA zi5G|?giUl2Bwi$r5-$-i6R!}*h;HII@hWkGc#SwoM2Q}vmxvLPI7RdkuM=+&ZxU}2 zZxinjr-?JfS>j#dJ>q?$pEyT+K%6H&Bt9ZOCO#oPB|alQC%z!QBrXtN5f_O|!~pR% TF-Uwv3=!WFmx$t+*|A3*1b?a*K=!YRm6ES@nRyxaPaa@ zc=eAlG4W(Q{F0Zv_Y1?YC@d@+k0dj>L`_hiYibMre*4kfT%64Gd~N9IOvO_L*Ods< z)!i+>O2VpGESc%FFSt6DlotZ zMzI$bVKK(A1WU0u_QAf`56iF|`{Mu{h=Xu27VdEzf(aaol{gHma5#>@k(k6$I2x;Q z4A$US9Eam^0#3w9I2otlRIJ51oQCx{9cSQ7oQ1P-4$j2}oQLzV5u30XQ@8*Z;v!s( zOK>SJ!{xXFSK=yMjcaf%w%|H!#r3!WH{vGTj9YLkZo}=k19##s+>Lv1FQ#!H?#Bao z5D(#DJc38@7#_zHcoI+HY0TgmJd5Y>JYK+ycnL4#6}*bqunn){4ZMjV-oo2>2k+uN v1n=Vme29kEF*4{*EBHJ>t zu%$fcO8*P%gW7b;woG&Itt=XiCySdtfA6)#yhzp8?pPSqd zlABkNX$d}6N3+Y%_>X)HFcjfCWDE7g=*bn>T033*gScJtm2nXX39Ev4aio-C5 z!*K+b;Yb{XaU6|fa4e3)a;(5g9FG%lB39ufoQzX&Do(>{tikD6i*+~yXW}fJjdO4= z&ck|~j|;E?8!>?kaS<-YCAbuq;c{GoD{&PjaW$^NwYUz~V+uFmM%;v(aSLw6ZPOV diff --git a/MySQL_conf_pbx/test1/mariadb_data/undo002 b/MySQL_conf_pbx/test1/mariadb_data/undo002 index 7ff929ec63ced21d4e5ade4cc594855322b8f3b6..1ac99771163d4c98f89530bb42e4cb9774772836 100644 GIT binary patch delta 580 zcmWlT$4`?107vr`X$2Kr)H;DGZUMzTpzbZ8xD~B??~UWb@!VRhidskF!Nj8wV`4nK zgBSlIjR&21Ux>E5}-gPI! zbj6p(rdU`WizRd4|5pC#vdn@!cP7H1_H%RavoxCti?Ss_G*a-RI~{zi`CtC3dtZ$K zMz8>TU?D~^hCQ(ei?J8>#y(hrrPvqyVSgNe1F;O_I0zFs7>D3c9EQVj1eRk3R$>xI z;wY@b(KrUj;y4_S6L2CJq{43FapJc+09G@ik;cn;6w1-yutunjNc6}*bqFvNDejyLco w-a_y;-od+g5AWjxe29pI{cB;xl}Xo%jM@;w#MIYkY%mKlm>75B~BXJOBUy delta 596 zcmWN{M^jS)003bggv1IqVr&r$qNoAIjza9cV8e>W-g^a zzxW57@g#>meH(^hX*gIeUYyMKCaQwk-p2Oe&(B}!rf4!-)72gsNXOHIR!D@I%Ah;{ zFKh@>`DQx`t-aN;e1SCE!N=zT!{6!2p8iLT#CzZIj+D4T#2i& z5t}fLt8opk#dWwIH{eFxgqv{-ZpCf59e3bP+=b1!8~5N|+=u(I1rOjsJcNhw2p+{& zJch?HgD3DLp2E|32G8O-JdYRfB3{DFcm=QGHN1{D@Fw2E+js}>;yt{NZP<<-_y8Yb zCx-Y4ALA2zid_gk!)|0BDYs_IUzQH`c#dr7~`|tyP#83Dczu;H=*6;W9 Ef6VtIRR910 diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAO.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAO.java index e26c928..f998341 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAO.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAO.java @@ -12,5 +12,7 @@ public interface UserOpsDAO { public boolean checkIfAdminExists(UserEntity userEntity) throws Exception; // admin login - public ReturnStatus adminSetPasswordToDb(UserEntity userEntity); + public ReturnStatus adminSetUsernameAndPassword(UserEntity userEntity); + + public UserEntity getUserByUserName(String userName); } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAOImpl.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAOImpl.java index 0e47754..675f9f5 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAOImpl.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/UserOpsDAOImpl.java @@ -5,6 +5,7 @@ import com.example.cezenPBX.entity.user.Role; import com.example.cezenPBX.entity.user.UserEntity; import jakarta.persistence.EntityManager; import jakarta.persistence.Query; +import jakarta.persistence.TypedQuery; import jakarta.transaction.Transactional; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Repository; @@ -32,18 +33,19 @@ public class UserOpsDAOImpl implements UserOpsDAO{ // Admin sets a username and password for the first time @Override @Transactional - public ReturnStatus adminSetPasswordToDb(UserEntity userEntity) { + public ReturnStatus adminSetUsernameAndPassword(UserEntity userEntity) { try { if (checkIfAdminExists(userEntity)) { return new ReturnStatus(false, "Admin already exists", ""); } // Fetch existing ROLE_Admin from DB - Role adminRole = (Role) entityManager.createQuery("FROM Role r WHERE r.role = :roleName") - .setParameter("roleName", "ROLE_Admin") - .getSingleResult(); + TypedQuery query = entityManager.createQuery("FROM Role r WHERE r.role = :roleName", Role.class) + .setParameter("roleName", "ROLE_Admin"); - userEntity.setARole(adminRole); + Role role = query.getSingleResult(); + + userEntity.setARole(role); // Persist the user entityManager.persist(userEntity); return new ReturnStatus(true, "Admin created", ""); @@ -51,4 +53,23 @@ public class UserOpsDAOImpl implements UserOpsDAO{ return new ReturnStatus(false, "Admin creation failed", e.getMessage()); } } + + // get user details by username + // throws an exception if the user doesn't exist + // exception is caught and returns null ... custom authentication provider must catch the exception + @Override + public UserEntity getUserByUserName(String userName) { + + try{ + TypedQuery query = this.entityManager + .createQuery("SELECT u FROM UserEntity u JOIN FETCH u.roles AS r WHERE u.userName = :userName", UserEntity.class); + + query.setParameter("userName", userName); + + return query.getSingleResult(); + + }catch ( Exception e){ + return null; + } + } } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DTO/user/AdminSetPasswordDTO.