juick-api: security WIP

author: Vitaly Takmazov 2016-11-25 13:20:15 +0300
committer: Vitaly Takmazov 2016-11-25 13:20:15 +0300
commit: 55b09a6a3bc4a21201189d855e140308f05016fb (patch)
tree: 543c880aaf15bf396eca6255bd816fb7d5dc9f12 /juick-server/src/main/java/com
parent: efe9b6d78c9aac2b92afe2d55d2f33e4b5e6d179 (diff)
3 files changed, 117 insertions, 0 deletions
diff --git a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java
new file mode 100644
index 00000000..4c73196d
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java
@@ -0,0 +1,20 @@
+package com.juick.server.security;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+public class JuickAuthenticationEntryPoint implements AuthenticationEntryPoint {
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
+            throws IOException, ServletException {
+        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+    }
+}
diff --git a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java
new file mode 100644
index 00000000..bf0ed4d7
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java
@@ -0,0 +1,35 @@
+package com.juick.server.security;
+
+import com.juick.service.UserService;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import javax.inject.Inject;
+import java.util.Collections;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+public class JuickAuthenticationProvider implements AuthenticationProvider {
+    @Inject
+    UserService userService;
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        String name = authentication.getName();
+        String password = authentication.getCredentials().toString();
+        if (userService.checkPassword(name, password) > 0) {
+            return new UsernamePasswordAuthenticationToken(name, password, Collections.singletonList(
+                    new SimpleGrantedAuthority("ROLE_USER")
+            ));
+        }
+        return null;
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return authentication.equals(UsernamePasswordAuthenticationToken.class);
+    }
+}
diff --git a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java
new file mode 100644
index 00000000..6cc002ae
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java
@@ -0,0 +1,62 @@
+package com.juick.server.security.entities;
+
+import com.juick.User;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+public class JuickUser implements UserDetails {
+    private static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
+
+    private final com.juick.User user;
+
+
+    public JuickUser(com.juick.User user) {
+        this.user = user;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return Collections.singletonList(ROLE_USER);
+    }
+
+    @Override
+    public String getPassword() {
+        return null;
+    }
+
+    @Override
+    public String getUsername() {
+        return user.getName();
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return false;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return !user.isBanned();
+    }
+
+    public User getUser() {
+        return user;
+    }
+}
author	Vitaly Takmazov	2016-11-25 13:20:15 +0300
committer	Vitaly Takmazov	2016-11-25 13:20:15 +0300
commit	55b09a6a3bc4a21201189d855e140308f05016fb (patch)
tree	543c880aaf15bf396eca6255bd816fb7d5dc9f12 /juick-server/src/main/java/com
parent	efe9b6d78c9aac2b92afe2d55d2f33e4b5e6d179 (diff)