iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add spring registration front end

This commit is contained in:
DOHA 2015-03-06 21:20:05 +02:00
parent e86cc290fe
commit 87283a97f9
65 changed files with 3444 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
spring-security-login-and-registration-frontend/.classpath Normal file
View File

@ -0,0 +1,32 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

48
spring-security-login-and-registration-frontend/.project Normal file
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-login-and-registration-frontend</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

192
spring-security-login-and-registration-frontend/pom.xml Normal file
View File

@ -0,0 +1,192 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-login-and-registration-frontend</artifactId>
<name>spring-security-login-and-registration-frontend</name>
<packaging>war</packaging>
<version>1.0.1-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.1.10.RELEASE</version>
</parent>
<dependencies>
<!-- Spring -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<scope>runtime</scope>
</dependency>
<!-- <dependency> -->
<!-- <groupId>javax.inject</groupId> -->
<!-- <artifactId>javax.inject</artifactId> -->
<!-- <version>${javax.inject.version}</version> -->
<!-- </dependency> -->
<!-- Servlet -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>javax.servlet.jsp-api</artifactId>
<version>${javax.servlet.jsp-api.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
</dependency>
<dependency>
<groupId>javax.el</groupId>
<artifactId>el-api</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>4.1.4.RELEASE</version>
<scope>test</scope>
</dependency>
<!-- Spring Data JPA dependencies -->
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
</dependency>
<!-- <dependency> -->
<!-- <groupId>xml-apis</groupId> -->
<!-- <artifactId>xml-apis</artifactId> -->
<!-- <version>1.4.01</version> -->
<!-- </dependency> -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
</dependency>
<!-- DB dependencies -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
<version>1.4.7</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>${guava.version}</version>
</dependency>
<!-- logging -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<!-- <scope>runtime</scope> --> <!-- some spring dependencies need to compile against jcl -->
</dependency>
<dependency> <!-- needed to bridge to slf4j for projects that use the log4j APIs directly -->
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
</dependency>
<!-- test -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<finalName>spring-security-login-and-registration-frontend</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${java-version}</source>
<target>${java-version}</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
</plugin>
</plugins>
</build>
<properties>
<java-version>1.7</java-version>
<org.springframework-version>3.1.4.RELEASE</org.springframework-version>
<org.springframework.security.version>3.2.5.RELEASE</org.springframework.security.version>
<!-- logging -->
<org.slf4j.version>1.7.7</org.slf4j.version>
<logback.version>1.1.2</logback.version>
<!-- javax jsp -->
<javax.servlet.jsp-api.version>2.3.2-b01</javax.servlet.jsp-api.version>
<!-- Inject -->
<javax.inject.version>1</javax.inject.version>
<!-- Spring Data Jpa -->
<spring-data-jpa.version>1.7.1.RELEASE</spring-data-jpa.version>
<!-- guava -->
<guava.version>18.0</guava.version>
</properties>
</project>

12
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/dao/PasswordResetTokenRepository.java Normal file
View File

@ -0,0 +1,12 @@
package org.baeldung.persistence.dao;
import org.baeldung.persistence.model.PasswordResetToken;
import org.baeldung.persistence.model.User;
import org.springframework.data.jpa.repository.JpaRepository;
public interface PasswordResetTokenRepository extends JpaRepository<PasswordResetToken, Long> {
public PasswordResetToken findByToken(String token);
public PasswordResetToken findByUser(User user);
}

10
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/dao/PrivilegeRepository.java Normal file
View File

@ -0,0 +1,10 @@
package org.baeldung.persistence.dao;
import org.baeldung.persistence.model.Privilege;
import org.springframework.data.jpa.repository.JpaRepository;
public interface PrivilegeRepository extends JpaRepository<Privilege, Long> {
public Privilege findByName(String name);
public void delete(Privilege privilege);
}

10
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/dao/RoleRepository.java Normal file
View File

@ -0,0 +1,10 @@
package org.baeldung.persistence.dao;
import org.baeldung.persistence.model.Role;
import org.springframework.data.jpa.repository.JpaRepository;
public interface RoleRepository extends JpaRepository<Role, Long> {
public Role findByName(String name);
public void delete(Role role);
}

11
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/dao/UserRepository.java Normal file
View File

@ -0,0 +1,11 @@
package org.baeldung.persistence.dao;
import org.springframework.data.jpa.repository.JpaRepository;
import org.baeldung.persistence.model.User;
public interface UserRepository extends JpaRepository<User, Long> {
public User findByEmail(String email);
public void delete(User user);
}

12
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/dao/VerificationTokenRepository.java Normal file
View File

@ -0,0 +1,12 @@
package org.baeldung.persistence.dao;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.model.VerificationToken;
import org.springframework.data.jpa.repository.JpaRepository;
public interface VerificationTokenRepository extends JpaRepository<VerificationToken, Long> {
public VerificationToken findByToken(String token);
public VerificationToken findByUser(User user);
}

132
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/model/PasswordResetToken.java Normal file
View File

@ -0,0 +1,132 @@
package org.baeldung.persistence.model;
import java.util.Calendar;
import java.util.Date;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.OneToOne;
@Entity
public class PasswordResetToken {
private static final int EXPIRATION = 60 * 24;
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
private String token;
@OneToOne(targetEntity = User.class, fetch = FetchType.EAGER)
@JoinColumn(nullable = false, name = "user_id")
private User user;
private Date expiryDate;
public PasswordResetToken() {
super();
}
public PasswordResetToken(String token) {
super();
this.token = token;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
public PasswordResetToken(String token, User user) {
super();
this.token = token;
this.user = user;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public Date getExpiryDate() {
return expiryDate;
}
public void setExpiryDate(Date expiryDate) {
this.expiryDate = expiryDate;
}
private Date calculateExpiryDate(int expiryTimeInMinutes) {
Calendar cal = Calendar.getInstance();
cal.setTimeInMillis(new Date().getTime());
cal.add(Calendar.MINUTE, expiryTimeInMinutes);
return new Date(cal.getTime().getTime());
}
public void updateToken(String token) {
this.token = token;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
//
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((expiryDate == null) ? 0 : expiryDate.hashCode());
result = prime * result + ((token == null) ? 0 : token.hashCode());
result = prime * result + ((user == null) ? 0 : user.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
PasswordResetToken other = (PasswordResetToken) obj;
if (expiryDate == null) {
if (other.expiryDate != null)
return false;
} else if (!expiryDate.equals(other.expiryDate))
return false;
if (token == null) {
if (other.token != null)
return false;
} else if (!token.equals(other.token))
return false;
if (user == null) {
if (other.user != null)
return false;
} else if (!user.equals(other.user))
return false;
return true;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("Token [String=").append(token).append("]").append("[Expires").append(expiryDate).append("]");
return builder.toString();
}
}

83
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/model/Privilege.java Normal file
View File

@ -0,0 +1,83 @@
package org.baeldung.persistence.model;
import java.util.Collection;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.ManyToMany;
@Entity
public class Privilege {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
private String name;
@ManyToMany(mappedBy = "privileges")
private Collection<Role> roles;
public Privilege() {
super();
}
public Privilege(String name) {
super();
this.name = name;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Collection<Role> getRoles() {
return roles;
}
public void setRoles(Collection<Role> roles) {
this.roles = roles;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((name == null) ? 0 : name.hashCode());
return result;
}
@Override
public boolean equals(final Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final Privilege privilege = (Privilege) obj;
if (!privilege.equals(privilege.name))
return false;
return true;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("Privilege [name=").append(name).append("]").append("[id=").append(id).append("]");
return builder.toString();
}
}

98
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/model/Role.java Normal file
View File

@ -0,0 +1,98 @@
package org.baeldung.persistence.model;
import java.util.Collection;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.JoinColumn;
@Entity
public class Role {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@ManyToMany(mappedBy = "roles")
private Collection<User> users;
@ManyToMany
@JoinTable(name = "roles_privileges", joinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id"), inverseJoinColumns = @JoinColumn(name = "privilege_id", referencedColumnName = "id"))
private Collection<Privilege> privileges;
private String name;
public Role() {
super();
}
public Role(String name) {
super();
this.name = name;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Collection<User> getUsers() {
return users;
}
public void setUsers(Collection<User> users) {
this.users = users;
}
public Collection<Privilege> getPrivileges() {
return privileges;
}
public void setPrivileges(Collection<Privilege> privileges) {
this.privileges = privileges;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((name == null) ? 0 : name.hashCode());
return result;
}
@Override
public boolean equals(final Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final Role role = (Role) obj;
if (!role.equals(role.name))
return false;
return true;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("Role [name=").append(name).append("]").append("[id=").append(id).append("]");
return builder.toString();
}
}

137
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/model/User.java Normal file
View File

@ -0,0 +1,137 @@
package org.baeldung.persistence.model;
import java.util.Collection;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
@Entity
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
private String firstName;
private String lastName;
private String email;
@Column(length = 60)
private String password;
private boolean enabled;
private boolean tokenExpired;
@ManyToMany
@JoinTable(name = "users_roles", joinColumns = @JoinColumn(name = "user_id", referencedColumnName = "id"), inverseJoinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id"))
private Collection<Role> roles;
public User() {
super();
this.enabled = false;
this.tokenExpired = false;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getEmail() {
return email;
}
public void setEmail(String username) {
this.email = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Collection<Role> getRoles() {
return roles;
}
public void setRoles(Collection<Role> roles) {
this.roles = roles;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public boolean isTokenExpired() {
return tokenExpired;
}
public void setTokenExpired(boolean expired) {
this.tokenExpired = expired;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((email == null) ? 0 : email.hashCode());
return result;
}
@Override
public boolean equals(final Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final User user = (User) obj;
if (!email.equals(user.email))
return false;
return true;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("User [firstName=").append(firstName).append("]").append("[lastName=").append(lastName).append("]").append("[username").append(email).append("]");
return builder.toString();
}
}