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DTO/user/AdminSetPasswordDTO.java index b2f2002..a850c8f 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DTO/user/AdminSetPasswordDTO.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DTO/user/AdminSetPasswordDTO.java @@ -12,7 +12,7 @@ public record AdminSetPasswordDTO( String email, @NotBlank(message = "Password cannot be blank") - @Size(min = 8, message = "Password must be at least 8 characters long") + @Size(min = 3, message = "Password must be at least 8 characters long") String password, @NotBlank(message = "Confirm password cannot be blank") diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java index aa35a37..191651c 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java @@ -6,7 +6,6 @@ import com.example.cezenPBX.security.JWTTokenValidatorFilter; import jakarta.servlet.http.HttpServletRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; @@ -80,16 +79,17 @@ public class CezenLoginSecurityChain { "/admin/list_all_branches_with_manager" ).hasAnyRole("admin") //any one who is authenticated can access /logout - .requestMatchers("/bankUser/login", "/user/getXSRfToken", "/logout").authenticated() + .requestMatchers("/open/login", "/user/getXSRfToken", "/logout").authenticated() .requestMatchers("/bankUser/**").hasAnyRole("user") //all the rest are open to public - .requestMatchers("/open/**").permitAll() + .requestMatchers("/open/signup").permitAll() //.requestMatchers(HttpMethod.POST, "/open/**").permitAll() ) // redirect to /login if the user is not authenticated Customizer.withDefaults() enables a security feature using the defaults provided by Spring Security .formLogin(Customizer.withDefaults()) .httpBasic(Customizer.withDefaults()); + System.out.print("Security chain configured"); return http.build(); } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CustomAuthenticationProviderForCezen.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CustomAuthenticationProviderForCezen.java index 3eb2a41..b6c7677 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CustomAuthenticationProviderForCezen.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CustomAuthenticationProviderForCezen.java @@ -1,146 +1,81 @@ -//package com.example.cezenPBX.config; -// -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.security.authentication.AuthenticationProvider; -//import org.springframework.security.authentication.BadCredentialsException; -//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -//import org.springframework.security.core.Authentication; -//import org.springframework.security.core.AuthenticationException; -//import org.springframework.security.core.GrantedAuthority; -//import org.springframework.security.core.authority.SimpleGrantedAuthority; -//import org.springframework.security.crypto.password.PasswordEncoder; -// -//import java.util.ArrayList; -//import java.util.List; -// -//public class CustomAuthenticationProviderForCezen implements AuthenticationProvider { -// -// @Autowired -// private UserRepository userRepository; -// -// @Autowired -// private EmployeeRepository employeeRepository; -// -// @Autowired -// private PasswordEncoder passwordEncoder; -// -// @Override -// public Authentication authenticate(Authentication authentication) throws AuthenticationException { -// -// //get credentials from login form -// String username = authentication.getName(); -// String pwd = authentication.getCredentials().toString(); -// -// //sanity check -// if (username.isEmpty() || pwd.isEmpty()) return null; -// -// System.out.println(pwd); -// System.out.println(username); -// -// int employeeId = 0; -// boolean isEmployee = false; -// -// //what if the username is an employee login -// try { -// //if true -// employeeId = Integer.parseInt(username); -// isEmployee = true; -// } catch (Exception e) { -// System.out.println(e.toString()); -// } -// -// //employee auth -// if (isEmployee) { -// // if it is a valid number range -// if (employeeId > 0) { -// //check for employee -// Employee employee = null; -// try { -// //check if employee exists if yes then fetch details -// employee = employeeRepository.getEmployeeAndRolesById(employeeId); -// } catch (Exception e) { -// System.out.println(e.toString()); -// return null; -// } -// -// if (passwordEncoder.matches(pwd, employee.getPassword())) { -// -// //then it is a match a number of springs granted authorities -// List authorities = new ArrayList<>(); -// -// //loop through the users authorities and add each of them to simple granted authority -// try { -// -// //check if employee is part of permission set for employee signing in -// boolean hasEmployee = false; -// for(var permission : employee.getRoles()){ -// if(permission.getRole().equals("ROLE_employee")) hasEmployee = true; -// } -// if(!hasEmployee) throw new BadCredentialsException("no employee permission for given employee"); -// -// employee.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole()))); -// } catch (Exception e) { -// //use/**/r doesn't have permissions or roles = null -// System.out.println(e.toString()); -// return null; -// } -// -// return new UsernamePasswordAuthenticationToken(employeeId, pwd, authorities); -// } else { -// throw new BadCredentialsException("Invalid password!"); -// } -// } else { -// throw new BadCredentialsException("No user registered with this details!"); -// } -// -// } -// -// //customer -// User customer = null; -// try { -// customer = userRepository.getUserDetailsByUserName(username); -// -// } catch (Exception e) { -// throw new BadCredentialsException("No user registered with this details!"); -// } -// -// //if the person exists -// if (customer != null) { -// System.out.println(customer.getPassword()); -// -// //check for a match -// if (passwordEncoder.matches(pwd, customer.getPassword())) { -// -// //then it is a match a number of springs granted authorities -// List authorities = new ArrayList<>(); -// -// //loop through the users authorities and add each of them to simple granted authority -// try { -// customer.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole()))); -// } catch (Exception e) { -// //user doesn't have permissions or roles = null -// System.out.println(e.toString()); -// return null; -// } -// //final send the username password and auth as a token which will call the authenticate method in the ProviderManager -// // in this edit i wont store the password but a use id -// -// //this is so that i can get a global access to an authenticated users name and id -// username = username + "," + customer.getId() + "," + customer.getUserAccountId().getId(); -// -// return new UsernamePasswordAuthenticationToken(username, pwd, authorities); -// } else { -// throw new BadCredentialsException("Invalid password!"); -// } -// } else { -// throw new BadCredentialsException("No user registered with this details!"); -// } -// } -// -// @Override -// public boolean supports(Class authentication) { -// //tells spring that i want to support username password style of auth -// return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); -// } -// -//} +package com.example.cezenPBX.config; + +import com.example.cezenPBX.DAO.UserOpsDAO; +import com.example.cezenPBX.entity.user.UserEntity; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Component; + +import java.util.ArrayList; +import java.util.List; + +@Component +public class CustomAuthenticationProviderForCezen implements AuthenticationProvider { + + @Autowired + private UserOpsDAO userOpsDAO; + + @Autowired + private PasswordEncoder passwordEncoder; + + @Override + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + + //get credentials from login form + String username = authentication.getName(); + String pwd = authentication.getCredentials().toString(); + + //sanity check + if (username.isEmpty() || pwd.isEmpty()) return null; + + //check for employee + UserEntity user = null; + try { + //check if employee exists if yes then fetch details + user = this.userOpsDAO.getUserByUserName(username); + } catch (Exception e) { + System.out.println(e.toString()); + return null; + } + + if (passwordEncoder.matches(pwd, user.getPassword())) { + + //then it is a match a number of springs granted authorities + List authorities = new ArrayList<>(); + + //loop through the users authorities and add each of them to simple granted authority + try { + //check if user is part of permission set for admin signing in + boolean isAdmin = false; + for(var permission : user.getRoles()){ + if(permission.getRole().equals("ROLE_admin")) isAdmin = true; + } + if(!isAdmin) throw new BadCredentialsException("no employee permission for given employee"); + + user.getRoles().forEach(a -> authorities.add(new SimpleGrantedAuthority(a.getRole()))); + } catch (Exception e) { + //use/**/r doesn't have permissions or roles = null + System.out.println(e.toString()); + return null; + } + + return new UsernamePasswordAuthenticationToken(user, pwd, authorities); + } else { + throw new BadCredentialsException("Invalid password!"); + } + } + + @Override + public boolean supports(Class authentication) { + //tells spring that i want to support username password style of auth + return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); + } + +} diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/controller/SignUpController.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/controller/SignUpController.java index 34f2814..d78b506 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/controller/SignUpController.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/controller/SignUpController.java @@ -5,10 +5,7 @@ import com.example.cezenPBX.DTO.user.AdminSetPasswordDTO; import com.example.cezenPBX.service.PbxUserService; import jakarta.validation.Valid; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; @RestController @RequestMapping("/open") @@ -30,6 +27,10 @@ public class SignUpController { } // and a login route + @GetMapping("/login") + public ReturnStatus login(){ + return new ReturnStatus(false, "Login not yet implemented", "Login not yet implemented"); + } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenGeneratorFilter.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenGeneratorFilter.java index e1d8be5..d2b5838 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenGeneratorFilter.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenGeneratorFilter.java @@ -66,7 +66,8 @@ public class JWTTokenGeneratorFilter extends OncePerRequestFilter { @Override protected boolean shouldNotFilter(HttpServletRequest request) { - return (request.getServletPath().equals("/open/signup") || request.getServletPath().equals("/open/employee-login")); + return !request.getServletPath().equals("/open/login"); + //return !(request.getServletPath().equals("/open/signup") || request.getServletPath().equals("/open/login")); } // gets the authority's from granted authority which we set in the configuration CustomAuthenticationProvider class diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenValidatorFilter.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenValidatorFilter.java index 60e23df..9390541 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenValidatorFilter.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/security/JWTTokenValidatorFilter.java @@ -74,7 +74,7 @@ public class JWTTokenValidatorFilter extends OncePerRequestFilter { protected boolean shouldNotFilter(HttpServletRequest request) { return request.getServletPath().equals("/open/signup") - || request.getServletPath().equals("/employee/employee-login"); + || request.getServletPath().equals("/open/login"); // //bellow was done to archive this /exposed/** // request.getServletPath().split("/")[1].equals("exposed"); } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/service/PbxUserService.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/service/PbxUserService.java index d74c4d9..7534b1d 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/service/PbxUserService.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/service/PbxUserService.java @@ -2,7 +2,6 @@ package com.example.cezenPBX.service; import com.example.cezenPBX.DAO.UserOpsDAO; import com.example.cezenPBX.DTO.ReturnStatus; -import com.example.cezenPBX.entity.user.Role; import com.example.cezenPBX.entity.user.UserEntity; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.password.PasswordEncoder; @@ -28,9 +27,9 @@ public class PbxUserService { return new ReturnStatus(false, "Passwords do not match", "Passwords do not match"); } // password encryption - UserEntity userEntity = new UserEntity(userName, "{bcrypt}"+passwordEncoder.encode(password), email); + UserEntity userEntity = new UserEntity(userName, passwordEncoder.encode(password), email); // commit the username and password to the database - return userOpsDAO.adminSetPasswordToDb(userEntity); + return userOpsDAO.adminSetUsernameAndPassword(userEntity); } }