Chapter 4. Add registration form, spring security for basic authentication.

Author: NauAlex93

pom.xml

@@ -99,6 +99,10 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/tacos/User.java

@@ -0,0 +1,57 @@
+package tacos;
+
+import lombok.AccessLevel;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import java.util.Arrays;
+import java.util.Collection;
+
+@Entity
+@Data
+@NoArgsConstructor(access= AccessLevel.PRIVATE, force=true)
+@RequiredArgsConstructor
+public class User implements UserDetails {
+    private static final long serialVersionUID = 1L;
+
+    @Id
+    @GeneratedValue(strategy= GenerationType.AUTO)
+    private Long id;
+    private final String username;
+    private final String password;
+    private final String fullname;
+    private final String street;
+    private final String city;
+    private final String state;
+    private final String zip;
+    private final String phoneNumber;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
+    }
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+}

src/main/java/tacos/data/UserRepository.java

@@ -0,0 +1,8 @@
+package tacos.data;
+
+import org.springframework.data.repository.CrudRepository;
+import tacos.User;
+
+public interface UserRepository extends CrudRepository<User, Long> {
+    User findByUsername(String username);
+}

src/main/java/tacos/security/RegistrationController.java

@@ -0,0 +1,33 @@
+package tacos.security;
+
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import tacos.data.UserRepository;
+
+@Controller
+@RequestMapping("/register")
+public class RegistrationController {
+
+    private UserRepository userRepo;
+    private PasswordEncoder passwordEncoder;
+
+    public RegistrationController(
+            UserRepository userRepo, PasswordEncoder passwordEncoder) {
+        this.userRepo = userRepo;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    @GetMapping
+    public String registerForm() {
+        return "registration";
+    }
+
+    @PostMapping
+    public String processRegistration(RegistrationForm form) {
+        userRepo.save(form.toUser(passwordEncoder));
+        return "redirect:/login";
+    }
+}

src/main/java/tacos/security/RegistrationForm.java

@@ -0,0 +1,24 @@
+package tacos.security;
+
+import lombok.Data;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import tacos.User;
+
+@Data
+public class RegistrationForm {
+
+    private String username;
+    private String password;
+    private String fullname;
+    private String street;
+    private String city;
+    private String state;
+    private String zip;
+    private String phone;
+
+    public User toUser(PasswordEncoder passwordEncoder) {
+        return new User(
+                username, passwordEncoder.encode(password),
+                fullname, street, city, state, zip, phone);
+    }
+}

src/main/java/tacos/security/SecurityConfig.java

@@ -0,0 +1,32 @@
+package tacos.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+import javax.sql.DataSource;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    DataSource dataSource;
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+            .jdbcAuthentication()
+            .dataSource(dataSource)
+            .usersByUsernameQuery(
+                        "select username, password, enabled from Users " +
+                                "where username=?")
+            .authoritiesByUsernameQuery(
+                        "select username, authority from UserAuthorities " +
+                                "where username=?")
+                .passwordEncoder(new BCryptPasswordEncoder(10));
+    }
+}

src/main/java/tacos/security/UserRepositoryUserDetailsService.java

@@ -0,0 +1,29 @@
+package tacos.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import tacos.User;
+import tacos.data.UserRepository;
+
+@Service
+public class UserRepositoryUserDetailsService
+        implements UserDetailsService {
+    private UserRepository userRepo;
+    @Autowired
+    public UserRepositoryUserDetailsService(UserRepository userRepo) {
+        this.userRepo = userRepo;
+    }
+    @Override
+    public UserDetails loadUserByUsername(String username)
+            throws UsernameNotFoundException {
+        User user = userRepo.findByUsername(username);
+        if (user != null) {
+            return user;
+        }
+        throw new UsernameNotFoundException(
+                "User '" + username + "' not found");
+    }
+}