132
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/model/VerificationToken.java Normal file
View File

@ -0,0 +1,132 @@
package org.baeldung.persistence.model;
import java.util.Calendar;
import java.util.Date;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.OneToOne;
@Entity
public class VerificationToken {
private static final int EXPIRATION = 60 * 24;
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
private String token;
@OneToOne(targetEntity = User.class, fetch = FetchType.EAGER)
@JoinColumn(nullable = false, name = "user_id")
private User user;
private Date expiryDate;
public VerificationToken() {
super();
}
public VerificationToken(String token) {
super();
this.token = token;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
public VerificationToken(String token, User user) {
super();
this.token = token;
this.user = user;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public Date getExpiryDate() {
return expiryDate;
}
public void setExpiryDate(Date expiryDate) {
this.expiryDate = expiryDate;
}
private Date calculateExpiryDate(int expiryTimeInMinutes) {
Calendar cal = Calendar.getInstance();
cal.setTimeInMillis(new Date().getTime());
cal.add(Calendar.MINUTE, expiryTimeInMinutes);
return new Date(cal.getTime().getTime());
}
public void updateToken(String token) {
this.token = token;
this.expiryDate = calculateExpiryDate(EXPIRATION);
}
//
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((expiryDate == null) ? 0 : expiryDate.hashCode());
result = prime * result + ((token == null) ? 0 : token.hashCode());
result = prime * result + ((user == null) ? 0 : user.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
VerificationToken other = (VerificationToken) obj;
if (expiryDate == null) {
if (other.expiryDate != null)
return false;
} else if (!expiryDate.equals(other.expiryDate))
return false;
if (token == null) {
if (other.token != null)
return false;
} else if (!token.equals(other.token))
return false;
if (user == null) {
if (other.user != null)
return false;
} else if (!user.equals(other.user))
return false;
return true;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("Token [String=").append(token).append("]").append("[Expires").append(expiryDate).append("]");
return builder.toString();
}
}

35
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/service/IUserService.java Normal file
View File

@ -0,0 +1,35 @@
package org.baeldung.persistence.service;
import org.baeldung.persistence.model.PasswordResetToken;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.model.VerificationToken;
import org.baeldung.validation.EmailExistsException;
public interface IUserService {
User registerNewUserAccount(UserDto accountDto) throws EmailExistsException;
User getUser(String verificationToken);
void saveRegisteredUser(User user);
void deleteUser(User user);
void createVerificationTokenForUser(User user, String token);
VerificationToken getVerificationToken(String VerificationToken);
VerificationToken generateNewVerificationToken(String token);
void createPasswordResetTokenForUser(User user, String token);
User findUserByEmail(String email);
PasswordResetToken getPasswordResetToken(String token);
User getUserByPasswordResetToken(String token);
User getUserByID(long id);
void changeUserPassword(User user, String password);
}

88
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/service/UserDto.java Normal file
View File

@ -0,0 +1,88 @@
package org.baeldung.persistence.service;
import javax.validation.constraints.NotNull;
import org.baeldung.validation.PasswordMatches;
import org.baeldung.validation.ValidEmail;
import org.hibernate.validator.constraints.NotEmpty;
@PasswordMatches
public class UserDto {
@NotNull
@NotEmpty
private String firstName;
@NotNull
@NotEmpty
private String lastName;
@NotNull
@NotEmpty
private String password;
@NotNull
@NotEmpty
private String matchingPassword;
@ValidEmail
@NotNull
@NotEmpty
private String email;
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
private Integer role;
public Integer getRole() {
return role;
}
public void setRole(Integer role) {
this.role = role;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getMatchingPassword() {
return matchingPassword;
}
public void setMatchingPassword(String matchingPassword) {
this.matchingPassword = matchingPassword;
}
@Override
public String toString() {
final StringBuilder builder = new StringBuilder();
builder.append("User [firstName=").append(firstName).append("]").append("[lastName=").append(lastName).append("]").append("[email").append(email).append("]").append("[password").append(password).append("]");
return builder.toString();
}
}

131
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/persistence/service/UserService.java Normal file
View File

@ -0,0 +1,131 @@
package org.baeldung.persistence.service;
import java.util.Arrays;
import java.util.UUID;
import javax.transaction.Transactional;
import org.baeldung.persistence.dao.PasswordResetTokenRepository;
import org.baeldung.persistence.dao.RoleRepository;
import org.baeldung.persistence.dao.UserRepository;
import org.baeldung.persistence.dao.VerificationTokenRepository;
import org.baeldung.persistence.model.PasswordResetToken;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.model.VerificationToken;
import org.baeldung.validation.EmailExistsException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
@Service
@Transactional
public class UserService implements IUserService {
@Autowired
private UserRepository repository;
@Autowired
private VerificationTokenRepository tokenRepository;
@Autowired
private PasswordResetTokenRepository passwordTokenRepository;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private RoleRepository roleRepository;
// API
@Override
public User registerNewUserAccount(final UserDto accountDto) throws EmailExistsException {
if (emailExist(accountDto.getEmail())) {
throw new EmailExistsException("There is an account with that email adress: " + accountDto.getEmail());
}
final User user = new User();
user.setFirstName(accountDto.getFirstName());
user.setLastName(accountDto.getLastName());
user.setPassword(passwordEncoder.encode(accountDto.getPassword()));
user.setEmail(accountDto.getEmail());
user.setRoles(Arrays.asList(roleRepository.findByName("ROLE_USER")));
return repository.save(user);
}
@Override
public User getUser(final String verificationToken) {
final User user = tokenRepository.findByToken(verificationToken).getUser();
return user;
}
@Override
public VerificationToken getVerificationToken(final String VerificationToken) {
return tokenRepository.findByToken(VerificationToken);
}
@Override
public void saveRegisteredUser(final User user) {
repository.save(user);
}
@Override
public void deleteUser(final User user) {
repository.delete(user);
}
@Override
public void createVerificationTokenForUser(final User user, final String token) {
final VerificationToken myToken = new VerificationToken(token, user);
tokenRepository.save(myToken);
}
@Override
public VerificationToken generateNewVerificationToken(final String existingVerificationToken) {
VerificationToken vToken = tokenRepository.findByToken(existingVerificationToken);
vToken.updateToken(UUID.randomUUID().toString());
vToken = tokenRepository.save(vToken);
return vToken;
}
@Override
public void createPasswordResetTokenForUser(final User user, final String token) {
final PasswordResetToken myToken = new PasswordResetToken(token, user);
passwordTokenRepository.save(myToken);
}
@Override
public User findUserByEmail(final String email) {
return repository.findByEmail(email);
}
@Override
public PasswordResetToken getPasswordResetToken(final String token) {
return passwordTokenRepository.findByToken(token);
}
@Override
public User getUserByPasswordResetToken(final String token) {
return passwordTokenRepository.findByToken(token).getUser();
}
@Override
public User getUserByID(final long id) {
return repository.findOne(id);
}
@Override
public void changeUserPassword(final User user, final String password) {
user.setPassword(passwordEncoder.encode(password));
repository.save(user);
}
private boolean emailExist(final String email) {
final User user = repository.findByEmail(email);
if (user != null) {
return true;
}
return false;
}
}

33
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/registration/OnRegistrationCompleteEvent.java Normal file
View File

@ -0,0 +1,33 @@
package org.baeldung.registration;
import java.util.Locale;
import org.baeldung.persistence.model.User;
import org.springframework.context.ApplicationEvent;
@SuppressWarnings("serial")
public class OnRegistrationCompleteEvent extends ApplicationEvent {
private final String appUrl;
private final Locale locale;
private final User user;
public OnRegistrationCompleteEvent(User user, Locale locale, String appUrl) {
super(user);
this.user = user;
this.locale = locale;
this.appUrl = appUrl;
}
public String getAppUrl() {
return appUrl;
}
public Locale getLocale() {
return locale;
}
public User getUser() {
return user;
}
}

63
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/registration/listener/RegistrationListener.java Normal file
View File

@ -0,0 +1,63 @@
package org.baeldung.registration.listener;
import java.util.UUID;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.service.IUserService;
import org.baeldung.registration.OnRegistrationCompleteEvent;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.context.MessageSource;
import org.springframework.core.env.Environment;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.stereotype.Component;
@Component
public class RegistrationListener implements ApplicationListener<OnRegistrationCompleteEvent> {
@Autowired
private IUserService service;
@Autowired
private MessageSource messages;
@Autowired
private JavaMailSender mailSender;
@Autowired
private Environment env;
// API
@Override
public void onApplicationEvent(final OnRegistrationCompleteEvent event) {
this.confirmRegistration(event);
}
private void confirmRegistration(final OnRegistrationCompleteEvent event) {
final User user = event.getUser();
final String token = UUID.randomUUID().toString();
service.createVerificationTokenForUser(user, token);
final SimpleMailMessage email = constructEmailMessage(event, user, token);
mailSender.send(email);
}
//
private final SimpleMailMessage constructEmailMessage(final OnRegistrationCompleteEvent event, final User user, final String token) {
final String recipientAddress = user.getEmail();
final String subject = "Registration Confirmation";
final String confirmationUrl = event.getAppUrl() + "/regitrationConfirm.html?token=" + token;
final String message = messages.getMessage("message.regSucc", null, event.getLocale());
final SimpleMailMessage email = new SimpleMailMessage();
email.setTo(recipientAddress);
email.setSubject(subject);
email.setText(message + " \r\n" + confirmationUrl);
email.setFrom(env.getProperty("support.email"));
System.out.println("ddddd");
System.out.println(email.getText());
return email;
}
}

