ShopifySecurity

4 years ago · 7138d36a94
9 changed files with 185 additions and 51 deletions
--- a/Shopify-Cart/src/main/java/com/shopify/cart/SecurityConfig.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/SecurityConfig.java
@ -0,0 +1,53 @@
+package com.shopify.cart;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import com.shopify.cart.service.MyUserDetailsService;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter{
+
+	@Autowired
+	private MyUserDetailsService myUserDetailsService;
+	
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.authorizeRequests()
+		.antMatchers("/sign-up").permitAll()
+		.antMatchers("/login").authenticated()
+		.and()
+		.httpBasic();
+		http.cors();
+		http.csrf().disable();
+	}
+	
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+		auth.authenticationProvider(getAuthenticator());
+	}
+
+	private DaoAuthenticationProvider getAuthenticator() {
+		DaoAuthenticationProvider dao = new DaoAuthenticationProvider();
+		dao.setUserDetailsService(myUserDetailsService);
+		dao.setPasswordEncoder(getPasswordEncoder());
+		return dao;
+	}
+
+	@Primary
+	@Bean
+	public PasswordEncoder getPasswordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+
+}
--- a/Shopify-Cart/src/main/java/com/shopify/cart/ShopifyCartApplication.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/ShopifyCartApplication.java
@ -5,7 +5,6 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
-@EnableAutoConfiguration(exclude = org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class)
 public class ShopifyCartApplication {

 	public static void main(String[] args) {
--- a/Shopify-Cart/src/main/java/com/shopify/cart/controller/ProductController.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/controller/ProductController.java
@ -22,56 +22,50 @@ public class ProductController {
 	@Autowired
 	private ProductRepository productRepository;
 	
-	//to add a product
 	@PostMapping("/product")
 	public Product postProduct(@RequestBody Product product) {
 		return productRepository.save(product);
 	}

-	
-	//to get all the products
 	@GetMapping("/product")
-	public List<Product> getALlProducts() {
+	public List<Product> getAllProducts() {
 		return productRepository.findAll();
 	}
 	
+	@GetMapping("/product/trending")
+	public List<Product> getAllTrendingProducts() {
+		return productRepository.findAllByTrending();
+	}
+	
+	@GetMapping("/product/{pid}")
+	public Product getProductById(@PathVariable("pid") Long pid) {
+		return productRepository.getById(pid);
+	}
+	
+	@GetMapping("/product/name/{name}")
+	public List<Product> showProduct(@PathVariable String name)
+	{
+		return productRepository.findAllByName(name); 
+	}
 	
 	//to update any product details
-	 @PutMapping("/product/{id}")
-	  public Product updateProduct(@RequestBody Product productModel, @PathVariable long id) {
-	        Product oldProduct = productRepository.findById(id);
-	        oldProduct.setName(productModel.getName());
-	        oldProduct.setDescription(productModel.getDescription());
-	        oldProduct.setRating(productModel.getRating());
-	        oldProduct.setMarketRetailPrice(productModel.getMarketRetailPrice());
-	        oldProduct.setDiscount(productModel.getDiscount());
-	        oldProduct.setDiscountedPrice(productModel.getDiscountedPrice());
-	        oldProduct.setTrending(productModel.getTrending());
-	        return productRepository.save(oldProduct);
-	    }
-	 
-	 
-	 //to delete any product 
+	@PutMapping("/product/{id}")
+	public Product updateProduct(@RequestBody Product productModel, @PathVariable long id) {
+		Product oldProduct = productRepository.getById(id);
+		oldProduct.setName(productModel.getName());
+		oldProduct.setDescription(productModel.getDescription());
+		oldProduct.setRating(productModel.getRating());
+		oldProduct.setMarketRetailPrice(productModel.getMarketRetailPrice());
+		oldProduct.setDiscount(productModel.getDiscount());
+		oldProduct.setDiscountedPrice(productModel.getDiscountedPrice());
+		oldProduct.setTrending(productModel.getTrending());
+		return productRepository.save(oldProduct);
+	}
+	
 	 @DeleteMapping("/product/{id}")
     public void deleteAllDetails(@PathVariable long id)
     {
 		 productRepository.deleteById(id);
    	 
-      }
-	 
-
-	 //to get a product by product name 
-	 @GetMapping("/product/{name}")
-	 public List<Product> showProduct(@PathVariable String name)
-	 {
-		 return productRepository.findAllByName(name);
-	 
-	 }
-	 
-	 @GetMapping("/product/trending")
-		public List<Product> getAllTrendingProducts() {
-			return productRepository.findAllByTrending();
-		}
-	 
+     }
 }
-
--- a/Shopify-Cart/src/main/java/com/shopify/cart/controller/UserController.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/controller/UserController.java
@ -1,8 +1,11 @@
 package com.shopify.cart.controller;

+import java.security.Principal;
+import java.util.Base64;
 import java.util.List;

 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@ -21,12 +24,35 @@ public class UserController {
 	@Autowired
 	private UserRepository userRepository;
 	
