* minor changes

* logout link in dashboard

Author: pateman

app/public/index.html

@@ -22,7 +22,7 @@
       work correctly both with client-side routing and a non-root public URL.
       Learn how to configure a non-root public URL by running `npm run build`.
     -->
-    <title>React App</title>
+    <title>Starter Kit</title>
   </head>
   <body>
     <noscript>You need to enable JavaScript to run this app.</noscript>

app/src/App.js

@@ -1,5 +1,6 @@
 import React, {Component} from 'react';
 import {BrowserRouter as Router, Route} from "react-router-dom";
+import AuthService from './services/AuthService/AuthService';
 import LoginPage from './components/LoginPage/LoginPage';
 import DashboardPage from './components/DashboardPage/DashboardPage';
 
@@ -13,8 +14,16 @@ class App extends Component {
         }
     }
 
+    componentDidMount() {
+        AuthService.me(data => {
+            if (data.authenticated) {
+                this.successfulAuthenticationHandler(data);
+            }
+        });
+    }
+
     successfulAuthenticationHandler = (response) => {
-        const data = response.data.principal;
+        const data = response.principal;
         const roles = data.authorities.reduce((last, cur) => {
             last.push(cur.role);
             return last;
@@ -27,17 +36,25 @@ class App extends Component {
         });
     };
 
+    successfulLogoutHandler = () => this.setState({user: null});
+
     render() {
+        const loginRender = (props) => <LoginPage {...props}
+                                                  onLoginSuccess={this.successfulAuthenticationHandler}
+                                                  user={this.state.user}/>;
+        const dashboardRender = (props) => <DashboardPage {...props}
+                                                          onLogoutSuccess={this.successfulLogoutHandler}
+                                                          user={this.state.user}/>;
         return (
             <Router>
                 <div>
                     <Route path='/'
                            exact
-                           render={(props) => <LoginPage {...props}
-                                                         onLoginSuccess={this.successfulAuthenticationHandler}
-                                                         user={this.state.user}/>}/>
+                           render={(p) => this.state.user ? dashboardRender(p) : loginRender(p)}/>
+                    <Route path='/login'
+                           render={loginRender}/>
                     <Route path='/dashboard/'
-                           render={(props) => <DashboardPage {...props} user={this.state.user}/>}/>
+                           render={dashboardRender}/>
                 </div>
             </Router>
         );

app/src/components/DashboardPage/DashboardPage.js

@@ -1,5 +1,6 @@
 import React from 'react';
 import {Redirect} from 'react-router-dom';
+import AuthService from '../../services/AuthService/AuthService';
 
 const dashboardPage = (props) => {
     if (!props.user) {
@@ -15,6 +16,10 @@ const dashboardPage = (props) => {
             <div className="col">
                 <h1>Hello, {props.user.name}!</h1>
                 {specializedParagraph}
+                <a href="/" onClick={(evt) => {
+                    evt.preventDefault();
+                    AuthService.logout(props.onLogoutSuccess)
+                }}>Logout</a>
             </div>
         </div>
     );

app/src/components/LoginPage/LoginPage.js

@@ -3,7 +3,7 @@ import styles from './LoginPage.module.css';
 import logo from '../../logo.svg';
 import {Alert} from 'reactstrap';
 import PropTypes from 'prop-types';
-import axios from 'axios';
+import AuthService from '../../services/AuthService/AuthService';
 import {Redirect} from 'react-router-dom';
 
 class LoginPage extends Component {
@@ -29,16 +29,15 @@ class LoginPage extends Component {
         evt.preventDefault();
 
         this.setState({loginError: null}, () => {
-            axios.post('/login', {
-                username: this.loginRef.current.value,
-                password: this.passwordRef.current.value,
-                rememberMe: this.rememberMeRef.current.checked
-            })
-                .then(resp => {
+            AuthService.login(
+                this.loginRef.current.value,
+                this.passwordRef.current.value,
+                this.rememberMeRef.current.checked,
+                resp => {
                     this.props.onLoginSuccess(resp);
                     this.props.history.push('/dashboard');
-                })
-                .catch(err => this.setState({loginError: err.response.data.error}));
+                },
+                err => this.setState({loginError: err.error}));
         });
     };
 
@@ -49,7 +48,6 @@ class LoginPage extends Component {
     };
 
     render() {
-        console.log(this.props.user);
         if (this.props.user) {
             return <Redirect to='/dashboard'/>;
         }
@@ -84,7 +82,6 @@ class LoginPage extends Component {
                                 </label>
                             </div>
                             <button className="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
-                            <p className="mt-5 mb-3 text-muted">&copy; 2017-2018</p>
                         </form>
                     </div>
                 </div>

app/src/services/AuthService/AuthService.js

@@ -0,0 +1,23 @@
+import axios from 'axios';
+
+export default class {
+
+    static login(userName, password, shouldRemember, successCallback, failureCallback) {
+        axios.post('/api/login', {
+            username: userName,
+            password: password,
+            rememberMe: shouldRemember
+        })
+            .then(resp => successCallback(resp.data))
+            .catch(err => failureCallback(err.response.data));
+    }
+
+    static logout(callback) {
+        axios.get('/api/logout').then(callback());
+    }
+
+    static me(callback) {
+        axios.get('/api/me').then(resp => callback(resp.data));
+    }
+
+}

src/main/java/pl/pateman/springbootreactbootstrapauthstarter/configuration/WebSecurityConfig.java

@@ -26,8 +26,8 @@
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
-    private static final String LOGIN_URL = "/login";
-    private static final String LOGOUT_URL = "/logout";
+    private static final String LOGIN_URL = "/api/login";
+    private static final String LOGOUT_URL = "/api/logout";
     private static final String REMEMBER_ME_KEY = "uniqueAndSecret";
 
     private final JSONLoginHandler loginHandler;
@@ -58,13 +58,16 @@ protected void configure(HttpSecurity http) throws Exception {
                 .antMatchers(HttpMethod.GET, "/", "/*.json", "/static/**").permitAll()
                 .antMatchers(HttpMethod.POST, LOGIN_URL).permitAll()
                 .antMatchers(HttpMethod.POST, LOGOUT_URL).permitAll()
+                .antMatchers("/api/me").permitAll()
                 .antMatchers("/api/**").authenticated();
 
         http.formLogin()
                 .permitAll();
 
         http.logout()
                 .deleteCookies("JSESSIONID", "remember-me")
+                .logoutUrl(LOGOUT_URL)
+                .logoutSuccessUrl("/api/me")
                 .permitAll();
 
         http.addFilterAt(jsonAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);

src/main/java/pl/pateman/springbootreactbootstrapauthstarter/controller/MeController.java

@@ -0,0 +1,17 @@
+package pl.pateman.springbootreactbootstrapauthstarter.controller;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/api/me")
+public class MeController {
+
+    @GetMapping
+    public Authentication me(Authentication authentication) {
+        return authentication;
+    }
+
+}

src/main/java/pl/pateman/springbootreactbootstrapauthstarter/security/JSONAuthenticationFilter.java

@@ -29,7 +29,9 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
              InputStreamReader isr = new InputStreamReader(is);
              JsonReader jsonReader = new JsonReader(isr)) {
             JSONAuthenticationForm form = gson.fromJson(jsonReader, JSONAuthenticationForm.class);
-
+            if (form == null) {
+                return null;
+            }
             authRequest = new JSONAuthenticationToken(form.getUsername(), form.getPassword(), form.isRememberMe());
         } catch (IOException e) {
             authRequest = new JSONAuthenticationToken("", "", false);