19
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/security/AuthenticationFailureListener.java Normal file
View File

@ -0,0 +1,19 @@
package org.baeldung.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.stereotype.Component;
@Component
public class AuthenticationFailureListener implements ApplicationListener<AuthenticationFailureBadCredentialsEvent> {
@Autowired
private LoginAttemptService loginAttemptService;
public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent e) {
WebAuthenticationDetails auth = (WebAuthenticationDetails) e.getAuthentication().getDetails();
loginAttemptService.loginFailed(auth.getRemoteAddress());
}
}

19
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/security/AuthenticationSuccessEventListener.java Normal file
View File

@ -0,0 +1,19 @@
package org.baeldung.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.stereotype.Component;
@Component
public class AuthenticationSuccessEventListener implements ApplicationListener<AuthenticationSuccessEvent> {
@Autowired
private LoginAttemptService loginAttemptService;
public void onApplicationEvent(AuthenticationSuccessEvent e) {
WebAuthenticationDetails auth = (WebAuthenticationDetails) e.getAuthentication().getDetails();
loginAttemptService.loginSucceeded(auth.getRemoteAddress());
}
}

49
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/security/LoginAttemptService.java Normal file
View File

@ -0,0 +1,49 @@
package org.baeldung.security;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.springframework.stereotype.Service;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
@Service
public class LoginAttemptService {
private final int MAX_ATTEMPT = 10;
private LoadingCache<String, Integer> attemptsCache;
public LoginAttemptService() {
super();
attemptsCache = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.DAYS).build(new CacheLoader<String, Integer>() {
public Integer load(String key) {
return 0;
}
});
}
public void loginSucceeded(String key) {
attemptsCache.invalidate(key);
}
public void loginFailed(String key) {
int attempts = 0;
try {
attempts = attemptsCache.get(key);
} catch (ExecutionException e) {
attempts = 0;
}
attempts++;
attemptsCache.put(key, attempts);
}
public boolean isBlocked(String key) {
try {
return attemptsCache.get(key) >= MAX_ATTEMPT;
} catch (ExecutionException e) {
return false;
}
}
}

83
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java Normal file
View File

@ -0,0 +1,83 @@
package org.baeldung.security;
import java.io.IOException;
import java.util.Collection;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
@Component("myAuthenticationSuccessHandler")
public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
private final Logger logger = LoggerFactory.getLogger(getClass());
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
handle(request, response, authentication);
HttpSession session = request.getSession(false);
if (session != null) {
session.setMaxInactiveInterval(30);
}
clearAuthenticationAttributes(request);
}
protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
String targetUrl = determineTargetUrl(authentication);
if (response.isCommitted()) {
logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
return;
}
redirectStrategy.sendRedirect(request, response, targetUrl);
}
protected String determineTargetUrl(Authentication authentication) {
boolean isUser = false;
boolean isAdmin = false;
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
for (GrantedAuthority grantedAuthority : authorities) {
if (grantedAuthority.getAuthority().equals("READ_PRIVILEGE")) {
isUser = true;
} else if (grantedAuthority.getAuthority().equals("WRITE_PRIVILEGE")) {
isAdmin = true;
isUser = false;
break;
}
}
if (isUser) {
return "/homepage.html?user=" + authentication.getName();
} else if (isAdmin) {
return "/console.html";
} else {
throw new IllegalStateException();
}
}
protected void clearAuthenticationAttributes(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null) {
return;
}
session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
}
public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
this.redirectStrategy = redirectStrategy;
}
protected RedirectStrategy getRedirectStrategy() {
return redirectStrategy;
}
}

95
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/security/MyUserDetailsService.java Normal file
View File

@ -0,0 +1,95 @@
package org.baeldung.security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.baeldung.persistence.dao.RoleRepository;
import org.baeldung.persistence.dao.UserRepository;
import org.baeldung.persistence.model.Privilege;
import org.baeldung.persistence.model.Role;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@Service("userDetailsService")
@Transactional
public class MyUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
@Autowired
private IUserService service;
@Autowired
private MessageSource messages;
@Autowired
private RoleRepository roleRepository;
@Autowired
private LoginAttemptService loginAttemptService;
@Autowired
private HttpServletRequest request;
public MyUserDetailsService() {
super();
}
// API
@Override
public UserDetails loadUserByUsername(final String email) throws UsernameNotFoundException {
String ip = request.getRemoteAddr();
if (loginAttemptService.isBlocked(ip)) {
throw new RuntimeException("blocked");
}
try {
final User user = userRepository.findByEmail(email);
if (user == null) {
return new org.springframework.security.core.userdetails.User(" ", " ", true, true, true, true, getAuthorities(Arrays.asList(roleRepository.findByName("ROLE_USER"))));
}
return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), user.isEnabled(), true, true, true, getAuthorities(user.getRoles()));
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
// UTIL
public final Collection<? extends GrantedAuthority> getAuthorities(final Collection<Role> roles) {
return getGrantedAuthorities(getPrivileges(roles));
}
private final List<String> getPrivileges(final Collection<Role> roles) {
final List<String> privileges = new ArrayList<String>();
final List<Privilege> collection = new ArrayList<Privilege>();
for (Role role : roles) {
collection.addAll(role.getPrivileges());
}
for (final Privilege item : collection) {
privileges.add(item.getName());
}
return privileges;
}
private final List<GrantedAuthority> getGrantedAuthorities(final List<String> privileges) {
final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (final String privilege : privileges) {
authorities.add(new SimpleGrantedAuthority(privilege));
}
return authorities;
}
}

44
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/spring/AppConfig.java Normal file
View File

@ -0,0 +1,44 @@
package org.baeldung.spring;
import java.util.Properties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.core.env.Environment;
import org.springframework.mail.javamail.JavaMailSenderImpl;
@Configuration
@ComponentScan(basePackages = { "org.baeldung.registration" })
@PropertySource("classpath:email.properties")
public class AppConfig {
@Autowired
private Environment env;
// beans
@Bean
public static PropertySourcesPlaceholderConfigurer propertyPlaceHolderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
@Bean
public JavaMailSenderImpl javaMailSenderImpl() {
JavaMailSenderImpl mailSenderImpl = new JavaMailSenderImpl();
mailSenderImpl.setHost(env.getProperty("smtp.host"));
mailSenderImpl.setPort(env.getProperty("smtp.port", Integer.class));
mailSenderImpl.setProtocol(env.getProperty("smtp.protocol"));
mailSenderImpl.setUsername(env.getProperty("smtp.username"));
mailSenderImpl.setPassword(env.getProperty("smtp.password"));
Properties javaMailProps = new Properties();
javaMailProps.put("mail.smtp.auth", true);
javaMailProps.put("mail.smtp.starttls.enable", true);
mailSenderImpl.setJavaMailProperties(javaMailProps);
return mailSenderImpl;
}
}

104
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/spring/MvcConfig.java Normal file
View File

@ -0,0 +1,104 @@
package org.baeldung.spring;
import java.util.Locale;
import org.baeldung.validation.EmailValidator;
import org.baeldung.validation.PasswordMatchesValidator;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.i18n.CookieLocaleResolver;
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;
@Configuration
@ComponentScan(basePackages = { "org.baeldung.web" })
@EnableWebMvc
public class MvcConfig extends WebMvcConfigurerAdapter {
public MvcConfig() {
super();
}
//
@Override
public void addViewControllers(final ViewControllerRegistry registry) {
super.addViewControllers(registry);
registry.addViewController("/login.html");
registry.addViewController("/logout.html");
registry.addViewController("/registration.html");
registry.addViewController("/homepage.html");
registry.addViewController("/expiredAccount.html");
registry.addViewController("/badUser.html");
registry.addViewController("/emailError.html");
registry.addViewController("/home.html");
registry.addViewController("/invalidSession.html");
registry.addViewController("/console.html");
registry.addViewController("/admin.html");
registry.addViewController("/successRegister.html");
registry.addViewController("/forgetPassword.html");
registry.addViewController("/updatePassword.html");
}
@Override
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/", "/resources/");
}
@Override
public void addInterceptors(final InterceptorRegistry registry) {
final LocaleChangeInterceptor localeChangeInterceptor = new LocaleChangeInterceptor();
localeChangeInterceptor.setParamName("lang");
registry.addInterceptor(localeChangeInterceptor);
}
// beans
@Bean
public ViewResolver viewResolver() {
final InternalResourceViewResolver bean = new InternalResourceViewResolver();
bean.setViewClass(JstlView.class);
bean.setPrefix("/WEB-INF/view/");
bean.setSuffix(".jsp");
return bean;
}
@Bean
public LocaleResolver localeResolver() {
final CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
cookieLocaleResolver.setDefaultLocale(Locale.ENGLISH);
return cookieLocaleResolver;
}
@Bean
public MessageSource messageSource() {
final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
messageSource.setBasename("classpath:messages");
messageSource.setUseCodeAsDefaultMessage(true);
messageSource.setDefaultEncoding("UTF-8");
messageSource.setCacheSeconds(0);
return messageSource;
}
@Bean
public EmailValidator usernameValidator() {
return new EmailValidator();
}
@Bean
public PasswordMatchesValidator passwordMatchesValidator() {
return new PasswordMatchesValidator();
}
}

75
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/spring/PersistenceJPAConfig.java Normal file
View File

