fix
This commit is contained in:
Anthony Stirling
parent
5281d7a49a
commit
c8e5023ec1
7 changed files with 94 additions and 17 deletions
12
build.gradle
12
build.gradle
|
|
@ -28,7 +28,7 @@ licenseReport {
|
||||||
sourceSets {
|
sourceSets {
|
||||||
main {
|
main {
|
||||||
java {
|
java {
|
||||||
if (System.getenv('DOCKER_ENABLE_SECURITY') != 'falsesss') {
|
if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false') {
|
||||||
exclude 'stirling/software/SPDF/config/security/**'
|
exclude 'stirling/software/SPDF/config/security/**'
|
||||||
exclude 'stirling/software/SPDF/controller/api/UserController.java'
|
exclude 'stirling/software/SPDF/controller/api/UserController.java'
|
||||||
exclude 'stirling/software/SPDF/controller/web/AccountWebController.java'
|
exclude 'stirling/software/SPDF/controller/web/AccountWebController.java'
|
||||||
|
|
@ -85,11 +85,6 @@ spotless {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
compileJava {
|
|
||||||
options.compilerArgs += '-parameters'
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
dependencies {
|
dependencies {
|
||||||
//security updates
|
//security updates
|
||||||
implementation 'ch.qos.logback:logback-classic:1.4.14'
|
implementation 'ch.qos.logback:logback-classic:1.4.14'
|
||||||
|
|
@ -100,7 +95,7 @@ dependencies {
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-web:3.2.1'
|
implementation 'org.springframework.boot:spring-boot-starter-web:3.2.1'
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf:3.2.1'
|
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf:3.2.1'
|
||||||
|
|
||||||
if (System.getenv('DOCKER_ENABLE_SECURITY') == 'falseee') {
|
if (System.getenv('DOCKER_ENABLE_SECURITY') != 'false') {
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-security:3.2.1'
|
implementation 'org.springframework.boot:spring-boot-starter-security:3.2.1'
|
||||||
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.2.RELEASE'
|
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.2.RELEASE'
|
||||||
implementation "org.springframework.boot:spring-boot-starter-data-jpa:3.2.1"
|
implementation "org.springframework.boot:spring-boot-starter-data-jpa:3.2.1"
|
||||||
|
|
@ -169,6 +164,9 @@ dependencies {
|
||||||
tasks.withType(JavaCompile) {
|
tasks.withType(JavaCompile) {
|
||||||
dependsOn 'spotlessApply'
|
dependsOn 'spotlessApply'
|
||||||
}
|
}
|
||||||
|
compileJava {
|
||||||
|
options.compilerArgs << ' -parameters'
|
||||||
|
}
|
||||||
|
|
||||||
task writeVersion {
|
task writeVersion {
|
||||||
def propsFile = file('src/main/resources/version.properties')
|
def propsFile = file('src/main/resources/version.properties')
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.ui.Model;
|
import org.springframework.ui.Model;
|
||||||
|
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||||
import org.springframework.web.bind.annotation.PathVariable;
|
import org.springframework.web.bind.annotation.PathVariable;
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
|
|
@ -20,13 +21,19 @@ import org.springframework.web.bind.annotation.RequestParam;
|
||||||
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
||||||
import org.springframework.web.servlet.view.RedirectView;
|
import org.springframework.web.servlet.view.RedirectView;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||||
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import stirling.software.SPDF.config.security.UserService;
|
import stirling.software.SPDF.config.security.UserService;
|
||||||
import stirling.software.SPDF.model.Role;
|
import stirling.software.SPDF.model.Role;
|
||||||
import stirling.software.SPDF.model.User;
|
import stirling.software.SPDF.model.User;
|
||||||
|
import stirling.software.SPDF.model.api.misc.OptimizePdfRequest;
|
||||||
|
import stirling.software.SPDF.model.api.user.UpdateUserDetails;
|
||||||
|
import stirling.software.SPDF.model.api.user.UsernameAndPass;
|
||||||
|
|
||||||
@Controller
|
@Controller
|
||||||
|
@Tag(name = "User", description = "User APIs")
|
||||||
@RequestMapping("/api/v1/user")
|
@RequestMapping("/api/v1/user")
|
||||||
public class UserController {
|
public class UserController {
|
||||||
|
|
||||||
|
|
@ -35,13 +42,13 @@ public class UserController {
|
||||||
@PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
|
@PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
|
||||||
@PostMapping("/register")
|
@PostMapping("/register")
|
||||||
public String register(
|
public String register(
|
||||||
@RequestParam String username, @RequestParam String password, Model model) {
|
@ModelAttribute UsernameAndPass requestModel, Model model) {
|
||||||
if (userService.usernameExists(username)) {
|
if (userService.usernameExists(requestModel.getUsername())) {
|
||||||
model.addAttribute("error", "Username already exists");
|
model.addAttribute("error", "Username already exists");
|
||||||
return "register";
|
return "register";
|
||||||
}
|
}
|
||||||
|
|
||||||
