Merge pull request #9 from ConnorMarcus/Login-Setup

Login setup

pom.xml

@@ -52,6 +52,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-thymeleaf</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
     </dependencies>
     <build>
         <plugins>

src/main/java/sysc4806/project/Configuration.java

@@ -0,0 +1,37 @@
+package sysc4806.project;
+
+
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+
+@org.springframework.context.annotation.Configuration
+@EnableWebSecurity
+public class Configuration {
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests((authorizeRequests) ->
+                        authorizeRequests
+                                .requestMatchers("/register/**", "/loginHandler").permitAll()
+                                .requestMatchers(PathRequest.toStaticResources().atCommonLocations())
+                                .permitAll()
+                                .anyRequest()
+                                .authenticated()
+                )
+                .formLogin((formLogin) -> formLogin.loginPage("/login").permitAll())
+                .logout((logout) -> logout.logoutSuccessUrl("/login").permitAll());
+        return http.build();
+    }
+
+    @Bean
+    public PasswordEncoder encoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

src/main/java/sysc4806/project/Main.java

@@ -1,17 +1,11 @@
 package sysc4806.project;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
 public class Main {
-    private static final Logger log = LoggerFactory.getLogger(Main.class);
-
     public static void main(String[] args) {
         SpringApplication.run(Main.class, args);
-
     }
 }

src/main/java/sysc4806/project/controllers/HomePageController.java

@@ -0,0 +1,12 @@
+package sysc4806.project.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class HomePageController {
+    @GetMapping(path = "/home")
+    public String getHomePage() {
+        return "home";
+    }
+}

src/main/java/sysc4806/project/controllers/LoginController.java

@@ -0,0 +1,53 @@
+package sysc4806.project.controllers;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import sysc4806.project.models.ApplicationUser;
+import sysc4806.project.models.UserDetails;
+import sysc4806.project.repositories.ApplicationUserRepository;
+
+import static org.springframework.security.web.context.HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY;
+
+@Controller
+public class LoginController {
+    @Autowired
+    private ApplicationUserRepository userRepository;
+
+    @Autowired
+    private PasswordEncoder passwordEncoder;
+
+    @GetMapping(path = "/login")
+    public String login() {
+        return "login";
+    }
+
+    @PostMapping(path = "/loginHandler")
+    public String logUserIn(HttpServletRequest req, @RequestParam(name = "email") String email, @RequestParam(name = "password") String password) {
+        ApplicationUser user = userRepository.findApplicationUserByEmail(email);
+        if (user != null && passwordEncoder.matches(password, user.getPassword())) {
+            UserDetails userDetails = new UserDetails(
+                    user.getEmail(),
+                    user.getPassword(),
+                    SecurityContextHolder.getContext().getAuthentication().getAuthorities(),
+                    user.getId()
+            );
+
+            SecurityContext sc = SecurityContextHolder.getContext();
+            sc.setAuthentication(new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities()));
+            HttpSession session = req.getSession(true);
+            session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, sc);
+            return "redirect:/home";
+        }
+        return "redirect:/login?error";
+    }
+
+}

src/main/java/sysc4806/project/controllers/RegisterController.java

@@ -0,0 +1,54 @@
+package sysc4806.project.controllers;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import sysc4806.project.models.Professor;
+import sysc4806.project.models.Student;
+import sysc4806.project.repositories.ApplicationUserRepository;
+
+@Controller
+public class RegisterController {
+    @Autowired
+    private ApplicationUserRepository userRepository;
+    @Autowired
+    private PasswordEncoder passwordEncoder;
+
+    @GetMapping(path ="/register/Professor")
+    public String registerProf(Model model) {
+        Professor professor = new Professor();
+        model.addAttribute("professor", professor);
+        return "professorRegister";
+    }
+
+    @GetMapping(path ="/register/Student")
+    public String registerStudent(Model model) {
+        Student student = new Student();
+        model.addAttribute("student", student);
+        return "studentRegister";
+    }
+
+    @PostMapping(path = "/register/Professor")
+    public String createProfessor(@ModelAttribute Professor professor) {
+        if (userRepository.findApplicationUserByEmail(professor.getEmail()) != null) {
+            return "redirect:/register/Professor?error";
+        }
+        professor.setPassword(passwordEncoder.encode(professor.getPassword()));
+        userRepository.save(professor);
+        return "login";
+    }
+
+    @PostMapping(path = "/register/Student")
+    public String createStudent(@ModelAttribute Student student) {
+        if (userRepository.findApplicationUserByEmail(student.getEmail()) != null) {
+            return "redirect:/register/Student?error";
+        }
+        student.setPassword(passwordEncoder.encode(student.getPassword()));
+        userRepository.save(student);
+        return "login";
+    }
+}

src/main/java/sysc4806/project/models/ApplicationUser.java

@@ -0,0 +1,90 @@
+package sysc4806.project.models;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.Id;
+
+@Entity
+public class ApplicationUser {
+    @Id
+    @GeneratedValue
+    private long id;
+
+    private String name;
+
+    private String email;
+
+    private String password;
+
+    public ApplicationUser() {}
+
+    public ApplicationUser(String name, String email, String password) {
+        this.name = name;
+        this.email = email;
+        this.password = password;
+    }
+
+    /**
+     * Get student's id
+     * @return long
+     */
+    public long getId() {
+        return id;
+    }
+
+    /**
+     * Set student's id
+     * @param id long
+     */
+    public void setId(long id) {
+        this.id = id;
+    }
+
+    /**
+     * Get student's name
+     * @return String
+     */
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * Set student's name
+     * @param name String
+     */
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    /**
+     * Get student's email
+     * @return String
+     */
+    public String getEmail() {
+        return email;
+    }
+
+    /**
+     * Set student's email
+     * @param email String
+     */
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    /**
+     * Get student's password
+     * @return String
+     */
+    public String getPassword() {
+        return password;
+    }
+
+    /**
+     * Set student's password
+     * @param password String
+     */
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}