@ -0,0 +1,75 @@
package org.baeldung.spring;
import java.util.Properties;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@Configuration
@EnableTransactionManagement
@PropertySource({ "classpath:persistence.properties" })
@ComponentScan({ "org.baeldung.persistence" })
@EnableJpaRepositories(basePackages = "org.baeldung.persistence.dao")
public class PersistenceJPAConfig {
@Autowired
private Environment env;
public PersistenceJPAConfig() {
super();
}
@Bean
public LocalContainerEntityManagerFactoryBean entityManagerFactory() {
final LocalContainerEntityManagerFactoryBean em = new LocalContainerEntityManagerFactoryBean();
em.setDataSource(dataSource());
em.setPackagesToScan(new String[] { "org.baeldung.persistence.model" });
final HibernateJpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
em.setJpaVendorAdapter(vendorAdapter);
em.setJpaProperties(additionalProperties());
return em;
}
@Bean
public DataSource dataSource() {
final DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(env.getProperty("jdbc.driverClassName"));
dataSource.setUrl(env.getProperty("jdbc.url"));
dataSource.setUsername(env.getProperty("jdbc.user"));
dataSource.setPassword(env.getProperty("jdbc.pass"));
return dataSource;
}
@Bean
public JpaTransactionManager transactionManager() {
final JpaTransactionManager transactionManager = new JpaTransactionManager();
transactionManager.setEntityManagerFactory(entityManagerFactory().getObject());
return transactionManager;
}
@Bean
public PersistenceExceptionTranslationPostProcessor exceptionTranslation() {
return new PersistenceExceptionTranslationPostProcessor();
}
final Properties additionalProperties() {
final Properties hibernateProperties = new Properties();
hibernateProperties.setProperty("hibernate.hbm2ddl.auto", env.getProperty("hibernate.hbm2ddl.auto"));
hibernateProperties.setProperty("hibernate.dialect", env.getProperty("hibernate.dialect"));
return hibernateProperties;
}
}

94
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/spring/SecSecurityConfig.java Normal file
View File

@ -0,0 +1,94 @@
package org.baeldung.spring;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@Configuration
@ComponentScan(basePackages = { "org.baeldung.security" })
@EnableWebSecurity
public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private AuthenticationSuccessHandler myAuthenticationSuccessHandler;
public SecSecurityConfig() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider());
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/j_spring_security_check*","/login*", "/logout*", "/signin/**", "/signup/**",
"/user/registration*", "/regitrationConfirm*", "/expiredAccount*", "/registration*",
"/badUser*", "/user/resendRegistrationToken*" ,"/forgetPassword*", "/user/resetPassword*",
"/user/changePassword*", "/emailError*", "/resources/**").permitAll()
.antMatchers("/invalidSession*").anonymous()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login.html")
.loginProcessingUrl("/j_spring_security_check")
.defaultSuccessUrl("/homepage.html")
.failureUrl("/login.html?error=true")
.successHandler(myAuthenticationSuccessHandler)
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.sessionManagement()
.invalidSessionUrl("/invalidSession.html")
.sessionFixation().none()
.and()
.logout()
.invalidateHttpSession(false)
.logoutUrl("/j_spring_security_logout")
.logoutSuccessUrl("/logout.html?logSucc=true")
.deleteCookies("JSESSIONID")
.permitAll();
// @formatter:on
}
// beans
@Bean
public DaoAuthenticationProvider authProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(11);
}
}

89
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/spring/SetupDataLoader.java Normal file
View File

@ -0,0 +1,89 @@
package org.baeldung.spring;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import org.baeldung.persistence.dao.PrivilegeRepository;
import org.baeldung.persistence.dao.RoleRepository;
import org.baeldung.persistence.dao.UserRepository;
import org.baeldung.persistence.model.Privilege;
import org.baeldung.persistence.model.Role;
import org.baeldung.persistence.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;
@Component
public class SetupDataLoader implements ApplicationListener<ContextRefreshedEvent> {
private boolean alreadySetup = false;
@Autowired
private UserRepository userRepository;
@Autowired
private RoleRepository roleRepository;
@Autowired
private PrivilegeRepository privilegeRepository;
@Autowired
private PasswordEncoder passwordEncoder;
// API
@Override
@Transactional
public void onApplicationEvent(final ContextRefreshedEvent event) {
if (alreadySetup) {
return;
}
// == create initial privileges
final Privilege readPrivilege = createPrivilegeIfNotFound("READ_PRIVILEGE");
final Privilege writePrivilege = createPrivilegeIfNotFound("WRITE_PRIVILEGE");
// == create initial roles
final List<Privilege> adminPrivileges = Arrays.asList(readPrivilege, writePrivilege);
createRoleIfNotFound("ROLE_ADMIN", adminPrivileges);
createRoleIfNotFound("ROLE_USER", Arrays.asList(readPrivilege));
final Role adminRole = roleRepository.findByName("ROLE_ADMIN");
final User user = new User();
user.setFirstName("Test");
user.setLastName("Test");
user.setPassword(passwordEncoder.encode("test"));
user.setEmail("test@test.com");
user.setRoles(Arrays.asList(adminRole));
user.setEnabled(true);
userRepository.save(user);
alreadySetup = true;
}
@Transactional
private final Privilege createPrivilegeIfNotFound(final String name) {
Privilege privilege = privilegeRepository.findByName(name);
if (privilege == null) {
privilege = new Privilege(name);
privilegeRepository.save(privilege);
}
return privilege;
}
@Transactional
private final Role createRoleIfNotFound(final String name, final Collection<Privilege> privileges) {
Role role = roleRepository.findByName(name);
if (role == null) {
role = new Role(name);
role.setPrivileges(privileges);
roleRepository.save(role);
}
return role;
}
}

17
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/test/TestConfig.java Normal file
View File

@ -0,0 +1,17 @@
package org.baeldung.test;
import org.baeldung.spring.PersistenceJPAConfig;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@ComponentScan({ "org.baeldung.persistence.dao" })
public class TestConfig extends PersistenceJPAConfig {
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(11);
}
}

9
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/EmailExistsException.java Normal file
View File

@ -0,0 +1,9 @@
package org.baeldung.validation;
@SuppressWarnings("serial")
public class EmailExistsException extends Throwable {
public EmailExistsException(String message) {
super(message);
}
}

28
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/EmailValidator.java Normal file
View File

@ -0,0 +1,28 @@
package org.baeldung.validation;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
public class EmailValidator implements ConstraintValidator<ValidEmail, String> {
private Pattern pattern;
private Matcher matcher;
private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@" + "[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
@Override
public void initialize(ValidEmail constraintAnnotation) {
}
@Override
public boolean isValid(String username, ConstraintValidatorContext context) {
return (validateEmail(username));
}
private boolean validateEmail(String email) {
pattern = Pattern.compile(EMAIL_PATTERN);
matcher = pattern.matcher(email);
return matcher.matches();
}
}

24
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/PasswordMatches.java Normal file
View File

@ -0,0 +1,24 @@
package org.baeldung.validation;
import javax.validation.Constraint;
import javax.validation.Payload;
import java.lang.annotation.Documented;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
import static java.lang.annotation.ElementType.TYPE;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
@Target({ TYPE, ANNOTATION_TYPE })
@Retention(RUNTIME)
@Constraint(validatedBy = PasswordMatchesValidator.class)
@Documented
public @interface PasswordMatches {
String message() default "Passwords don't match";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}

19
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/PasswordMatchesValidator.java Normal file
View File

@ -0,0 +1,19 @@
package org.baeldung.validation;
import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import org.baeldung.persistence.service.UserDto;
public class PasswordMatchesValidator implements ConstraintValidator<PasswordMatches, Object> {
@Override
public void initialize(PasswordMatches constraintAnnotation) {
}
@Override
public boolean isValid(Object obj, ConstraintValidatorContext context) {
UserDto user = (UserDto) obj;
return user.getPassword().equals(user.getMatchingPassword());
}
}

23
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/UserValidator.java Normal file
View File

@ -0,0 +1,23 @@
package org.baeldung.validation;
import org.baeldung.persistence.service.UserDto;
import org.springframework.validation.Errors;
import org.springframework.validation.ValidationUtils;
import org.springframework.validation.Validator;
public class UserValidator implements Validator {
@Override
public boolean supports(Class<?> clazz) {
return UserDto.class.isAssignableFrom(clazz);
}
@Override
public void validate(Object obj, Errors errors) {
ValidationUtils.rejectIfEmptyOrWhitespace(errors, "firstName", "message.firstName", "Firstname is required.");
ValidationUtils.rejectIfEmptyOrWhitespace(errors, "lastName", "message.lastName", "LastName is required.");
ValidationUtils.rejectIfEmptyOrWhitespace(errors, "password", "message.password", "LastName is required.");
ValidationUtils.rejectIfEmptyOrWhitespace(errors, "username", "message.username", "UserName is required.");
}
}

24
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/validation/ValidEmail.java Normal file
View File

@ -0,0 +1,24 @@
package org.baeldung.validation;
import javax.validation.Constraint;
import javax.validation.Payload;
import java.lang.annotation.Documented;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.ElementType.FIELD;
import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
import static java.lang.annotation.ElementType.TYPE;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
@Target({ TYPE, FIELD, ANNOTATION_TYPE })
@Retention(RUNTIME)
@Constraint(validatedBy = EmailValidator.class)
@Documented
public @interface ValidEmail {
String message() default "Invalid Email";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}

207
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/web/controller/RegistrationController.java Normal file
View File