userService.saveUser(username, password);
|
userService.saveUser(requestModel.getUsername(), requestModel.getPassword());
|
||||||
return "redirect:/login?registered=true";
|
return "redirect:/login?registered=true";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -49,12 +56,18 @@ public class UserController {
|
||||||
@PostMapping("/change-username-and-password")
|
@PostMapping("/change-username-and-password")
|
||||||
public RedirectView changeUsernameAndPassword(
|
public RedirectView changeUsernameAndPassword(
|
||||||
Principal principal,
|
Principal principal,
|
||||||
@RequestParam String currentPassword,
|
@ModelAttribute UpdateUserDetails requestModel,
|
||||||
@RequestParam String newUsername,
|
|
||||||
@RequestParam String newPassword,
|
|
||||||
HttpServletRequest request,
|
HttpServletRequest request,
|
||||||
HttpServletResponse response,
|
HttpServletResponse response,
|
||||||
RedirectAttributes redirectAttributes) {
|
RedirectAttributes redirectAttributes) {
|
||||||
|
|
||||||
|
|
||||||
|
String currentPassword = requestModel.getPassword();
|
||||||
|
String newPassword = requestModel.getNewPassword();
|
||||||
|
String newUsername = requestModel.getNewUsername();
|
||||||
|
|
||||||
|
System.out.println(currentPassword);
|
||||||
|
System.out.println(newPassword);
|
||||||
if (principal == null) {
|
if (principal == null) {
|
||||||
return new RedirectView("/change-creds?messageType=notAuthenticated");
|
return new RedirectView("/change-creds?messageType=notAuthenticated");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
package stirling.software.SPDF.model.api.user;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.EqualsAndHashCode;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@NoArgsConstructor
|
||||||
|
@EqualsAndHashCode(callSuper = true)
|
||||||
|
public class UpdateUserDetails extends UpdateUserUsername {
|
||||||
|
|
||||||
|
@Schema(description = "new password for user")
|
||||||
|
private String newPassword;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
package stirling.software.SPDF.model.api.user;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.EqualsAndHashCode;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@NoArgsConstructor
|
||||||
|
@EqualsAndHashCode(callSuper = true)
|
||||||
|
public class UpdateUserUsername extends UsernameAndPass {
|
||||||
|
|
||||||
|
@Schema(description = "new password for user")
|
||||||
|
private String newUsername;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,18 @@
|
||||||
|
package stirling.software.SPDF.model.api.user;
|
||||||
|
|
||||||
|
import org.springframework.web.multipart.MultipartFile;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.EqualsAndHashCode;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@EqualsAndHashCode
|
||||||
|
@NoArgsConstructor
|
||||||
|
public class Username {
|
||||||
|
|
||||||
|
@Schema(description = "username of user")
|
||||||
|
private String username;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
package stirling.software.SPDF.model.api.user;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.EqualsAndHashCode;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@NoArgsConstructor
|
||||||
|
@EqualsAndHashCode(callSuper = true)
|
||||||
|
public class UsernameAndPass extends Username {
|
||||||
|
|
||||||
|
@Schema(description = "password of user")
|
||||||
|
private String password;
|
||||||
|
}
|
||||||
|
|
@ -39,12 +39,12 @@
|
||||||
<h4 th:text="#{changeCreds.changeUserAndPassword}">Change Username and password</h4>
|
<h4 th:text="#{changeCreds.changeUserAndPassword}">Change Username and password</h4>
|
||||||
<form action="api/v1/user/change-username-and-password" method="post">
|
<form action="api/v1/user/change-username-and-password" method="post">
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
<label for="newUsername" th:text="#{changeCreds.newUsername}">New Username</label>
|
<label for="username" th:text="#{changeCreds.username}">New Username</label>
|
||||||
<input type="text" class="form-control" name="newUsername" id="newUsername" th:placeholder="${username}">
|
<input type="text" class="form-control" name="username" id="username" th:placeholder="${username}">
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
<label for="currentPassword" th:text="#{changeCreds.oldPassword}">Old Password</label>
|
<label for="password" th:text="#{changeCreds.oldPassword}">Old Password</label>
|
||||||
<input type="password" class="form-control" name="currentPassword" id="currentPasswordPassword" th:placeholder="#{changeCreds.oldPassword}">
|
<input type="password" class="form-control" name="password" id="password" th:placeholder="#{changeCreds.oldPassword}">
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
<label for="newPassword" th:text="#{changeCreds.newPassword}">New Password</label>
|
<label for="newPassword" th:text="#{changeCreds.newPassword}">New Password</label>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue