Spring Boot Security JDBC

Author: Urunov

Chapter4_Securing Spring/pom.xml

@@ -15,6 +15,10 @@
     <description>The project for Spring Boot</description>
 
     <properties>
+        <project.build.sourceEncoding>
+            UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>
+            UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
     </properties>
 
@@ -27,6 +31,12 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-jpa</artifactId>
         </dependency>
+
+        <dependency>
+            <groupId>javax.persistence</groupId>
+            <artifactId>javax.persistence-api</artifactId>
+            <version>2.2</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-security</artifactId>
@@ -39,7 +49,22 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
-
+        <!-- https://mvnrepository.com/artifact/com.github.sebhoss/suppress-warnings -->
+        <dependency>
+            <groupId>com.github.sebhoss</groupId>
+            <artifactId>suppress-warnings</artifactId>
+            <version>2.0.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.seleniumhq.selenium</groupId>
+            <artifactId>htmlunit-driver</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+            <scope>runtime</scope>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-devtools</artifactId>
@@ -67,6 +92,17 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+        </dependency>
+        <!-- tag::springSecurity[] -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <!-- end::springSecurity[] -->
+
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-test</artifactId>

Chapter4_Securing Spring/src/main/java/spring/security/Ingredient.java

@@ -1,9 +1,31 @@
 package spring.security;
 
+import lombok.AccessLevel;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.RequiredArgsConstructor;
+
+import javax.persistence.Entity;
+import javax.persistence.Id;
+
 /**
  * @Created 17 / 03 / 2020 - 6:43 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
+
+@Data
+@RequiredArgsConstructor
+@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+@Entity
 public class Ingredient {
+    //
+    @Id
+    private final String id;
+    private final String name;
+    private final Type type;
+
+    public static enum Type{
+        WRAP, PROTEIN, VEGGIES, CHEESE, SAUCE
+    }
 }

Chapter4_Securing Spring/src/main/java/spring/security/Order.java

@@ -5,5 +5,65 @@
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class Order {
+
+import lombok.Data;
+
+import javax.persistence.*;
+import javax.validation.constraints.Digits;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+/**
+ * @Data - is the class level is provides by Lombok and tells Lombok to generate all missing methods as well as
+ * constructor that accepts all final properties as arguments.
+ * **/
+
+@Data
+@Entity
+@Table(name = "Taco_Order")
+public class Order implements Serializable {
+    //
+
+    private static final long serialVersionUID = 1L;
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
+
+    private Date placeAt;
+
+    @ManyToOne
+    private User user;
+
+    @NotBlank(message="Delivery name is required")
+    private String deliveryStreet;
+
+    @NotBlank(message = "City is required")
+    private String deliveryCity;
+
+    @NotBlank(message = "Zip code is required")
+    private String ccNumber;
+
+    @Pattern(regexp = "^(0[1-9]|1[0-2])([\\\\/])([1-9][0-9])$", message = "Must be formatted MM/YY")
+    private String ccExpiration;
+
+    @Digits(integer = 3, fraction = 0, message = "Invalid CVV")
+    private String ccCVV;
+
+    @ManyToMany(targetEntity = Taco.class)
+    private List<Taco> tacos = new ArrayList<>();
+
+    public void addDesign(Taco design) {
+        this.tacos.add(design);
+    }
+
+    @PrePersist
+    void placeAt(){
+        this.placeAt = new Date();
+    }
+
 }

Chapter4_Securing Spring/src/main/java/spring/security/Taco.java

@@ -1,10 +1,40 @@
 package spring.security;
 
+import com.sun.istack.NotNull;
+import lombok.Data;
+
+import javax.persistence.*;
+import javax.validation.constraints.Size;
+import java.util.Date;
+import java.util.List;
+
 /**
  * @Created 17 / 03 / 2020 - 6:43 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class Taco
-{
+
+@Data
+@Entity
+public class Taco {
+    //
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
+
+    @NotNull
+    @Size(min=5, message = "Name be at least 5 characters long")
+    private String name;
+
+    private Date createAt;
+
+    @ManyToMany(targetEntity = Ingredient.class)
+    @Size(min=1, message = "You must choose at least 1 ingredient")
+    private List <Ingredient> ingredients;
+
+    @PrePersist
+    void createAt(){
+        this.createAt = new Date();
+    }
 }