@ -0,0 +1,207 @@
package org.baeldung.web.controller;
import java.util.Calendar;
import java.util.Locale;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import org.baeldung.persistence.model.PasswordResetToken;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.model.VerificationToken;
import org.baeldung.persistence.service.IUserService;
import org.baeldung.persistence.service.UserDto;
import org.baeldung.registration.OnRegistrationCompleteEvent;
import org.baeldung.validation.EmailExistsException;
import org.baeldung.web.error.UserNotFoundException;
import org.baeldung.web.util.GenericResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.MessageSource;
import org.springframework.core.env.Environment;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class RegistrationController {
private final Logger LOGGER = LoggerFactory.getLogger(getClass());
@Autowired
private IUserService userService;
@Autowired
private MessageSource messages;
@Autowired
private JavaMailSender mailSender;
@Autowired
private ApplicationEventPublisher eventPublisher;
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private Environment env;
public RegistrationController() {
}
// Registration
@RequestMapping(value = "/user/registration", method = RequestMethod.POST)
@ResponseBody
public GenericResponse registerUserAccount(@Valid final UserDto accountDto, final BindingResult result, final HttpServletRequest request) {
LOGGER.debug("Registering user account with information: {}", accountDto);
if (result.hasErrors()) {
return new GenericResponse(result.getFieldErrors(), result.getGlobalErrors());
}
final User registered = createUserAccount(accountDto);
if (registered == null) {
return new GenericResponse("email", messages.getMessage("message.regError", null, request.getLocale()));
}
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
eventPublisher.publishEvent(new OnRegistrationCompleteEvent(registered, request.getLocale(), appUrl));
return new GenericResponse("success");
}
@RequestMapping(value = "/regitrationConfirm", method = RequestMethod.GET)
public String confirmRegistration(final Locale locale, final Model model, @RequestParam("token") final String token) {
final VerificationToken verificationToken = userService.getVerificationToken(token);
if (verificationToken == null) {
final String message = messages.getMessage("auth.message.invalidToken", null, locale);
model.addAttribute("message", message);
return "redirect:/badUser.html?lang=" + locale.getLanguage();
}
final User user = verificationToken.getUser();
final Calendar cal = Calendar.getInstance();
if ((verificationToken.getExpiryDate().getTime() - cal.getTime().getTime()) <= 0) {
model.addAttribute("message", messages.getMessage("auth.message.expired", null, locale));
model.addAttribute("expired", true);
model.addAttribute("token", token);
return "redirect:/badUser.html?lang=" + locale.getLanguage();
}
user.setEnabled(true);
userService.saveRegisteredUser(user);
model.addAttribute("message", messages.getMessage("message.accountVerified", null, locale));
return "redirect:/login.html?lang=" + locale.getLanguage();
}
// user activation - verification
@RequestMapping(value = "/user/resendRegistrationToken", method = RequestMethod.GET)
@ResponseBody
public GenericResponse resendRegistrationToken(final HttpServletRequest request, @RequestParam("token") final String existingToken) {
final VerificationToken newToken = userService.generateNewVerificationToken(existingToken);
final User user = userService.getUser(newToken.getToken());
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResendVerificationTokenEmail(appUrl, request.getLocale(), newToken, user);
mailSender.send(email);
return new GenericResponse(messages.getMessage("message.resendToken", null, request.getLocale()));
}
// Reset password
@RequestMapping(value = "/user/resetPassword", method = RequestMethod.POST)
@ResponseBody
public GenericResponse resetPassword(final HttpServletRequest request, @RequestParam("email") final String userEmail) {
final User user = userService.findUserByEmail(userEmail);
if (user == null) {
throw new UserNotFoundException();
}
final String token = UUID.randomUUID().toString();
userService.createPasswordResetTokenForUser(user, token);
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResetTokenEmail(appUrl, request.getLocale(), token, user);
mailSender.send(email);
return new GenericResponse(messages.getMessage("message.resetPasswordEmail", null, request.getLocale()));
}
@RequestMapping(value = "/user/changePassword", method = RequestMethod.GET)
public String showChangePasswordPage(final Locale locale, final Model model, @RequestParam("id") final long id, @RequestParam("token") final String token) {
final PasswordResetToken passToken = userService.getPasswordResetToken(token);
final User user = passToken.getUser();
if (passToken == null || user.getId() != id) {
final String message = messages.getMessage("auth.message.invalidToken", null, locale);
model.addAttribute("message", message);
return "redirect:/login.html?lang=" + locale.getLanguage();
}
final Calendar cal = Calendar.getInstance();
if ((passToken.getExpiryDate().getTime() - cal.getTime().getTime()) <= 0) {
model.addAttribute("message", messages.getMessage("auth.message.expired", null, locale));
return "redirect:/login.html?lang=" + locale.getLanguage();
}
final Authentication auth = new UsernamePasswordAuthenticationToken(user, null, userDetailsService.loadUserByUsername(user.getEmail()).getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
return "redirect:/updatePassword.html?lang=" + locale.getLanguage();
}
@RequestMapping(value = "/user/savePassword", method = RequestMethod.POST)
@PreAuthorize("hasRole('READ_PRIVILEGE')")
@ResponseBody
public GenericResponse savePassword(final Locale locale, @RequestParam("password") final String password) {
final User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
userService.changeUserPassword(user, password);
return new GenericResponse(messages.getMessage("message.resetPasswordSuc", null, locale));
}
// NON-API
private final SimpleMailMessage constructResendVerificationTokenEmail(final String contextPath, final Locale locale, final VerificationToken newToken, final User user) {
final String confirmationUrl = contextPath + "/regitrationConfirm.html?token=" + newToken.getToken();
final String message = messages.getMessage("message.resendToken", null, locale);
final SimpleMailMessage email = new SimpleMailMessage();
email.setSubject("Resend Registration Token");
email.setText(message + " \r\n" + confirmationUrl);
email.setTo(user.getEmail());
email.setFrom(env.getProperty("support.email"));
return email;
}
private final SimpleMailMessage constructResetTokenEmail(final String contextPath, final Locale locale, final String token, final User user) {
final String url = contextPath + "/user/changePassword?id=" + user.getId() + "&token=" + token;
final String message = messages.getMessage("message.resetPassword", null, locale);
final SimpleMailMessage email = new SimpleMailMessage();
email.setTo(user.getEmail());
email.setSubject("Reset Password");
email.setText(message + " \r\n" + url);
email.setFrom(env.getProperty("support.email"));
return email;
}
private User createUserAccount(final UserDto accountDto) {
User registered = null;
try {
registered = userService.registerNewUserAccount(accountDto);
} catch (final EmailExistsException e) {
return null;
}
return registered;
}
}

48
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/web/error/RestResponseEntityExceptionHandler.java Normal file
View File

@ -0,0 +1,48 @@
package org.baeldung.web.error;
import org.baeldung.web.util.GenericResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.mail.MailAuthenticationException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
@ControllerAdvice
public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionHandler {
@Autowired
private MessageSource messages;
public RestResponseEntityExceptionHandler() {
super();
}
// 404
@ExceptionHandler({ UserNotFoundException.class })
public ResponseEntity<Object> handleUserNotFound(final RuntimeException ex, final WebRequest request) {
logger.error("404 Status Code", ex);
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.userNotFound", null, request.getLocale()), "UserNotFound");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.NOT_FOUND, request);
}
// 500
@ExceptionHandler({ MailAuthenticationException.class })
public ResponseEntity<Object> handleMail(final RuntimeException ex, final WebRequest request) {
logger.error("500 Status Code", ex);
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.email.config.error", null, request.getLocale()), "MailError");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request);
}
@ExceptionHandler({ Exception.class })
public ResponseEntity<Object> handleInternal(final RuntimeException ex, final WebRequest request) {
logger.error("500 Status Code", ex);
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.error", null, request.getLocale()), "InternalError");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request);
}
}

23
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/web/error/UserNotFoundException.java Normal file
View File

@ -0,0 +1,23 @@
package org.baeldung.web.error;
public final class UserNotFoundException extends RuntimeException {
private static final long serialVersionUID = 5861310537366287163L;
public UserNotFoundException() {
super();
}
public UserNotFoundException(final String message, final Throwable cause) {
super(message, cause);
}
public UserNotFoundException(final String message) {
super(message);
}
public UserNotFoundException(final Throwable cause) {
super(cause);
}
}

54
spring-security-login-and-registration-frontend/src/main/java/org/baeldung/web/util/GenericResponse.java Normal file
View File

@ -0,0 +1,54 @@
package org.baeldung.web.util;
import java.util.List;
import org.springframework.validation.FieldError;
import org.springframework.validation.ObjectError;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
public class GenericResponse {
private String message;
private String error;
public GenericResponse(final String message) {
super();
this.message = message;
}
public GenericResponse(final String message, final String error) {
super();
this.message = message;
this.error = error;
}
public GenericResponse(final List<FieldError> fieldErrors, final List<ObjectError> globalErrors) {
super();
final ObjectMapper mapper = new ObjectMapper();
try {
this.message = mapper.writeValueAsString(fieldErrors);
this.error = mapper.writeValueAsString(globalErrors);
} catch (final JsonProcessingException e) {
this.message = "";
this.error = "";
}
}
public String getMessage() {
return message;
}
public void setMessage(final String message) {
this.message = message;
}
public String getError() {
return error;
}
public void setError(final String error) {
this.error = error;
}
}

1
spring-security-login-and-registration-frontend/src/main/resources/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
email.properties

7
spring-security-login-and-registration-frontend/src/main/resources/email.properties.sample Normal file
View File

@ -0,0 +1,7 @@
################### JavaMail Configuration ##########################
smtp.host=email-smtp.us-east-1.amazonaws.com
smtp.port=465
smtp.protocol=smtps
smtp.username=AKIAJIKXZAQFFJDXI4VQ
smtp.password=
support.email=eugen@baeldung.com

20
spring-security-login-and-registration-frontend/src/main/resources/logback.xml Normal file
View File

@ -0,0 +1,20 @@
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
</pattern>
</encoder>
</appender>
<logger name="org.springframework" level="WARN" />
<logger name="org.springframework.transaction" level="WARN" />
<!-- in order to debug some marshalling issues, this needs to be TRACE -->
<logger name="org.springframework.web.servlet.mvc" level="WARN" />
<root level="INFO">
<appender-ref ref="STDOUT" />
</root>
</configuration>