src/main/resources/data.sql

@@ -0,0 +1,32 @@
+delete from Taco_Order_Tacos;
+delete from Taco_Ingredients;
+delete from Taco;
+delete from Taco_Order;
+delete from Ingredient;
+delete from USERS;
+delete from USERAUTHORITIES;
+
+insert into Ingredient (id, name, type)
+values ('FLTO', 'Flour Tortilla', 'WRAP');
+insert into Ingredient (id, name, type)
+values ('COTO', 'Corn Tortilla', 'WRAP');
+insert into Ingredient (id, name, type)
+values ('GRBF', 'Ground Beef', 'PROTEIN');
+insert into Ingredient (id, name, type)
+values ('CARN', 'Carnitas', 'PROTEIN');
+insert into Ingredient (id, name, type)
+values ('TMTO', 'Diced Tomatoes', 'VEGGIES');
+insert into Ingredient (id, name, type)
+values ('LETC', 'Lettuce', 'VEGGIES');
+insert into Ingredient (id, name, type)
+values ('CHED', 'Cheddar', 'CHEESE');
+insert into Ingredient (id, name, type)
+values ('JACK', 'Monterrey Jack', 'CHEESE');
+insert into Ingredient (id, name, type)
+values ('SLSA', 'Salsa', 'SAUCE');
+insert into Ingredient (id, name, type)
+values ('SRCR', 'Sour Cream', 'SAUCE');
+insert into Users (username, password, enabled)
+values ('user', 'password', true);
+insert into USERAUTHORITIES (username, authority)
+values ('user', 'ALL');

src/main/resources/schema.sql

@@ -0,0 +1,52 @@
+create table if not exists Ingredient (
+                                        id varchar(4) not null,
+                                        name varchar(25) not null,
+                                        type varchar(10) not null
+);
+create table if not exists Taco (
+                                  id identity,
+                                  name varchar(50) not null,
+                                  createdAt timestamp not null
+);
+create table if not exists Taco_Ingredients (
+                                              taco bigint not null,
+                                              ingredient varchar(4) not null
+);
+alter table Taco_Ingredients
+  add foreign key (taco) references Taco(id);
+alter table Taco_Ingredients
+  add foreign key (ingredient) references Ingredient(id);
+create table if not exists Taco_Order (
+                                        id identity,
+                                        deliveryName varchar(50) not null,
+                                        deliveryStreet varchar(50) not null,
+                                        deliveryCity varchar(50) not null,
+                                        deliveryState varchar(2) not null,
+                                        deliveryZip varchar(10) not null,
+                                        ccNumber varchar(16) not null,
+                                        ccExpiration varchar(5) not null,
+                                        ccCVV varchar(3) not null,
+                                        placedAt timestamp not null
+);
+create table if not exists Taco_Order_Tacos (
+                                              tacoOrder bigint not null,
+                                              taco bigint not null
+);
+alter table Taco_Order_Tacos
+  add foreign key (tacoOrder) references Taco_Order(id);
+alter table Taco_Order_Tacos
+  add foreign key (taco) references Taco(id);
+
+create table if not exists Users (
+                                   username varchar(25) not null,
+                                   password varchar(25) not null,
+                                   enabled boolean not null
+);
+
+create table if not exists UserAuthorities (
+                                             username varchar(25) not null,
+                                             authority varchar(25) not null
+);
+
+alter table UserAuthorities
+  add foreign key (username) references Users(username);

src/main/resources/templates/registration.html

@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:th="http://www.thymeleaf.org">
+<head>
+    <title>Taco Cloud</title>
+</head>
+<body>
+<h1>Register</h1>
+<img th:src="@{/images/TacoCloud.png}"/>
+<form method="POST" th:action="@{/register}" id="registerForm">
+    <label for="username">Username: </label>
+    <input type="text" name="username"/><br/>
+    <label for="password">Password: </label>
+    <input type="password" name="password"/><br/>
+    <label for="confirm">Confirm password: </label>
+    <input type="password" name="confirm"/><br/>
+    <label for="fullname">Full name: </label>
+    <input type="text" name="fullname"/><br/>
+    <label for="street">Street: </label>
+    <input type="text" name="street"/><br/>
+    <label for="city">City: </label>
+    <input type="text" name="city"/><br/>
+    <label for="state">State: </label>
+    <input type="text" name="state"/><br/>
+    <label for="zip">Zip: </label>
+    <input type="text" name="zip"/><br/>
+    <label for="phone">Phone: </label>
+    <input type="text" name="phone"/><br/>
+    <input type="submit" value="Register"/>
+</form>
+</body>
+</html>