Update 🐱‍💻

deploy.sh

@@ -5,7 +5,7 @@ then
   cd ./festival/frontend
   npm run build-prod
   cd ..
-  ./mvnw com.heroku.sdk:heroku-maven-plugin:1.1.4:deploy-war -Pprod -DskipTests -Dheroku.appName=science-festival
+  ./mvnw com.heroku.sdk:heroku-maven-plugin:1.2.1:deploy-war -Pprod -DskipTests -Dheroku.appName=science-festival
   echo 'Master published successfully.'
 fi
 
@@ -14,6 +14,6 @@ then
   cd ./festival/frontend
   npm run build
   cd ..
-  ./mvnw com.heroku.sdk:heroku-maven-plugin:1.1.4:deploy-war -DskipTests -Dheroku.appName=science-festival-dev
+  ./mvnw com.heroku.sdk:heroku-maven-plugin:1.2.1:deploy-war -DskipTests -Dheroku.appName=science-festival-dev
   echo 'Dev published successfully.'
 fi

festival/frontend/package.json

@@ -15,34 +15,34 @@
   "private": true,
   "dependencies": {
     "@agm/core": "^1.0.0-beta.0",
-    "@angular/animations": "^4.2.6",
+    "@angular/animations": "^4.3.1",
     "@angular/cdk": "^2.0.0-beta.8",
-    "@angular/common": "^4.2.0",
-    "@angular/compiler": "^4.2.0",
-    "@angular/core": "^4.2.0",
-    "@angular/forms": "^4.2.0",
-    "@angular/http": "^4.2.0",
+    "@angular/common": "^4.3.1",
+    "@angular/compiler": "^4.3.1",
+    "@angular/core": "^4.3.1",
+    "@angular/forms": "^4.3.1",
+    "@angular/http": "^4.3.1",
     "@angular/material": "^2.0.0-beta.8",
-    "@angular/platform-browser": "^4.2.0",
-    "@angular/platform-browser-dynamic": "^4.2.0",
-    "@angular/router": "^4.2.0",
+    "@angular/platform-browser": "^4.3.1",
+    "@angular/platform-browser-dynamic": "^4.3.1",
+    "@angular/router": "^4.3.1",
     "@ngrx/core": "^1.2.0",
-    "@ngrx/effects": "^2.0.3",
-    "@ngrx/store": "^2.2.2",
+    "@ngrx/effects": "^2.0.4",
+    "@ngrx/store": "^2.2.3",
     "@ngrx/store-devtools": "^3.2.4",
+    "@ngx-translate/core": "^7.1.0",
     "angular2-virtual-scroll": "^0.1.7",
     "ap-angular2-fullcalendar": "^1.3.1",
     "core-js": "^2.4.1",
     "hammerjs": "^2.0.8",
-    "ng2-translate": "^5.0.0",
-    "rxjs": "^5.1.0",
-    "zone.js": "^0.8.4"
+    "rxjs": "^5.4.2",
+    "zone.js": "^0.8.14"
   },
   "devDependencies": {
-    "@angular/cli": "1.0.0",
-    "@angular/compiler-cli": "^4.0.0",
+    "@angular/cli": "1.2.3",
+    "@angular/compiler-cli": "^4.3.1",
     "@types/jasmine": "2.5.38",
-    "@types/node": "~6.0.60",
+    "@types/node": "~6.0.84",
     "codelyzer": "~2.0.0",
     "jasmine-core": "~2.5.2",
     "jasmine-spec-reporter": "~3.2.0",
@@ -51,10 +51,10 @@
     "karma-cli": "~1.0.1",
     "karma-jasmine": "~1.1.0",
     "karma-jasmine-html-reporter": "^0.2.2",
-    "karma-coverage-istanbul-reporter": "^0.2.0",
-    "protractor": "~5.1.0",
+    "karma-coverage-istanbul-reporter": "^0.2.3",
+    "protractor": "~5.1.2",
     "ts-node": "~2.0.0",
-    "tslint": "~4.5.0",
-    "typescript": "~2.2.0"
+    "tslint": "~4.5.1",
+    "typescript": "~2.4.2"
   }
 }

festival/frontend/src/app.module.ts

@@ -6,6 +6,7 @@ import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
 import { HttpModule } from '@angular/http';
 import { CUSTOM_ELEMENTS_SCHEMA } from '@angular/core';
 import { RouterModule, Routes } from '@angular/router';
+import { HttpClientModule, HttpHeaders } from '@angular/common/http';
 // 3rd party libs
 import { VirtualScrollModule } from 'angular2-virtual-scroll';
 // common module
@@ -139,6 +140,7 @@ const appRoutes: Routes = [
     FormsModule,
     ReactiveFormsModule,
     HttpModule,
+    HttpClientModule,
     ...ApplicationEffects,
     StoreModule.provideStore({ newsReducer }),
     StoreDevtoolsModule.instrumentOnlyWithExtension({

festival/frontend/src/app/components/login/login.component.ts

@@ -1,5 +1,6 @@
 import { Component, OnInit, ViewChild, ElementRef, Output, EventEmitter } from '@angular/core';
 import { FormBuilder, FormGroup, Validators } from '@angular/forms';
+import { HttpClient, HttpHeaders } from "@angular/common/http";
 