67
spring-security-login-and-registration-frontend/src/main/resources/messages_en.properties Normal file
View File

@ -0,0 +1,67 @@
message.username=Username required
message.password=Password required
message.unauth=Unauthorized Access !!
message.badCredentials=Invalid Username or Password
message.sessionExpired=Session Timed Out
message.logoutError=Sorry, error logging out
message.logoutSucc=You logged out successfully
message.regSucc=You registered successfully. We will send you a confirmation message to your email account.
message.regError=An account for that username/email already exists. Please enter a different username.
message.lastName=Last name is required
message.firstName=First name required
message.badEmail=Invalid email address
message.email.config.error=Error in java mail configuration
token.message=Your token is:
auth.message.disabled=Your account is disabled please check your mail and click on the confirmation link
auth.message.expired=Your registration token has expired. Please register again.
auth.message.invalidUser=This username is invalid, or does not exist.
auth.message.invalidToken=Invalid account confirmation token.
label.user.email=Email:
label.user.firstName=First name:
label.user.lastName=Last name:
label.user.password=Password:
label.user.confirmPass=Confirm password
label.form.submit=Submit
label.form.title=Registration Form
label.form.loginLink=Back to login
label.login=Login here
label.form.loginTitle=Login
label.form.loginEmail=Email
label.form.loginPass=Password
label.form.loginEnglish=English
label.form.loginSpanish=Spanish
label.form.loginSignUp=Sign up
label.pages.logout=Logout
label.pages.admin=Administrator
label.pages.home.title=Home
label.pages.home.message=Welcome Home
label.pages.admin.message=Welcome Admin
label.pages.user.message=Welcome User
label.successRegister.title=Registration Success
label.badUser.title=Invalid Link
ValidEmail.user.email=Invalid email address!
UniqueUsername.user.username=An account with that username/email already exists
NotNull.user.firstName=First name required
NotEmpty.user.firstName=First name required
NotNull.user.lastName=Last name required
NotEmpty.user.lastName=Last name required
NotNull.user.username=Username(Email) required
NotEmpty.user.username=Username(Email) required
NotNull.user.password=Password required
NotEmpty.user.password=Password required
NotNull.user.matchingPassword=Required
NotEmpty.user.matchingPassword=Required
PasswordMatches.user:Password does not match!
Email.user.email=Invalid Username (Email)
label.form.resendRegistrationToken=Re-send Token
message.resendToken=We will send an email with a new registration token to your email account
message.forgetPassword=Forget Password
message.resetPassword=Reset Password
message.updatePassword=Update Password
message.userNotFound=User Not Found
auth.message.blocked=This ip is blocked for 24 hours
message.accountVerified=Your account verified successfully
message.resetPasswordSuc=Password reset successfully
message.resetYourPassword=Reset your password
message.resetPasswordEmail=You should receive an Password Reset Email shortly
message.error=Error Occurred

67
spring-security-login-and-registration-frontend/src/main/resources/messages_es_ES.properties Normal file
View File

@ -0,0 +1,67 @@
message.username=Por favor ingrese el nombre de usuario
message.password=Por favor ingrese una clave
message.unauth=Acceso denegado !!
message.badCredentials=Usuario o clave invalida
message.sessionExpired=La sesion expiro
message.logoutError=Lo sentimos, hubo problemas al salir
message.logoutSucc=Salida con exito
message.regSucc=Se registro correctamente. Le enviaremos un mensaje de confirmacion a su direccion de email.
message.regError=Ya existe una cuenta con ese nombre de usuario. Ingrese un nombre de usuario diferente.
message.lastName=Por favor ingrese su apellido
message.firstName=Por favor ingrese su nombre
message.badEmail=Direccion de correo no es valida
message.email.config.error=Error en configuracion de java mail
token.message=Su token es:
auth.message.disabled=Su cuenta no esta habilitada. Hemos enviado a su correo un link para habilitar su cuenta.
auth.message.expired=Su ficha de registro ha caducado, por favor registrese de nuevo.
auth.message.invalidUser=Este nombre de usuario es invalido o no existe.
auth.message.invalidToken=Codigo de confirmacion incorrecto.
label.user.email=Correo Electronico:
label.user.firstName=Nombre:
label.user.lastName=Apellido:
label.user.password=Contrasenia:
label.user.confirmPass=Confirme la contrasenia
label.form.submit=Enviar
label.form.title=Formulario de Registro
label.login=Autehtifiquese aqui
label.form.loginTitle=Ingreso
label.form.loginLink=Regrese a autentificacion
label.form.loginEmail=Correo Electronico
label.form.loginPass=Contrasenia
label.form.loginEnglish=Ingles
label.form.loginSpanish=Espaniol
label.form.loginSignUp=Registrese
label.pages.logout=Salir
label.pages.admin=Administrador
label.pages.home.title=Inicio
label.pages.home.message=Bienveni@ a Casa
label.pages.admin.message=Bienvenid@ Admin
label.pages.user.message=Bienvenid@ Usuari@
label.successRegister.title=Registro Exitoso
label.badUser.title=Enlace Invalido
ValidEmail.user.email=Cuenta correo invlida!
UniqueUsername.user.username=Ya existe una cuenta con ese nombre de usuario
NotNull.user.firstName=Por favor ingrese su nombre
NotEmpty.user.firstName=Por favor ingrese su nombre
NotNull.user.lastName=Por favor ingrese su apellido
NotEmpty.user.lastName=Por favor ingrese su apellido
NotNull.user.username=Por favor ingrese su cuenta de email
NotEmpty.user.username=Por favor ingrese su cuenta de email
NotNull.user.password=Por favor ingrese su clave
NotEmpty.user.password=Por favor ingrese su contraseña
NotNull.user.matchingPassword=Campo obligatirio
NotEmpty.user.matchingPassword=Campo obligatrio
PasswordMatches.user:Las claves no coinciden!
Email.user.email=Email no es valido
label.form.resendRegistrationToken=Reenviar mensaje de emergencia
message.resendToken=Te enviaremos un correo electrónico con un nuevo token de registro en su cuenta de correo electrónico
message.forgetPassword=Olvide la contraseña
message.resetPassword=Restablecer contraseña
message.updatePassword=Actualizar contraseña
message.userNotFound=Usuario no encontrado
auth.message.blocked=Esta IP se bloquea durante 24 horas
message.accountVerified=Su cuenta verificada con éxito
message.resetPasswordSuc=Contraseña reajusta correctamente
message.resetYourPassword=Restablecer su contraseña
message.resetPasswordEmail=Te enviaremos un correo electrónico para restablecer su contraseña
message.error=Se produjo un error

10
spring-security-login-and-registration-frontend/src/main/resources/persistence.properties Normal file
View File

@ -0,0 +1,10 @@
################### DataSource Configuration ##########################
jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3606/registration_02?createDatabaseIfNotExist=true
jdbc.user=tutorialuser
jdbc.pass=tutorialmy5ql
init-db=false
################### Hibernate Configuration ##########################
hibernate.dialect=org.hibernate.dialect.MySQLDialect
hibernate.show_sql=false
hibernate.hbm2ddl.auto=create-drop

39
spring-security-login-and-registration-frontend/src/main/resources/webSecurityConfig.xml Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">
<http use-expressions="true">
<intercept-url pattern="/login*" access="permitAll" />
<intercept-url pattern="/logout*" access="permitAll" />
<intercept-url pattern="/signin/**" access="permitAll" />
<intercept-url pattern="/signup/**" access="permitAll" />
<intercept-url pattern="/user/registration*" access="permitAll" />
<intercept-url pattern="/regitrationConfirm*" access="permitAll" />
<intercept-url pattern="/expiredAccount*" access="permitAll" />
<intercept-url pattern="/registration*" access="permitAll" />
<intercept-url pattern="/badUser*" access="permitAll" />
<intercept-url pattern="/user/resendRegistrationToken*" access="permitAll" />
<intercept-url pattern="/forgetPassword*" access="permitAll" />
<intercept-url pattern="/user/resetPassword*" access="permitAll" />
<intercept-url pattern="/user/changePassword*" access="permitAll" />
<intercept-url pattern="/updatePassword*" access="isAuthenticated()" />
<intercept-url pattern="/user/savePassword*" access="isAuthenticated()" />
<intercept-url pattern="/emailError*" access="permitAll" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/invalidSession*" access="isAnonymous()" />
<intercept-url pattern="/**" access="isAuthenticated()" />
<form-login login-page='/login.html' authentication-failure-url="/login.html?error=true" authentication-success-handler-ref="myAuthenticationSuccessHandler"
default-target-url="/homepage.html" />
<session-management invalid-session-url="/invalidSession.html" session-fixation-protection="none" />
<logout invalidate-session="false" logout-success-url="/logout.html?logSucc=true" logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
</http>
<authentication-manager>
<authentication-provider ref="authProvider" />
</authentication-manager>
</beans:beans>

3
spring-security-login-and-registration-frontend/src/main/webapp/META-INF/MANIFEST.MF Normal file
View File

@ -0,0 +1,3 @@
Manifest-Version: 1.0
Class-Path:

5
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/mvc-servlet.xml Normal file
View File

@ -0,0 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">
</beans>

34
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/admin.jsp Normal file
View File

@ -0,0 +1,34 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand"href="<c:url value="/home.html" />"><spring:message code="label.pages.home.title"></spring:message></a>
</div>
<ul class="nav navbar-nav navbar-right">
<li><a href="<c:url value="/j_spring_security_logout" />"><spring:message code="label.pages.logout"></spring:message></a> </li>
</ul>
</div>
</nav>
<div class="container">
<sec:authorize ifNotGranted="WRITE_PRIVILEGE">
<spring:message code="message.unauth"></spring:message>
</sec:authorize>
<sec:authorize ifAnyGranted="WRITE_PRIVILEGE">
<h1>
<spring:message code="label.pages.admin.message"></spring:message>
</h1>
</sec:authorize>
</div>
</body>
</html>

