fix
This commit is contained in:
parent
5281d7a49a
commit
c8e5023ec1
7 changed files with 94 additions and 17 deletions
12
build.gradle
12
build.gradle
|
@ -28,7 +28,7 @@ licenseReport {
|
|||
sourceSets {
|
||||
main {
|
||||
java {
|
||||
if (System.getenv('DOCKER_ENABLE_SECURITY') != 'falsesss') {
|
||||
if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false') {
|
||||
exclude 'stirling/software/SPDF/config/security/**'
|
||||
exclude 'stirling/software/SPDF/controller/api/UserController.java'
|
||||
exclude 'stirling/software/SPDF/controller/web/AccountWebController.java'
|
||||
|
@ -85,11 +85,6 @@ spotless {
|
|||
}
|
||||
}
|
||||
|
||||
compileJava {
|
||||
options.compilerArgs += '-parameters'
|
||||
}
|
||||
|
||||
|
||||
dependencies {
|
||||
//security updates
|
||||
implementation 'ch.qos.logback:logback-classic:1.4.14'
|
||||
|
@ -100,7 +95,7 @@ dependencies {
|
|||
implementation 'org.springframework.boot:spring-boot-starter-web:3.2.1'
|
||||
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf:3.2.1'
|
||||
|
||||
if (System.getenv('DOCKER_ENABLE_SECURITY') == 'falseee') {
|
||||
if (System.getenv('DOCKER_ENABLE_SECURITY') != 'false') {
|
||||
implementation 'org.springframework.boot:spring-boot-starter-security:3.2.1'
|
||||
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.2.RELEASE'
|
||||
implementation "org.springframework.boot:spring-boot-starter-data-jpa:3.2.1"
|
||||
|
@ -169,6 +164,9 @@ dependencies {
|
|||
tasks.withType(JavaCompile) {
|
||||
dependsOn 'spotlessApply'
|
||||
}
|
||||
compileJava {
|
||||
options.compilerArgs << ' -parameters'
|
||||
}
|
||||
|
||||
task writeVersion {
|
||||
def propsFile = file('src/main/resources/version.properties')
|
||||
|
|
|
@ -13,6 +13,7 @@ import org.springframework.security.core.Authentication;
|
|||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
@ -20,13 +21,19 @@ import org.springframework.web.bind.annotation.RequestParam;
|
|||
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
||||
import org.springframework.web.servlet.view.RedirectView;
|
||||
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import stirling.software.SPDF.config.security.UserService;
|
||||
import stirling.software.SPDF.model.Role;
|
||||
import stirling.software.SPDF.model.User;
|
||||
import stirling.software.SPDF.model.api.misc.OptimizePdfRequest;
|
||||
import stirling.software.SPDF.model.api.user.UpdateUserDetails;
|
||||
import stirling.software.SPDF.model.api.user.UsernameAndPass;
|
||||
|
||||
@Controller
|
||||
@Tag(name = "User", description = "User APIs")
|
||||
@RequestMapping("/api/v1/user")
|
||||
public class UserController {
|
||||
|
||||
|
@ -35,13 +42,13 @@ public class UserController {
|
|||
@PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
|
||||
@PostMapping("/register")
|
||||
public String register(
|
||||
@RequestParam String username, @RequestParam String password, Model model) {
|
||||
if (userService.usernameExists(username)) {
|
||||
@ModelAttribute UsernameAndPass requestModel, Model model) {
|
||||
if (userService.usernameExists(requestModel.getUsername())) {
|
||||
model.addAttribute("error", "Username already exists");
|
||||
return "register";
|
||||
}
|
||||
|
||||
userService.saveUser(username, password);
|
||||
userService.saveUser(requestModel.getUsername(), requestModel.getPassword());
|
||||
return "redirect:/login?registered=true";
|
||||
}
|
||||
|
||||
|
@ -49,12 +56,18 @@ public class UserController {
|
|||
@PostMapping("/change-username-and-password")
|
||||
public RedirectView changeUsernameAndPassword(
|
||||
Principal principal,
|
||||
@RequestParam String currentPassword,
|
||||
@RequestParam String newUsername,
|
||||
@RequestParam String newPassword,
|
||||
@ModelAttribute UpdateUserDetails requestModel,
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
RedirectAttributes redirectAttributes) {
|
||||
|
||||
|
||||
String currentPassword = requestModel.getPassword();
|
||||
String newPassword = requestModel.getNewPassword();
|
||||
String newUsername = requestModel.getNewUsername();
|
||||
|
||||
System.out.println(currentPassword);
|
||||
System.out.println(newPassword);
|
||||
if (principal == null) {
|
||||
return new RedirectView("/change-creds?messageType=notAuthenticated");
|
||||
}
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
package stirling.software.SPDF.model.api.user;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@EqualsAndHashCode(callSuper = true)
|
||||
public class UpdateUserDetails extends UpdateUserUsername {
|
||||
|
||||
@Schema(description = "new password for user")
|
||||
private String newPassword;
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
package stirling.software.SPDF.model.api.user;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@EqualsAndHashCode(callSuper = true)
|
||||
public class UpdateUserUsername extends UsernameAndPass {
|
||||
|
||||
@Schema(description = "new password for user")
|
||||
private String newUsername;
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
package stirling.software.SPDF.model.api.user;
|
||||
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Data
|
||||
@EqualsAndHashCode
|
||||
@NoArgsConstructor
|
||||
public class Username {
|
||||
|
||||
@Schema(description = "username of user")
|
||||
private String username;
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
package stirling.software.SPDF.model.api.user;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@EqualsAndHashCode(callSuper = true)
|
||||
public class UsernameAndPass extends Username {
|
||||
|
||||
@Schema(description = "password of user")
|
||||
private String password;
|
||||
}
|
|
@ -39,12 +39,12 @@
|
|||
<h4 th:text="#{changeCreds.changeUserAndPassword}">Change Username and password</h4>
|
||||
<form action="api/v1/user/change-username-and-password" method="post">
|
||||
<div class="mb-3">
|
||||
<label for="newUsername" th:text="#{changeCreds.newUsername}">New Username</label>
|
||||
<input type="text" class="form-control" name="newUsername" id="newUsername" th:placeholder="${username}">
|
||||
<label for="username" th:text="#{changeCreds.username}">New Username</label>
|
||||
<input type="text" class="form-control" name="username" id="username" th:placeholder="${username}">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="currentPassword" th:text="#{changeCreds.oldPassword}">Old Password</label>
|
||||
<input type="password" class="form-control" name="currentPassword" id="currentPasswordPassword" th:placeholder="#{changeCreds.oldPassword}">
|
||||
<label for="password" th:text="#{changeCreds.oldPassword}">Old Password</label>
|
||||
<input type="password" class="form-control" name="password" id="password" th:placeholder="#{changeCreds.oldPassword}">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="newPassword" th:text="#{changeCreds.newPassword}">New Password</label>
|
||||
|
|
Loading…
Reference in a new issue