From 6a3ea3f1349e6a6f592d48caaf80d3a3fc3e33f9 Mon Sep 17 00:00:00 2001 From: Struchkov Mark Date: Thu, 14 Oct 2021 19:42:03 +0300 Subject: [PATCH] auth service --- pom.xml | 16 ++- .../jwt/server/config/SecurityConfig.java | 44 ++++++++ .../jwt/server/controller/AuthController.java | 39 +++++++ .../jwt/server/controller/Controller.java | 34 ++++++ .../jwt/server/domain/JwtAuthentication.java | 43 ++++++++ .../example/jwt/server/domain/JwtRequest.java | 13 +++ .../jwt/server/domain/JwtResponse.java | 14 +++ .../jwt/server/domain/RefreshJwtRequest.java | 12 +++ .../example/jwt/server/domain/Role.java | 19 ++++ .../example/jwt/server/domain/User.java | 22 ++++ .../jwt/server/exception/AuthException.java | 9 ++ .../example/jwt/server/filter/JwtFilter.java | 51 +++++++++ .../jwt/server/service/AuthService.java | 74 +++++++++++++ .../jwt/server/service/JwtProvider.java | 100 ++++++++++++++++++ .../example/jwt/server/service/JwtUtils.java | 31 ++++++ .../jwt/server/service/UserService.java | 32 ++++++ src/main/resources/application.properties | 3 +- .../jwt/server/ServerJwtApplicationTests.java | 13 --- 18 files changed, 552 insertions(+), 17 deletions(-) create mode 100644 src/main/java/org/sadtech/example/jwt/server/config/SecurityConfig.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/controller/AuthController.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/controller/Controller.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/JwtAuthentication.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/JwtRequest.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/JwtResponse.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/RefreshJwtRequest.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/Role.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/domain/User.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/exception/AuthException.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/filter/JwtFilter.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/service/AuthService.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/service/JwtProvider.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/service/JwtUtils.java create mode 100644 src/main/java/org/sadtech/example/jwt/server/service/UserService.java delete mode 100644 src/test/java/org/sadtech/example/jwt/server/ServerJwtApplicationTests.java diff --git a/pom.xml b/pom.xml index 8f2be4f..8b9b7b8 100644 --- a/pom.xml +++ b/pom.xml @@ -28,10 +28,20 @@ true - org.springframework.boot - spring-boot-starter-test - test + io.jsonwebtoken + jjwt + 0.9.1 + + javax.xml.bind + jaxb-api + 2.4.0-b180830.0359 + + + org.springframework.boot + spring-boot-starter-security + + diff --git a/src/main/java/org/sadtech/example/jwt/server/config/SecurityConfig.java b/src/main/java/org/sadtech/example/jwt/server/config/SecurityConfig.java new file mode 100644 index 0000000..9faab7f --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/config/SecurityConfig.java @@ -0,0 +1,44 @@ +package org.sadtech.example.jwt.server.config; + +import lombok.RequiredArgsConstructor; +import org.sadtech.example.jwt.server.filter.JwtFilter; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +@EnableGlobalMethodSecurity(prePostEnabled = true) +public class SecurityConfig extends WebSecurityConfigurerAdapter { + + private final JwtFilter jwtFilter; + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .httpBasic().disable() + .csrf().disable() + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .and() + .authorizeRequests() + .antMatchers("/api/auth/login", "/api/auth/token").permitAll() + .anyRequest().authenticated() + .and() + .addFilterAfter(jwtFilter, UsernamePasswordAuthenticationFilter.class); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/controller/AuthController.java b/src/main/java/org/sadtech/example/jwt/server/controller/AuthController.java new file mode 100644 index 0000000..ab38e78 --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/controller/AuthController.java @@ -0,0 +1,39 @@ +package org.sadtech.example.jwt.server.controller; + +import lombok.RequiredArgsConstructor; +import org.sadtech.example.jwt.server.domain.JwtRequest; +import org.sadtech.example.jwt.server.domain.JwtResponse; +import org.sadtech.example.jwt.server.domain.RefreshJwtRequest; +import org.sadtech.example.jwt.server.service.AuthService; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequestMapping("api/auth") +@RequiredArgsConstructor +public class AuthController { + + private final AuthService authService; + + @PostMapping("login") + public ResponseEntity login(@RequestBody JwtRequest authRequest) { + final JwtResponse token = authService.login(authRequest); + return ResponseEntity.ok(token); + } + + @PostMapping("token") + public ResponseEntity getNewAccessToken(@RequestBody RefreshJwtRequest request) { + final JwtResponse token = authService.getAccessToken(request.getRefreshToken()); + return ResponseEntity.ok(token); + } + + @PostMapping("refresh") + public ResponseEntity getNewRefreshToken(@RequestBody RefreshJwtRequest request) { + final JwtResponse token = authService.refresh(request.getRefreshToken()); + return ResponseEntity.ok(token); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/controller/Controller.java b/src/main/java/org/sadtech/example/jwt/server/controller/Controller.java new file mode 100644 index 0000000..c50940f --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/controller/Controller.java @@ -0,0 +1,34 @@ +package org.sadtech.example.jwt.server.controller; + +import lombok.RequiredArgsConstructor; +import org.sadtech.example.jwt.server.domain.JwtAuthentication; +import org.sadtech.example.jwt.server.service.AuthService; +import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequestMapping("api") +@RequiredArgsConstructor +public class Controller { + + private final AuthService authService; + + @PreAuthorize("hasAuthority('USER')") + @GetMapping("hello/user") + public ResponseEntity helloUser() { + final JwtAuthentication authInfo = authService.getAuthInfo(); + + return ResponseEntity.ok("Hello user " + authInfo.getPrincipal() + "!"); + } + + @PreAuthorize("hasAuthority('ADMIN')") + @GetMapping("hello/admin") + public ResponseEntity helloAdmin() { + final JwtAuthentication authInfo = authService.getAuthInfo(); + return ResponseEntity.ok("Hello admin " + authInfo.getPrincipal() + "!"); + } + +} \ No newline at end of file diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/JwtAuthentication.java b/src/main/java/org/sadtech/example/jwt/server/domain/JwtAuthentication.java new file mode 100644 index 0000000..0ce6de4 --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/JwtAuthentication.java @@ -0,0 +1,43 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; + +import java.util.Collection; +import java.util.Set; + +@Getter +@Setter +public class JwtAuthentication implements Authentication { + + private boolean authenticated; + private String username; + private String firstName; + private Set roles; + + @Override + public Collection getAuthorities() { return roles; } + + @Override + public Object getCredentials() { return null; } + + @Override + public Object getDetails() { return null; } + + @Override + public Object getPrincipal() { return username; } + + @Override + public boolean isAuthenticated() { return authenticated; } + + @Override + public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { + this.authenticated = isAuthenticated; + } + + @Override + public String getName() { return firstName; } + +} \ No newline at end of file diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/JwtRequest.java b/src/main/java/org/sadtech/example/jwt/server/domain/JwtRequest.java new file mode 100644 index 0000000..24a9299 --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/JwtRequest.java @@ -0,0 +1,13 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.Getter; +import lombok.Setter; + +@Setter +@Getter +public class JwtRequest { + + private String login; + private String password; + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/JwtResponse.java b/src/main/java/org/sadtech/example/jwt/server/domain/JwtResponse.java new file mode 100644 index 0000000..878c44b --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/JwtResponse.java @@ -0,0 +1,14 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +@Getter +@AllArgsConstructor +public class JwtResponse { + + private final String type = "Bearer"; + private String accessToken; + private String refreshToken; + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/RefreshJwtRequest.java b/src/main/java/org/sadtech/example/jwt/server/domain/RefreshJwtRequest.java new file mode 100644 index 0000000..20d180b --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/RefreshJwtRequest.java @@ -0,0 +1,12 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class RefreshJwtRequest { + + public String refreshToken; + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/Role.java b/src/main/java/org/sadtech/example/jwt/server/domain/Role.java new file mode 100644 index 0000000..996f486 --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/Role.java @@ -0,0 +1,19 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.GrantedAuthority; + +@RequiredArgsConstructor +public enum Role implements GrantedAuthority { + + ADMIN("ADMIN"), + USER("USER"); + + private final String vale; + + @Override + public String getAuthority() { + return vale; + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/domain/User.java b/src/main/java/org/sadtech/example/jwt/server/domain/User.java new file mode 100644 index 0000000..9c775ee --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/domain/User.java @@ -0,0 +1,22 @@ +package org.sadtech.example.jwt.server.domain; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.util.Set; + +@Getter +@Setter +@AllArgsConstructor +@NoArgsConstructor +public class User { + + private String login; + private String password; + private String firstName; + private String lastName; + private Set roles; + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/exception/AuthException.java b/src/main/java/org/sadtech/example/jwt/server/exception/AuthException.java new file mode 100644 index 0000000..817531b --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/exception/AuthException.java @@ -0,0 +1,9 @@ +package org.sadtech.example.jwt.server.exception; + +public class AuthException extends RuntimeException { + + public AuthException(String message) { + super(message); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/filter/JwtFilter.java b/src/main/java/org/sadtech/example/jwt/server/filter/JwtFilter.java new file mode 100644 index 0000000..5f5a58d --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/filter/JwtFilter.java @@ -0,0 +1,51 @@ +package org.sadtech.example.jwt.server.filter; + +import io.jsonwebtoken.Claims; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.sadtech.example.jwt.server.domain.JwtAuthentication; +import org.sadtech.example.jwt.server.service.JwtProvider; +import org.sadtech.example.jwt.server.service.JwtUtils; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; +import org.springframework.web.filter.GenericFilterBean; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import java.io.IOException; + +@Slf4j +@Component +@RequiredArgsConstructor +public class JwtFilter extends GenericFilterBean { + + private static final String AUTHORIZATION = "Authorization"; + + private final JwtProvider jwtProvider; + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain fc) + throws IOException, ServletException { + final String token = getTokenFromRequest((HttpServletRequest) request); + if (token != null && jwtProvider.validateAccessToken(token)) { + final Claims claims = jwtProvider.getAccessClaims(token); + final JwtAuthentication jwtInfoToken = JwtUtils.generate(claims); + jwtInfoToken.setAuthenticated(true); + SecurityContextHolder.getContext().setAuthentication(jwtInfoToken); + } + fc.doFilter(request, response); + } + + private String getTokenFromRequest(HttpServletRequest request) { + final String bearer = request.getHeader(AUTHORIZATION); + if (StringUtils.hasText(bearer) && bearer.startsWith("Bearer ")) { + return bearer.substring(7); + } + return null; + } + +} \ No newline at end of file diff --git a/src/main/java/org/sadtech/example/jwt/server/service/AuthService.java b/src/main/java/org/sadtech/example/jwt/server/service/AuthService.java new file mode 100644 index 0000000..e2a69fe --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/service/AuthService.java @@ -0,0 +1,74 @@ +package org.sadtech.example.jwt.server.service; + +import io.jsonwebtoken.Claims; +import lombok.NonNull; +import lombok.RequiredArgsConstructor; +import org.sadtech.example.jwt.server.domain.JwtAuthentication; +import org.sadtech.example.jwt.server.domain.JwtRequest; +import org.sadtech.example.jwt.server.domain.JwtResponse; +import org.sadtech.example.jwt.server.domain.User; +import org.sadtech.example.jwt.server.exception.AuthException; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Service; + +import java.util.HashMap; +import java.util.Map; + +@Service +@RequiredArgsConstructor +public class AuthService { + + private final UserService userService; + private final Map refreshStorage = new HashMap<>(); + private final JwtProvider jwtProvider; + + public JwtResponse login(@NonNull JwtRequest authRequest) { + final User user = userService.getByLogin(authRequest.getLogin()) + .orElseThrow(() -> new AuthException("Пользователь не найден")); + if (user.getPassword().equals(authRequest.getPassword())) { + final String accessToken = jwtProvider.generateAccessToken(user); + final String refreshToken = jwtProvider.generateRefreshToken(user); + refreshStorage.put(user.getLogin(), refreshToken); + return new JwtResponse(accessToken, refreshToken); + } else { + throw new AuthException("Неправильный пароль"); + } + } + + public JwtResponse getAccessToken(@NonNull String refreshToken) { + if (jwtProvider.validateRefreshToken(refreshToken)) { + final Claims claims = jwtProvider.getRefreshClaims(refreshToken); + final String login = claims.getSubject(); + final String saveRefreshToken = refreshStorage.get(login); + if (saveRefreshToken != null && saveRefreshToken.equals(refreshToken)) { + final User user = userService.getByLogin(login) + .orElseThrow(() -> new AuthException("Пользователь не найден")); + final String accessToken = jwtProvider.generateAccessToken(user); + return new JwtResponse(accessToken, null); + } + } + return new JwtResponse(null, null); + } + + public JwtResponse refresh(@NonNull String refreshToken) { + if (jwtProvider.validateRefreshToken(refreshToken)) { + final Claims claims = jwtProvider.getRefreshClaims(refreshToken); + final String login = claims.getSubject(); + final String saveRefreshToken = refreshStorage.get(login); + if (saveRefreshToken != null && saveRefreshToken.equals(refreshToken)) { + final User user = userService.getByLogin(login) + .orElseThrow(() -> new AuthException("Пользователь не найден")); + final String accessToken = jwtProvider.generateAccessToken(user); + final String newRefreshToken = jwtProvider.generateRefreshToken(user); + refreshStorage.put(user.getLogin(), newRefreshToken); + return new JwtResponse(accessToken, newRefreshToken); + } + } + throw new AuthException("Невалидный JWT токен"); + } + + public JwtAuthentication getAuthInfo() { + return (JwtAuthentication) SecurityContextHolder.getContext().getAuthentication(); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/service/JwtProvider.java b/src/main/java/org/sadtech/example/jwt/server/service/JwtProvider.java new file mode 100644 index 0000000..ac3c9a3 --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/service/JwtProvider.java @@ -0,0 +1,100 @@ +package org.sadtech.example.jwt.server.service; + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.SignatureException; +import io.jsonwebtoken.UnsupportedJwtException; +import lombok.NonNull; +import lombok.extern.slf4j.Slf4j; +import org.sadtech.example.jwt.server.domain.User; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import java.time.Instant; +import java.time.LocalDateTime; +import java.time.ZoneId; +import java.util.Date; + +@Slf4j +@Component +public class JwtProvider { + + private final String jwtAccessSecret; + private final String jwtRefreshSecret; + + public JwtProvider( + @Value("${jwt.secret.access}") String jwtAccessSecret, + @Value("${jwt.secret.refresh}") String jwtRefreshSecret + ) { + this.jwtAccessSecret = jwtAccessSecret; + this.jwtRefreshSecret = jwtRefreshSecret; + } + + public String generateAccessToken(@NonNull User user) { + final LocalDateTime now = LocalDateTime.now(); + final Instant accessExpirationInstant = now.plusMinutes(5).atZone(ZoneId.systemDefault()).toInstant(); + final Date accessExpiration = Date.from(accessExpirationInstant); + final String accessToken = Jwts.builder() + .setSubject(user.getLogin()) + .setExpiration(accessExpiration) + .signWith(SignatureAlgorithm.HS512, jwtAccessSecret) + .claim("roles", user.getRoles()) + .claim("firstName", user.getFirstName()) + .compact(); + return accessToken; + } + + public String generateRefreshToken(@NonNull User user) { + final LocalDateTime now = LocalDateTime.now(); + final Instant refreshExpirationInstant = now.plusDays(30).atZone(ZoneId.systemDefault()).toInstant(); + final Date refreshExpiration = Date.from(refreshExpirationInstant); + final String refreshToken = Jwts.builder() + .setSubject(user.getLogin()) + .setExpiration(refreshExpiration) + .signWith(SignatureAlgorithm.HS512, jwtRefreshSecret) + .compact(); + return refreshToken; + } + + public boolean validateAccessToken(@NonNull String token) { + return validateToken(token, jwtAccessSecret); + } + + public boolean validateRefreshToken(@NonNull String token) { + return validateToken(token, jwtRefreshSecret); + } + + private boolean validateToken(@NonNull String token, @NonNull String secret) { + try { + Jwts.parser().setSigningKey(secret).parseClaimsJws(token); + return true; + } catch (ExpiredJwtException expEx) { + log.error("Token expired", expEx); + } catch (UnsupportedJwtException unsEx) { + log.error("Unsupported jwt", unsEx); + } catch (MalformedJwtException mjEx) { + log.error("Malformed jwt", mjEx); + } catch (SignatureException sEx) { + log.error("Invalid signature", sEx); + } catch (Exception e) { + log.error("invalid token", e); + } + return false; + } + + public Claims getAccessClaims(@NonNull String token) { + return getClaims(token, jwtAccessSecret); + } + + public Claims getRefreshClaims(@NonNull String token) { + return getClaims(token, jwtRefreshSecret); + } + + private Claims getClaims(@NonNull String token, @NonNull String secret) { + return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/service/JwtUtils.java b/src/main/java/org/sadtech/example/jwt/server/service/JwtUtils.java new file mode 100644 index 0000000..7f72abf --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/service/JwtUtils.java @@ -0,0 +1,31 @@ +package org.sadtech.example.jwt.server.service; + +import io.jsonwebtoken.Claims; +import lombok.AccessLevel; +import lombok.NoArgsConstructor; +import org.sadtech.example.jwt.server.domain.JwtAuthentication; +import org.sadtech.example.jwt.server.domain.Role; + +import java.util.List; +import java.util.Set; +import java.util.stream.Collectors; + +@NoArgsConstructor(access = AccessLevel.PRIVATE) +public final class JwtUtils { + + public static JwtAuthentication generate(Claims claims) { + final JwtAuthentication jwtInfoToken = new JwtAuthentication(); + jwtInfoToken.setRoles(getRoles(claims)); + jwtInfoToken.setFirstName(claims.get("firstName", String.class)); + jwtInfoToken.setUsername(claims.getSubject()); + return jwtInfoToken; + } + + private static Set getRoles(Claims claims) { + final List roles = claims.get("roles", List.class); + return roles.stream() + .map(Role::valueOf) + .collect(Collectors.toSet()); + } + +} diff --git a/src/main/java/org/sadtech/example/jwt/server/service/UserService.java b/src/main/java/org/sadtech/example/jwt/server/service/UserService.java new file mode 100644 index 0000000..b5bc82e --- /dev/null +++ b/src/main/java/org/sadtech/example/jwt/server/service/UserService.java @@ -0,0 +1,32 @@ +package org.sadtech.example.jwt.server.service; + +import lombok.NonNull; +import lombok.RequiredArgsConstructor; +import org.sadtech.example.jwt.server.domain.Role; +import org.sadtech.example.jwt.server.domain.User; +import org.springframework.stereotype.Service; + +import java.util.Collections; +import java.util.List; +import java.util.Optional; + +@Service +@RequiredArgsConstructor +public class UserService { + + private final List users; + + public UserService() { + this.users = List.of( + new User("anton", "1234", "Антон", "Иванов", Collections.singleton(Role.USER)), + new User("ivan", "12345", "Сергей", "Петров", Collections.singleton(Role.ADMIN)) + ); + } + + public Optional getByLogin(@NonNull String login) { + return users.stream() + .filter(user -> login.equals(user.getLogin())) + .findFirst(); + } + +} \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 8b13789..5db3fe4 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1 +1,2 @@ - +jwt.secret.access=supermegasecret +jwt.secret.refresh=supermegarefreshsecret \ No newline at end of file diff --git a/src/test/java/org/sadtech/example/jwt/server/ServerJwtApplicationTests.java b/src/test/java/org/sadtech/example/jwt/server/ServerJwtApplicationTests.java deleted file mode 100644 index 8793bca..0000000 --- a/src/test/java/org/sadtech/example/jwt/server/ServerJwtApplicationTests.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.sadtech.example.jwt.server; - -import org.junit.jupiter.api.Test; -import org.springframework.boot.test.context.SpringBootTest; - -@SpringBootTest -class ServerJwtApplicationTests { - - @Test - void contextLoads() { - } - -}