54
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/badUser.jsp Normal file
View File

@ -0,0 +1,54 @@
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<fmt:setBundle basename="messages" />
<%@ page session="true"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message
code="label.badUser.title"></spring:message></title>
</head>
<body>
<div class="container">
<h1 class="alert alert-danger">
${param.message}
</h1>
<br>
<a class="btn btn-default" href="<c:url value="/registration.html" />"><spring:message
code="label.form.loginSignUp"></spring:message></a>
<c:if test="${param.expired}">
<br>
<h1>${label.form.resendRegistrationToken}</h1>
<button onclick="resendToken()">
<spring:message code="label.form.resendRegistrationToken"></spring:message>
</button>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
function resendToken(){
$.get("<c:url value="/user/resendRegistrationToken"><c:param name="token" value="${param.token}"/></c:url>", function(data){
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.message;
})
.fail(function(data) {
if(data.responseJSON.error.indexOf("MailError") > -1)
{
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else{
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
}
});
}
$(document).ajaxStart(function() {
$("title").html("LOADING ...");
});
</script>
</c:if>
</div>
</body>
</html>

36
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/console.jsp Normal file
View File

@ -0,0 +1,36 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand"href="<c:url value="/home.html" />"><spring:message code="label.pages.home.title"></spring:message></a>
</div>
<ul class="nav navbar-nav navbar-right">
<li><a href="<c:url value="/j_spring_security_logout" />"><spring:message code="label.pages.logout"></spring:message></a> </li>
</ul>
</div>
</nav>
<div class="container">
<h1>This is the landing page for the admin</h1>
<sec:authorize access="hasRole('READ_PRIVILEGE')">
This text is only visible to a user
<br />
</sec:authorize>
<sec:authorize access="hasRole('WRITE_PRIVILEGE')">
This text is only visible to an admin
<br />
</sec:authorize>
<a class="btn btn-default" href="<c:url value="/admin.html" />"><spring:message code="label.pages.admin"></spring:message></a>
</div>
</body>
</html>

17
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/emailError.jsp Normal file
View File

@ -0,0 +1,17 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div class="container">
<h1 class="alert alert-danger">
<spring:message code="message.email.config.error"></spring:message>
</h1>
</div>
</body>
</html>

24
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/expiredAccount.jsp Normal file
View File

@ -0,0 +1,24 @@
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<fmt:setBundle basename="messages" />
<%@ page session="true"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div class="container">
<h1 class="alert alert-info">
<spring:message code="auth.message.expired"></spring:message>
</h1>
<br>
<a class="btn btn-default" href="<c:url value="registration.html" />"><spring:message
code="label.form.loginSignUp"></spring:message></a>
</div>
</body>
</html>

56
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/forgetPassword.jsp Normal file
View File

@ -0,0 +1,56 @@
<!DOCTYPE html>
<%@ page contentType="text/html;charset=UTF-8" language="java"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@ page session="false"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="message.resetPassword"></spring:message></title>
</head>
<body>
<div class="container">
<h1><spring:message code="message.resetPassword"></spring:message></h1>
<br>
<div class="row">
<label class="col-sm-1"><spring:message code="label.user.email"></spring:message></label>
<span class="col-sm-5"><input class="form-control" id="email" name="email" type="email" value="" /></span>
<button class="btn btn-primary" type="submit" onclick="resetPass()"><spring:message code="message.resetPassword"></spring:message></button>
</div>
<br>
<a class="btn btn-default" href="<c:url value="registration.html" />"><spring:message code="label.form.loginSignUp"></spring:message></a>
<br><br>
<a class="btn btn-default" href="<c:url value="login.html" />"><spring:message code="label.form.loginLink"></spring:message></a>
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
function resetPass(){
var email = $("#email").val();
$.post("<c:url value="/user/resetPassword"></c:url>",{email: email} ,function(data){
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.message;
})
.fail(function(data) {
if(data.responseJSON.error.indexOf("MailError") > -1)
{
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else{
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
}
});
}
$(document).ajaxStart(function() {
$("title").html("LOADING ...");
});
</script>
</body>
</html>

28
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/home.jsp Normal file
View File

@ -0,0 +1,28 @@
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<%@ page session="true"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand"href="#"><spring:message code="label.pages.home.title"></spring:message></a>
</div>
<ul class="nav navbar-nav navbar-right">
<li><a href="<c:url value="/j_spring_security_logout" />"><spring:message code="label.pages.logout"></spring:message></a> </li>
</ul>
</div>
</nav>
<div class="container">
<h1>
<spring:message code="label.pages.home.message"></spring:message>
</h1>
</div>
</body>
</html>

38
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/homepage.jsp Normal file
View File

@ -0,0 +1,38 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ page session="true"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand"href="<c:url value="/home.html" />"><spring:message code="label.pages.home.title"></spring:message></a>
</div>
<ul class="nav navbar-nav navbar-right">
<li><a href="<c:url value="/j_spring_security_logout" />"><spring:message code="label.pages.logout"></spring:message></a> </li>
</ul>
</div>
</nav>
<div class="container">
<sec:authorize access="hasRole('READ_PRIVILEGE')">
<spring:message code="label.pages.user.message"></spring:message>
<br />
</sec:authorize>
<sec:authorize access="hasRole('WRITE_PRIVILEGE')">
<spring:message code="label.pages.admin.message"></spring:message>
<br />
</sec:authorize>
${param.user}
<a class="btn btn-default" href="<c:url value="/admin.html" />"><spring:message code="label.pages.admin"></spring:message></a>
</div>
</body>
</html>

18
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/invalidSession.jsp Normal file
View File

@ -0,0 +1,18 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div class="container">
<h1 class="alert alert-danger">
<spring:message code="message.sessionExpired"></spring:message>
</h1>
<a class="btn btn-primary" href="<c:url value="login.html" />"><spring:message
code="label.form.loginLink"></spring:message></a>
</div>
</body>
</html>

109
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/login.jsp Normal file
View File

@ -0,0 +1,109 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<fmt:setBundle basename="messages" />
<%@ page session="true"%>
<fmt:message key="message.password" var="noPass" />
<fmt:message key="message.username" var="noUser" />
<c:if test="${param.error != null}">
<c:choose>
<c:when
test="${SPRING_SECURITY_LAST_EXCEPTION.message == 'User is disabled'}">
<div class="alert alert-danger">
<spring:message code="auth.message.disabled"></spring:message>
</div>
</c:when>
<c:when
test="${SPRING_SECURITY_LAST_EXCEPTION.message == 'User account has expired'}">
<div class="alert alert-danger">
<spring:message code="auth.message.expired"></spring:message>
</div>
</c:when>
<c:when
test="${SPRING_SECURITY_LAST_EXCEPTION.message == 'blocked'}">
<div class="alert alert-danger">
<spring:message code="auth.message.blocked"></spring:message>
</div>
</c:when>
<c:otherwise>
<div class="alert alert-danger">
<!-- <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/> -->
<spring:message code="message.badCredentials"></spring:message>
</div>
</c:otherwise>
</c:choose>
</c:if>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title><spring:message code="label.pages.home.title"></spring:message></title>
<script type="text/javascript">
function validate() {
if (document.f.j_username.value == ""
&& document.f.j_password.value == "") {
alert("${noUser} & ${noPass}");
document.f.j_username.focus();
return false;
}
if (document.f.j_username.value == "") {
alert("${noUser}");
document.f.j_username.focus();
return false;
}
if (document.f.j_password.value == "") {
alert("${noPass}");
document.f.j_password.focus();
return false;
}
}
</script>
<style type="text/css">
.wrapper{width:400px;margin-left:auto;margin-right:auto}
label{padding-left:0 !important}
</style>
</head>
<body>
<c:if test="${param.message != null}">
<div class="alert alert-info">
${param.message}
</div>
</c:if>
<div class="container">
<div class="row wrapper">
<h1>
<spring:message code="label.form.loginTitle"></spring:message>
</h1>
<a href="?lang=en"><spring:message code="label.form.loginEnglish"></spring:message></a>
| <a href="?lang=es_ES"><spring:message
code="label.form.loginSpanish"></spring:message></a>
<br><br>
<form name='f' action="j_spring_security_check" method='POST'
onsubmit="return validate();">
<label class="col-sm-2"><spring:message code="label.form.loginEmail"></spring:message></label>
<span class="col-sm-10"><input class="form-control" type='text' name='j_username' value=''></span>
<br><br>
<label class="col-sm-2"><spring:message code="label.form.loginPass"></spring:message></label>
<span class="col-sm-10"><input class="form-control" type='password' name='j_password' /></span>
<br><br>
<input class="btn btn-primary" name="submit" type="submit"
value=<spring:message code="label.form.submit"></spring:message> />
</form>
<br> Current Locale : ${pageContext.response.locale} <br><br>
<a class="btn btn-default" href="<c:url value="registration.html" />"><spring:message
code="label.form.loginSignUp"></spring:message></a>
<br><br>
<a class="btn btn-default" href="<c:url value="/forgetPassword.html" />"><spring:message
code="message.resetPassword"></spring:message></a>
</div>
</div>
</body>
</html>

31
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/logout.jsp Normal file
View File

@ -0,0 +1,31 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<c:if test="${not empty SPRING_SECURITY_LAST_EXCEPTION}">
<h1 id="error" class="alert alert-danger">
<spring:message code="message.logoutError"></spring:message>
</h1>
</c:if>
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div class="container">
<c:if test="${param.logSucc == true}">
<h1 id="success" class="alert alert-info">
<spring:message code="message.logoutSucc"></spring:message>
</h1>
</c:if>
<a class="btn btn-primary" href="<c:url value="login.html" />"><spring:message
code="label.form.loginLink"></spring:message></a>
</div>
</body>
</html>

