milton-kabir · milton-kabir · Mar 31, 2023 · Apr 2, 2023
diff --git a/pom.xml b/pom.xml
@@ -17,19 +17,18 @@
     <java.version>1.8</java.version>
   </properties>
   <dependencies>
-<!--    <dependency>-->
-<!--      <groupId>org.springframework.boot</groupId>-->
-<!--      <artifactId>spring-boot-starter-security</artifactId>-->
-<!--    </dependency>-->
-<!--    <dependency>-->
-<!--      <groupId>org.springframework.security</groupId>-->
-<!--      <artifactId>spring-security-test</artifactId>-->
-<!--      <scope>test</scope>-->
-<!--    </dependency>-->
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-security</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-test</artifactId>
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>javax.xml.bind</groupId>
       <artifactId>jaxb-api</artifactId>
-      <version>2.3.0</version>
     </dependency>
 
     <dependency>
@@ -44,7 +43,6 @@
     <dependency>
       <groupId>org.hibernate</groupId>
       <artifactId>hibernate-entitymanager</artifactId>
-      <version>5.6.14.Final</version>
     </dependency>
 
     <dependency>
@@ -54,8 +52,6 @@
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
-      <version>4.12</version>
-      <scope>test</scope>
     </dependency>
 
     <dependency>
@@ -104,12 +100,10 @@
     <dependency>
       <groupId>org.hibernate.validator</groupId>
       <artifactId>hibernate-validator</artifactId>
-      <version>6.0.11.Final</version>
     </dependency>
     <dependency>
       <groupId>org.codehaus.groovy</groupId>
       <artifactId>groovy</artifactId>
-      <version>2.4.15</version>
       <scope>test</scope>
     </dependency>
   </dependencies>

diff --git a/src/main/java/tacos/Ingredient.java b/src/main/java/tacos/Ingredient.java
@@ -2,21 +2,19 @@
 
 import javax.persistence.Entity;
 import javax.persistence.Id;
-import javax.validation.constraints.NotBlank;
 
 import lombok.AccessLevel;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 import lombok.RequiredArgsConstructor;
 
 @Data
-@Entity
 @RequiredArgsConstructor
 @NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+@Entity
 public class Ingredient {
 
   @Id
-  @NotBlank
   private final String id;
   private final String name;
   private final Type type;

diff --git a/src/main/java/tacos/Order.java b/src/main/java/tacos/Order.java
@@ -1,5 +1,6 @@
 package tacos;
 
+import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
@@ -9,41 +10,47 @@
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.ManyToMany;
+import javax.persistence.ManyToOne;
 import javax.persistence.PrePersist;
 import javax.persistence.Table;
 import javax.validation.constraints.Digits;
-import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.Pattern;
 
 import org.hibernate.validator.constraints.CreditCardNumber;
+import org.hibernate.validator.constraints.NotBlank;
 
 import lombok.Data;
 
 @Data
 @Entity
 @Table(name = "Taco_Order")
-public class Order {
+public class Order implements Serializable {
+
+  private static final long serialVersionUID = 1L;
 
   @Id
   @GeneratedValue(strategy = GenerationType.AUTO)
   private Long id;
 
   private Date placedAt;
 
-  @NotBlank(message = "Name is required")
-  private String name;
+  @ManyToOne
+  private User user;
+
+  @NotBlank(message = "Delivery name is required")
+  private String deliveryName;
 
   @NotBlank(message = "Street is required")
-  private String street;
+  private String deliveryStreet;
 
   @NotBlank(message = "City is required")
-  private String city;
+  private String deliveryCity;
 
   @NotBlank(message = "State is required")
-  private String state;
+  private String deliveryState;
 
   @NotBlank(message = "Zip code is required")
-  private String zip;
+  private String deliveryZip;
 
   @CreditCardNumber(message = "Not a valid credit card number")
   private String ccNumber;

diff --git a/src/main/java/tacos/SpringInActionApplication.java b/src/main/java/tacos/SpringInActionApplication.java
@@ -29,4 +29,4 @@ public CommandLineRunner dataLoader(IngredientRepository repo) {
       repo.save(new Ingredient("SRCR", "Sour Cream", Ingredient.Type.SAUCE));
     };
   }
-}
+}
diff --git a/src/main/java/tacos/Taco.java b/src/main/java/tacos/Taco.java
@@ -1,6 +1,5 @@
 package tacos;
 
-import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
 
@@ -23,15 +22,15 @@ public class Taco {
   @GeneratedValue(strategy = GenerationType.AUTO)
   private Long id;
 
-  private Date createdAt;
-
   @NotNull
   @Size(min = 5, message = "Name must be at least 5 characters long")
   private String name;
 
+  private Date createdAt;
+
   @ManyToMany(targetEntity = Ingredient.class)
   @Size(min = 1, message = "You must choose at least 1 ingredient")
-  private List<Ingredient> ingredients = new ArrayList<>();
+  private List<Ingredient> ingredients;
 
