Integrate UserService for authentication and remove hardcoded sqls fr…

…om SecurityConfig
chatterjeesunit · Sep 24, 2020 · e9bdc76 · e9bdc76
1 parent 376c2bc
commit e9bdc76
Show file tree

Hide file tree

Showing 5 changed files with 159 additions and 19 deletions.
diff --git a/src/main/java/com/dev/springdemo/auth/role/Role.java b/src/main/java/com/dev/springdemo/auth/role/Role.java
@@ -0,0 +1,33 @@
+package com.dev.springdemo.auth.role;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import javax.validation.constraints.NotNull;
+
+@Data
+@NoArgsConstructor
+@Entity
+@Table(name = "roles")
+public class Role implements GrantedAuthority {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private int id;
+
+    @NotNull
+    @Column(name = "role_name")
+    private String name;
+
+    @Override
+    public String getAuthority() {
+        return getName();
+    }
+}
diff --git a/src/main/java/com/dev/springdemo/auth/user/User.java b/src/main/java/com/dev/springdemo/auth/user/User.java
@@ -0,0 +1,88 @@
+package com.dev.springdemo.auth.user;
+
+import com.dev.springdemo.auth.role.Role;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import javax.persistence.CascadeType;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinTable;
+import javax.persistence.OneToMany;
+import javax.persistence.Table;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotNull;
+import java.util.Collection;
+import java.util.Set;
+
+@Data
+@NoArgsConstructor
+@Entity
+@Table(name = "user_info")
+public class User implements UserDetails {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private int id;
+
+    @NotNull
+    @Column(name = "first_name")
+    private String firstName;
+
+    @NotNull
+    @Column(name = "last_name")
+    private String lastName;
+
+    @NotNull
+    @Email
+    @Column(name = "email_address")
+    private String email;
+
+    @NotNull
+    @JsonIgnore
+    private String password;
+
+    @OneToMany(cascade= CascadeType.ALL, fetch = FetchType.EAGER)
+    @JoinTable(name="user_roles",
+            joinColumns={@JoinColumn(name="user_id", referencedColumnName="id")},
+            inverseJoinColumns={@JoinColumn(name="role_id", referencedColumnName="id")})
+    private Set<Role> roles;
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return roles;
+    }
+
+    @Override
+    public String getUsername() {
+        return email;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+}
diff --git a/src/main/java/com/dev/springdemo/auth/user/UserRepository.java b/src/main/java/com/dev/springdemo/auth/user/UserRepository.java
@@ -0,0 +1,12 @@
+package com.dev.springdemo.auth.user;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface UserRepository extends JpaRepository<User, Integer> {
+
+    Optional<User> findUserByEmail(String emailAddress);
+}
diff --git a/src/main/java/com/dev/springdemo/auth/user/UserService.java b/src/main/java/com/dev/springdemo/auth/user/UserService.java
@@ -0,0 +1,23 @@
+package com.dev.springdemo.auth.user;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import java.util.Optional;
+
+@Service
+public class UserService implements UserDetailsService {
+
+    @Autowired
+    private UserRepository userRepository;
+
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        Optional<User> userByEmail = userRepository.findUserByEmail(username);
+        return userByEmail.orElseThrow(() -> new UsernameNotFoundException("User not found."));
+    }
+}
diff --git a/src/main/java/com/dev/springdemo/config/SecurityConfig.java b/src/main/java/com/dev/springdemo/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 package com.dev.springdemo.config;
 
+import com.dev.springdemo.auth.user.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -8,27 +9,14 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
-import javax.sql.DataSource;
-
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter
 {
-    private final String USER_QUERY =
-            "select email_address, password, true as enabled " +
-            "from user_info where email_address = ?";
-
-
-    private String USER_ROLE_QUERY =
-            "select u.email_address, r.role_name " +
-            "from user_info u inner join user_roles ur on u.id = ur.user_id " +
-            "inner join roles r on r.id = ur.role_id " +
-            "where u.email_address = ?";
 
     @Autowired
-    DataSource dataSource;
+    private UserService userService;
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -46,11 +34,7 @@ protected void configure(HttpSecurity http) throws Exception {
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth
-            .jdbcAuthentication()
-            .dataSource(dataSource)
-            .usersByUsernameQuery(USER_QUERY)
-            .authoritiesByUsernameQuery(USER_ROLE_QUERY);
+        auth.userDetailsService(userService);
     }
 
     @Bean