Chapter4_Securing Spring/src/main/java/spring/security/User.java

@@ -5,9 +5,14 @@
 import lombok.NoArgsConstructor;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import java.util.Arrays;
 import java.util.Collection;
 
 /**
@@ -18,41 +23,53 @@
 
 @Data
 @Entity
-@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
-@RequiredArgsConstructor
+//@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+//@RequiredArgsConstructor
+
 public class User implements UserDetails {
     //
-   private final String username;
-   private final String password;
-   private final String fullname;
-   private final String street;
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
+
+   private String username;
+   private String password;
+   private String fullname;
+   private String street;
    private String city;
    private String state;
    private String zip;
-   private final String phoneNumber;
+   private String phoneNumber;
+
+    public User(Long id, String city, String state, String zip) {
+        this.id = id;
+        this.city = city;
+        this.state = state;
+        this.zip = zip;
+    }
 
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
-        return null;
+        return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
     }
 
     @Override
     public boolean isAccountNonExpired() {
-        return false;
+        return true;
     }
 
     @Override
     public boolean isAccountNonLocked() {
-        return false;
+        return  true;
     }
 
     @Override
     public boolean isCredentialsNonExpired() {
-        return false;
+        return true;
     }
 
     @Override
     public boolean isEnabled() {
-        return false;
+        return true;
     }
 }

Chapter4_Securing Spring/src/main/java/spring/security/data/IngredientRepository.java

@@ -1,9 +1,12 @@
 package spring.security.data;
 
+import org.springframework.data.repository.CrudRepository;
+import spring.security.Ingredient;
+
 /**
  * @Created 17 / 03 / 2020 - 6:45 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class IngredientRepository {
+public interface IngredientRepository extends CrudRepository<Ingredient, String> {
 }

Chapter4_Securing Spring/src/main/java/spring/security/data/OrderRepository.java

@@ -1,9 +1,12 @@
 package spring.security.data;
 
+import org.springframework.data.repository.CrudRepository;
+import spring.security.Order;
+
 /**
  * @Created 17 / 03 / 2020 - 6:45 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class OrderRepository {
+public interface OrderRepository extends CrudRepository<Order, Long> {
 }

Chapter4_Securing Spring/src/main/java/spring/security/data/TacoRepository.java

@@ -1,9 +1,12 @@
 package spring.security.data;
 
+import org.springframework.data.repository.CrudRepository;
+import spring.security.Taco;
+
 /**
  * @Created 17 / 03 / 2020 - 6:46 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class TacoRepository {
+public interface TacoRepository extends CrudRepository<Taco, Long> {
 }

Chapter4_Securing Spring/src/main/java/spring/security/data/UserRepository.java

@@ -1,9 +1,14 @@
 package spring.security.data;
 
+import org.springframework.data.repository.CrudRepository;
+import org.springframework.security.core.userdetails.User;
+
 /**
  * @Created 17 / 03 / 2020 - 6:46 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class UserRepository {
+public interface UserRepository extends CrudRepository<User, Long> {
+    //
+    User findByUsername(String username);
 }

Chapter4_Securing Spring/src/main/java/spring/security/security/RegistrationController.java

@@ -1,9 +1,44 @@
 package spring.security.security;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import spring.security.data.UserRepository;
+
 /**
  * @Created 17 / 03 / 2020 - 6:45 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
+
+@Controller
+@RequestMapping("/register")
 public class RegistrationController {
+    //
+    private UserRepository userRepository;
+    private PasswordEncoder passwordEncoder;
+
+    public RegistrationController(UserRepository userRepository, PasswordEncoder passwordEncoder) {
+        this.userRepository = userRepository;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    @Autowired
+    public String registerForm() {
+        return "registration";
+    }
+
+    @GetMapping
+    public String registrationForm(){
+        return "registration";
+    }
+
+    @PostMapping
+    public String processRegistration(RegistrationForm form) {
+        userRepository.save(form.toUser(passwordEncoder));
+        return "redirect:/login";
+    }
 }