 @Component({
     selector: 'sf-login',
@@ -13,7 +14,7 @@ export class LoginComponent implements OnInit {
     @ViewChild('password') public password: sf.common.StringInput;
     @Output() public onSubmitted: EventEmitter<sf.entities.User> = new EventEmitter<sf.entities.User>();
 
-    constructor() { }
+    constructor(private http: HttpClient) { }
 
     ngOnInit() {
         this.loginForm = {
@@ -29,6 +30,12 @@ export class LoginComponent implements OnInit {
         };
         console.log(this.loginForm);
         this.onSubmitted.emit(this.loginForm);
+
+        let headers: HttpHeaders = new HttpHeaders();
+        headers = headers.append("Authorization", "Basic " + btoa(this.email.value + ":" + this.password.value));
+        this.http.get("http://" + window.location.hostname + ":8080/api/v1/users", { headers: headers }).subscribe(resp => {
+            console.log(resp["0"]);
+        });
     }
 
     public reset(): void {

festival/pom.xml

@@ -14,7 +14,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>1.5.4.RELEASE</version>
+        <version>1.5.7.RELEASE</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
 
@@ -47,6 +47,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-undertow</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.github.ziplet</groupId>
             <artifactId>ziplet</artifactId>
@@ -91,7 +95,7 @@
             <plugin>
                 <groupId>org.projectlombok</groupId>
                 <artifactId>lombok-maven-plugin</artifactId>
-                <version>1.16.18.0</version>
+                <version>1.16.18.1</version>
                 <executions>
                     <execution>
                         <phase>generate-sources</phase>
@@ -104,7 +108,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.6.1</version>
+                <version>3.7.0</version>
                 <configuration>
                     <compilerId>javac-with-errorprone</compilerId>
                     <forceJavacCompilerUse>true</forceJavacCompilerUse>

festival/src/main/java/com/hubses/festival/config/security/SecurityConfiguration.java

@@ -1,29 +1,43 @@
 package com.hubses.festival.config.security;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 
 @Configuration
 @EnableWebSecurity
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    private static final String API_PREFIX = "/api";
+    private static final String API_VERSION = "/v1";
+    private static final String REST_PREFIX = API_PREFIX + API_VERSION;
+    private static final String AUTHORITY_ADMIN = "ADMIN";
+
     @Autowired
     private CustomUserDetailService customUserDetailService;
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().disable().authorizeRequests()
+        http
+                .csrf().disable()
+                .authorizeRequests()
                 .antMatchers("/").permitAll()
                 .antMatchers("/**/*.html", "/**/*.css", "/**/*.js").permitAll()
-                .antMatchers("/**/customers/**", "/**/users/**", "/**/jury/**", "/**/committee/**").hasAuthority("ADMIN")
-                .anyRequest().authenticated()
-                .and()
-                .httpBasic().realmName("Science")
-                .and()
+                .antMatchers(REST_PREFIX + "/customers/**").hasAuthority(AUTHORITY_ADMIN)
+                .antMatchers(REST_PREFIX + "/users/**").hasAuthority(AUTHORITY_ADMIN)
+                .antMatchers(REST_PREFIX + "/jury/**").hasAuthority(AUTHORITY_ADMIN)
+                .antMatchers(REST_PREFIX + "/committee/**").hasAuthority(AUTHORITY_ADMIN).and()
+                .cors().and()
+                .httpBasic().realmName("Science").and()
+                .headers().frameOptions().sameOrigin().and()
                 .logout().logoutUrl("/logout");
     }
 
@@ -38,4 +52,14 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.userDetailsService(customUserDetailService);
     }
 
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        return new WebMvcConfigurerAdapter() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**");
+            }
+        };
+    }
+
 }

festival/src/main/resources/application.yml

@@ -4,8 +4,22 @@ spring:
       hibernate:
         show_sql: true
         format_sql: true
+  datasource:
+    url: jdbc:h2:mem:scifest;DB_CLOSE_DELAY=-1
+    username: sa
+    password:
+  h2:
+    console:
+      enabled: true
 logging:
   level:
     org:
       hibernate:
-        type: trace
+        type: trace
+endpoints:
+  metrics:
+    sensitive: false
+server:
+  session:
+    cookie:
+      http-only: true