-	@PostMapping("/user")
+	@Autowired
+	private PasswordEncoder passwordEncoder;
+	
+	@PostMapping("/sign-up")
 	public User postUser(@RequestBody User user) {
+		String code = user.getUsername();
+		String username = new String(Base64.getDecoder().decode(code)).split(":")[0];
+		String password = new String(Base64.getDecoder().decode(code)).split(":")[1];
+		user.setUsername(username);
+		user.setPassword(password);
+		String encPassword = passwordEncoder.encode(password);
+		user.setPassword(encPassword);
 		return userRepository.save(user);
 	}
 	
-	@GetMapping("/users")
+	@GetMapping("/login")
+	public Principal login(Principal p) {
+		if (p.getName() == null) {
+			throw new Error("Invalid Credentials");
+		}
+		return p;
+	}
+	
+	@GetMapping("/user/name/{username}")
+	public User getUserByName(@PathVariable("username") String username) {
+		return userRepository.getByUsername(username);
+	}
+	
+	@GetMapping("/user")
 	public List<User> getALlUsers() {
 		return userRepository.findAll();
 	}
@ -54,9 +80,7 @@ public class UserController {
 	    }
 	
 	 @DeleteMapping("/user/{uid}")
-     public void deleteAllDetails(@PathVariable long uid)
-     {
-		 userRepository.deleteById(uid);
-    	 
-      }
+     public void deleteAllDetails(@PathVariable long uid){
+		 userRepository.deleteById(uid);	 
+     }
 }
--- a/Shopify-Cart/src/main/java/com/shopify/cart/model/User.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/model/User.java
@ -1,12 +1,18 @@
 package com.shopify.cart.model;

+import java.util.Collection;
+
 import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
+import javax.persistence.UniqueConstraint;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;

@Entity
-public class User {
+public class User implements UserDetails{

 	@Id
 	@GeneratedValue(strategy = GenerationType.AUTO)
@ -110,4 +116,33 @@ public class User {
 		this.pinCode = pinCode;
 	}

+	@Override
+	public Collection<? extends GrantedAuthority> getAuthorities() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public boolean isAccountNonExpired() {
+		// TODO Auto-generated method stub
+		return true;
+	}
+
+	@Override
+	public boolean isAccountNonLocked() {
+		// TODO Auto-generated method stub
+		return true;
+	}
+
+	@Override
+	public boolean isCredentialsNonExpired() {
+		// TODO Auto-generated method stub
+		return true;
+	}
+
+	@Override
+	public boolean isEnabled() {
+		// TODO Auto-generated method stub
+		return true;
+	}
 }
--- a/Shopify-Cart/src/main/java/com/shopify/cart/repository/ProductRepository.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/repository/ProductRepository.java
@ -8,10 +8,8 @@ import org.springframework.data.jpa.repository.Query;
 import com.shopify.cart.model.Product;

 public interface ProductRepository extends JpaRepository<Product, Long> {
-
-	public Product findById(long id);
-	public void deleteById(long id);
-	public List<Product> findAllByName(String name);
+	
+	List<Product> findAllByName(String name);
 	
 	@Query("select p from Product p where p.trending=true")
 	List<Product> findAllByTrending();
--- a/Shopify-Cart/src/main/java/com/shopify/cart/repository/UserRepository.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/repository/UserRepository.java
@ -1,6 +1,7 @@
 package com.shopify.cart.repository;

 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;

 import com.shopify.cart.model.User;

@ -8,4 +9,7 @@ public interface UserRepository extends JpaRepository<User, Long> {

 	public void deleteById(long uid);
 	public User findById(long uid);
+	
+	@Query("select u from User u where u.username=?1")
+	User getByUsername(String username);
 }
--- a/Shopify-Cart/src/main/java/com/shopify/cart/service/MyUserDetailsService.java
+++ b/Shopify-Cart/src/main/java/com/shopify/cart/service/MyUserDetailsService.java
@ -0,0 +1,25 @@
+package com.shopify.cart.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import com.shopify.cart.model.User;
+import com.shopify.cart.repository.UserRepository;
+
+@Service
+public class MyUserDetailsService implements UserDetailsService {
+
+	@Autowired
+	private UserRepository userRepository;
+	
+	@Override
+	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+		User user = userRepository.getByUsername(username);
+		return user;
+	}
+
+	
+}
--- a/Shopify-Cart/src/main/resources/application.properties
+++ b/Shopify-Cart/src/main/resources/application.properties
@ -1,9 +1,11 @@
 server.port=8001

-spring.datasource.url=jdbc:mysql://10.3.117.26:3306/Shopify_DB?createDatabaseIfNotExist=true
-spring.datasource.username=testuser
+spring.datasource.url=jdbc:mysql://10.3.117.22:3306/Shopify_DB?createDatabaseIfNotExist=true
+spring.datasource.username=testuser1
 spring.datasource.password=PASSWORD123

+server.servlet.context-path=/api1
+
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect

 spring.jpa.hibernate.ddl-auto=update