feat: add security.jpa package for authentication with username and p…

…assword

backend/logs/quarkus.log.1

@@ -0,0 +1 @@
+2024-10-06 12:44:23,924 tk-legion5pro C:\Program Files\Java\jdk-22\bin\java.exe[4416] DEBUG [org.jbo.logging] (main) Logging Provider: org.jboss.logging.JBossLogManagerProvider

backend/pom.xml

@@ -92,6 +92,10 @@
         <groupId>io.quarkus</groupId>
         <artifactId>quarkus-hibernate-orm-panache</artifactId>
     </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-security-jpa</artifactId>
+    </dependency>
   </dependencies>
 
   <build>

backend/src/main/java/org/acme/TimetableResource.java

@@ -1,6 +1,7 @@
 package org.acme;
 
 import ai.timefold.solver.core.api.solver.SolverManager;
+import jakarta.annotation.security.RolesAllowed;
 import jakarta.inject.Inject;
 import jakarta.transaction.Transactional;
 import jakarta.ws.rs.Consumes;
@@ -36,6 +37,7 @@ public class TimetableResource {
     SolverManager<Timetable, String> solverManager;
 
     @POST
+//    @RolesAllowed({"user"})
     @Transactional
     public Timetable handleRequest(Timetable problem) throws ExecutionException, InterruptedException {
         UUID uuid = UUID.randomUUID();
@@ -81,6 +83,7 @@ public void findByCampusAndDelete(String campusName) {
     }
 
     @GET
+//    @RolesAllowed({"user"})
     @Transactional
     @Produces(MediaType.APPLICATION_JSON)
     public Timetable solveExample() throws ExecutionException, InterruptedException {
@@ -130,7 +133,7 @@ public Timetable solveExample() throws ExecutionException, InterruptedException
 
         /*
          * During this solving phase, new Unit objects will be created with the
-         * alloted date and Room assignment.
+         * allotted date and Room assignment.
          * 
          * Currently, the 'old' Unit objects in the 'problem' variable and the
          * 'new' Unit objects in the 'solution' variable are stored as different

backend/src/main/java/org/acme/security/jpa/Startup.java

@@ -0,0 +1,19 @@
+package org.acme.security.jpa;
+
+import jakarta.enterprise.event.Observes;
+import jakarta.inject.Singleton;
+import jakarta.transaction.Transactional;
+
+import io.quarkus.runtime.StartupEvent;
+
+
+@Singleton
+public class Startup {
+    @Transactional
+    public void loadUsers(@Observes StartupEvent evt) {
+        // reset and load all test users
+        User.deleteAll();
+        User.add("admin", "admin", "admin");
+        User.add("user", "user", "user");
+    }
+}

backend/src/main/java/org/acme/security/jpa/User.java

@@ -0,0 +1,36 @@
+package org.acme.security.jpa;
+
+import io.quarkus.elytron.security.common.BcryptUtil;
+import io.quarkus.hibernate.orm.panache.PanacheEntity;
+import io.quarkus.security.jpa.Password;
+import io.quarkus.security.jpa.Roles;
+import io.quarkus.security.jpa.UserDefinition;
+import io.quarkus.security.jpa.Username;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+
+@Entity
+@Table(name = "test_user")
+@UserDefinition
+public class User extends PanacheEntity {
+    @Username
+    public String username;
+    @Password
+    public String password;
+    @Roles
+    public String role;
+
+    /**
+     * Adds a new user to the database
+     * @param username the username
+     * @param password the unencrypted password (it is encrypted with bcrypt)
+     * @param role the comma-separated roles
+     */
+    public static void add(String username, String password, String role) {
+        User user = new User();
+        user.username = username;
+        user.password = BcryptUtil.bcryptHash(password);
+        user.role = role;
+        user.persist();
+    }
+}

backend/src/main/java/org/acme/security/jpa/UserResource.java

@@ -0,0 +1,18 @@
+package org.acme.security.jpa;
+
+import jakarta.annotation.security.RolesAllowed;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.SecurityContext;
+
+@Path("/api/users")
+public class UserResource {
+
+    @GET
+    @RolesAllowed({"user"})
+    @Path("/me")
+    public String me(@Context SecurityContext securityContext) {
+        return securityContext.getUserPrincipal().getName();
+    }
+}