94
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/registration.jsp Normal file
View File

@ -0,0 +1,94 @@
<!DOCTYPE html>
<%@ page contentType="text/html;charset=UTF-8" language="java"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ page session="false"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="label.form.title"></spring:message></title>
</head>
<body>
<div class="container">
<div >
<h1>
<spring:message code="label.form.title"></spring:message>
</h1>
<form action="/" method="POST" enctype="utf8">
<div class="form-group row" >
<label class="col-sm-3"><spring:message code="label.user.firstName"></spring:message></label>
<span class="col-sm-5"><input class="form-control" name="firstName" value="" /></span>
<span id="firstNameError" class="alert alert-danger col-sm-4" style="display:none"></span>
</div>
<div class="form-group row">
<label class="col-sm-3"><spring:message code="label.user.lastName"></spring:message></label>
<span class="col-sm-5"><input class="form-control" name="lastName" value="" /></span>
<span id="lastNameError" class="alert alert-danger col-sm-4" style="display:none"></span>
</div>
<div class="form-group row">
<label class="col-sm-3"><spring:message code="label.user.email"></spring:message></label>
<span class="col-sm-5"><input class="form-control" name="email" value="" /></span>
<span id="emailError" class="alert alert-danger col-sm-4" style="display:none"></span>
</div>
<div class="form-group row">
<label class="col-sm-3"><spring:message code="label.user.password"></spring:message></label>
<span class="col-sm-5"><input class="form-control" name="password" value="" type="password" /></span>
<span id="passwordError" class="alert alert-danger col-sm-4" style="display:none"></span>
</div>
<div class="form-group row">
<label class="col-sm-3"><spring:message code="label.user.confirmPass"></spring:message></label>
<span class="col-sm-5"><input class="form-control" name="matchingPassword" value="" type="password" /></span>
<span id="globalError" class="alert alert-danger col-sm-4" style="display:none"></span>
</div>
<br>
<a href="#" class="btn btn-primary" onclick="register()">
<spring:message code="label.form.submit"></spring:message>
</a>
</form>
<br>
<a href="<c:url value="login.html" />"><spring:message code="label.form.loginLink"></spring:message></a>
</div>
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
function register(){
$(".alert").html("").hide();
var formData= $('form').serialize();
$.post("<c:url value="/user/registration"></c:url>",formData ,function(data){
if(data.message == "success"){
window.location.href = "<c:url value="/successRegister.html"></c:url>";
}
else if(data.message == "email"){
$("#emailError").show().html(data.error);
}
else{
var errors = $.parseJSON(data.message);
$.each( errors, function( index,item ){
$("#"+item.field+"Error").show().html(item.defaultMessage);
});
errors = $.parseJSON(data.error);
$.each( errors, function( index,item ){
$("#globalError").show().append(item.defaultMessage+"<br>");
});
}
})
.fail(function(data) {
if(data.responseJSON.error.indexOf("MailError") > -1)
{
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else{
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
}
});
}
</script>
</body>
</html>

23
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/regitrationConfirm.jsp Normal file
View File

@ -0,0 +1,23 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<fmt:setBundle basename="messages" />
<%@ page session="true"%>
<c:if test="${param.token != null}">
<spring:message code="token.message"><c:out value="${param.token}"></c:out></spring:message>
</c:if>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div>
<h1 class="alert alert-info"><spring:message code="message.regSucc"></spring:message></h1>
<a class="btn btn-primary" href="<c:url value="login.html" />"><spring:message code="label.login"></spring:message></a>
</div>
</body>
</html>

25
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/successRegister.jsp Normal file
View File

@ -0,0 +1,25 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<fmt:setBundle basename="messages" />
<%@ page session="true"%>
<html>
<head>
<link href="<c:url value="/resources/bootstrap.css" />" rel="stylesheet">
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="label.pages.home.title"></spring:message></title>
</head>
<body>
<div class="container">
<h1 class="alert aler-info" id="success">
<spring:message code="message.regSucc"></spring:message>
</h1>
<a class="btn btn-primary" href="<c:url value="login.html" />"><spring:message
code="label.login"></spring:message></a>
</div>
</body>
</html>

60
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/view/updatePassword.jsp Normal file
View File

@ -0,0 +1,60 @@
<!DOCTYPE html>
<%@ page contentType="text/html;charset=UTF-8" language="java"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@ page session="false"%>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title><spring:message code="message.updatePassword"></spring:message></title>
</head>
<body>
<sec:authorize access="hasRole('READ_PRIVILEGE')">
<div class="container">
<div class="row">
<h1> <spring:message code="message.resetYourPassword"></spring:message> </h1>
<div >
<br>
<label class="col-sm-2"><spring:message code="label.user.password"></spring:message></label>
<span class="col-sm-5"><input class="form-control" id="pass" name="password" type="password" value="" /></span>
<span class="col-sm-5"></span>
<br><br>
<label class="col-sm-2"><spring:message code="label.user.confirmPass"></spring:message></label>
<span class="col-sm-5"><input class="form-control" id="passConfirm" type="password" value="" /></span>
<span id="error" class="alert alert-danger" style="display:none"><spring:message code="PasswordMatches.user"></spring:message></span>
<br><br>
<button class="btn btn-primary" type="submit" onclick="savePass()">
<spring:message code="message.updatePassword"></spring:message>
</button>
</div>
</div>
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
function savePass(){
var pass = $("#pass").val();
var valid = pass == $("#passConfirm").val();
if(!valid) {
$("#error").show();
return;
}
$.post("<c:url value="/user/savePassword"></c:url>",{password: pass} ,function(data){
window.location.href = "<c:url value="/login.html"></c:url>" + "?message="+data.message;
})
.fail(function(data) {
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
});
}
</script>
</sec:authorize>
</body>
</html>

51
spring-security-login-and-registration-frontend/src/main/webapp/WEB-INF/web.xml Normal file
View File

@ -0,0 +1,51 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<context-param>
<param-name>contextClass</param-name>
<param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>org.baeldung.spring</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<servlet>
<servlet-name>mvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>localizationFilter</filter-name>
<filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>localizationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

121
spring-security-login-and-registration-frontend/src/test/java/org/baeldung/test/SpringSecurityRolesTest.java Normal file
View File

@ -0,0 +1,121 @@
package org.baeldung.test;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import java.util.ArrayList;
import java.util.Arrays;
import org.baeldung.persistence.dao.PrivilegeRepository;
import org.baeldung.persistence.dao.RoleRepository;
import org.baeldung.persistence.dao.UserRepository;
import org.baeldung.persistence.model.Privilege;
import org.baeldung.persistence.model.Role;
import org.baeldung.persistence.model.User;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import org.springframework.test.context.transaction.TransactionConfiguration;
import org.springframework.transaction.annotation.Transactional;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = { TestConfig.class }, loader = AnnotationConfigContextLoader.class)
@Transactional
@TransactionConfiguration
public class SpringSecurityRolesTest {
@Autowired
private UserRepository userRepository;
@Autowired
private RoleRepository roleRepository;
@Autowired
private PrivilegeRepository privilegeRepository;
@Autowired
private PasswordEncoder passwordEncoder;
private User user;
private Role role;
private Privilege privilege;
// tests
@Test
public void testDeleteUser() {
role = new Role("TEST_ROLE");
roleRepository.save(role);
user = new User();
user.setFirstName("John");
user.setLastName("Doe");
user.setPassword(passwordEncoder.encode("123"));
user.setEmail("john@doe.com");
user.setRoles(Arrays.asList(role));
user.setEnabled(true);
userRepository.save(user);
assertNotNull(userRepository.findByEmail(user.getEmail()));
assertNotNull(roleRepository.findByName(role.getName()));
user.setRoles(null);
userRepository.delete(user);
assertNull(userRepository.findByEmail(user.getEmail()));
assertNotNull(roleRepository.findByName(role.getName()));
}
@Test
public void testDeleteRole() {
privilege = new Privilege("TEST_PRIVILEGE");
privilegeRepository.save(privilege);
role = new Role("TEST_ROLE");
role.setPrivileges(Arrays.asList(privilege));
roleRepository.save(role);
user = new User();
user.setFirstName("John");
user.setLastName("Doe");
user.setPassword(passwordEncoder.encode("123"));
user.setEmail("john@doe.com");
user.setRoles(Arrays.asList(role));
user.setEnabled(true);
userRepository.save(user);
assertNotNull(privilegeRepository.findByName(privilege.getName()));
assertNotNull(userRepository.findByEmail(user.getEmail()));
assertNotNull(roleRepository.findByName(role.getName()));
user.setRoles(new ArrayList<Role>());
role.setPrivileges(new ArrayList<Privilege>());
roleRepository.delete(role);
assertNull(roleRepository.findByName(role.getName()));
assertNotNull(privilegeRepository.findByName(privilege.getName()));
assertNotNull(userRepository.findByEmail(user.getEmail()));
}
@Test
public void testDeletePrivilege() {
privilege = new Privilege("TEST_PRIVILEGE");
privilegeRepository.save(privilege);
role = new Role("TEST_ROLE");
role.setPrivileges(Arrays.asList(privilege));
roleRepository.save(role);
assertNotNull(roleRepository.findByName(role.getName()));
assertNotNull(privilegeRepository.findByName(privilege.getName()));
role.setPrivileges(new ArrayList<Privilege>());
privilegeRepository.delete(privilege);
assertNull(privilegeRepository.findByName(privilege.getName()));
assertNotNull(roleRepository.findByName(role.getName()));
}
}