   @PrePersist
   void createdAt() {

diff --git a/src/main/java/tacos/User.java b/src/main/java/tacos/User.java
@@ -0,0 +1,65 @@
+package tacos;
+
+import java.util.Arrays;
+import java.util.Collection;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import lombok.AccessLevel;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.RequiredArgsConstructor;
+
+@Entity
+@Data
+@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+@RequiredArgsConstructor
+public class User implements UserDetails {
+
+  private static final long serialVersionUID = 1L;
+
+  @Id
+  @GeneratedValue(strategy = GenerationType.AUTO)
+  private Long id;
+
+  private final String username;
+  private final String password;
+  private final String fullname;
+  private final String street;
+  private final String city;
+  private final String state;
+  private final String zip;
+  private final String phoneNumber;
+
+  @Override
+  public Collection<? extends GrantedAuthority> getAuthorities() {
+    return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
+  }
+
+  @Override
+  public boolean isAccountNonExpired() {
+    return true;
+  }
+
+  @Override
+  public boolean isAccountNonLocked() {
+    return true;
+  }
+
+  @Override
+  public boolean isCredentialsNonExpired() {
+    return true;
+  }
+
+  @Override
+  public boolean isEnabled() {
+    return true;
+  }
+}
diff --git a/src/main/java/tacos/data/UserRepository.java b/src/main/java/tacos/data/UserRepository.java
@@ -0,0 +1,10 @@
+package tacos.data;
+
+import org.springframework.data.repository.CrudRepository;
+
+import tacos.User;
+
+public interface UserRepository extends CrudRepository<User, Long> {
+
+  User findByUsername(String username);
+}
diff --git a/src/main/java/tacos/security/ErrorHandler.java b/src/main/java/tacos/security/ErrorHandler.java
@@ -0,0 +1,17 @@
+package tacos.security;
+
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.servlet.ModelAndView;
+
+@ControllerAdvice
+public class ErrorHandler {
+
+  @ExceptionHandler(value = Exception.class)
+  public ModelAndView handleAllExceptions(Exception ex) {
+    ModelAndView model = new ModelAndView("error");
+    model.addObject("errorMessage", "An error occurred: " + ex.getMessage());
+    return model;
+  }
+}
+
diff --git a/src/main/java/tacos/security/ErrorResponse.java b/src/main/java/tacos/security/ErrorResponse.java
@@ -0,0 +1,15 @@
+package tacos.security;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class ErrorResponse {
+
+  private String errorCode;
+  private String errorMessage;
+}
+
diff --git a/src/main/java/tacos/security/RegistrationController.java b/src/main/java/tacos/security/RegistrationController.java
@@ -0,0 +1,30 @@
+package tacos.security;
+
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import lombok.RequiredArgsConstructor;
+import tacos.data.UserRepository;
+
+@Controller
+@RequestMapping("/register")
+@RequiredArgsConstructor
+public class RegistrationController {
+
+  private final UserRepository userRepo;
+  private final PasswordEncoder passwordEncoder;
+
+  @GetMapping
+  public String registerForm() {
+    return "registration";
+  }
+
+  @PostMapping
+  public String processRegistration(RegistrationForm form) {
+    userRepo.save(form.toUser(passwordEncoder));
+    return "redirect:/login";
+  }
+}
diff --git a/src/main/java/tacos/security/RegistrationForm.java b/src/main/java/tacos/security/RegistrationForm.java
@@ -0,0 +1,23 @@
+package tacos.security;
+
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import lombok.Data;
+import tacos.User;
+
+@Data
+public class RegistrationForm {
+
+  private String username;
+  private String password;
+  private String fullname;
+  private String street;
+  private String city;
+  private String state;
+  private String zip;
+  private String phone;
+
+  public User toUser(PasswordEncoder passwordEncoder) {
+    return new User(username, passwordEncoder.encode(password), fullname, street, city, state, zip, phone);
+  }
+}
diff --git a/src/main/java/tacos/security/SecurityConfig.java b/src/main/java/tacos/security/SecurityConfig.java
@@ -0,0 +1,48 @@
+package tacos.security;
+
+import lombok.RequiredArgsConstructor;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.crypto.password.StandardPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+  private final UserDetailsService userDetailsService;
+
+  @Override
+  protected void configure(HttpSecurity http) throws Exception {
+    http.authorizeRequests()
+        .antMatchers("/design", "/orders")
+        .access("hasRole('ROLE_USER')")
+        .antMatchers("/", "/**")
+        .access("permitAll")
+        .and()
+        .formLogin()
+        .loginPage("/login")
+        .and()
+        .logout()
+        .logoutSuccessUrl("/");
+  }
+
+  @Bean
+  public PasswordEncoder encoder() {
+    return new StandardPasswordEncoder("53cr3t");
+  }
+
+  @Override
+  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+    auth.userDetailsService(userDetailsService)
+        .passwordEncoder(encoder());
+  }
+}
-Original file line number
+Diff line change
@@ Expand Up @@
           repo.save(new Ingredient("SRCR", "Sour Cream", Ingredient.Type.SAUCE));
         };
       }
-    }
+    }