From 26cf6d0b0300b750a1391fa56fa66a168c719167 Mon Sep 17 00:00:00 2001
From: Anton Romanov <a.romanov@ulstu.ru>
Date: Fri, 14 Feb 2025 19:45:45 +0400
Subject: [PATCH] #11 -- Add spring security

---
 build.gradle                                  |  4 +++-
 .../fc/project/service/ProjectService.java    |  3 ++-
 .../{ => model}/UserNotFoundException.java    |  2 +-
 .../user/{ => repository}/UserRepository.java |  2 +-
 .../{ => repository}/UserRoleRepository.java  |  2 +-
 .../UserSessionRepository.java                |  2 +-
 .../fc/user/service/IpAddressResolver.java    | 22 +++++++++++++++++++
 .../fc/user/{ => service}/UserService.java    | 17 ++++----------
 .../UserSessionLoginHandler.java              |  2 +-
 .../UserSessionLogoutHandler.java             |  2 +-
 .../{ => service}/UserSessionService.java     |  4 +++-
 .../ulstu/fc/user/{ => utils}/UserUtils.java  |  2 +-
 12 files changed, 41 insertions(+), 23 deletions(-)
 rename src/main/java/ru/ulstu/fc/user/{ => model}/UserNotFoundException.java (82%)
 rename src/main/java/ru/ulstu/fc/user/{ => repository}/UserRepository.java (92%)
 rename src/main/java/ru/ulstu/fc/user/{ => repository}/UserRoleRepository.java (83%)
 rename src/main/java/ru/ulstu/fc/user/{ => repository}/UserSessionRepository.java (90%)
 create mode 100644 src/main/java/ru/ulstu/fc/user/service/IpAddressResolver.java
 rename src/main/java/ru/ulstu/fc/user/{ => service}/UserService.java (90%)
 rename src/main/java/ru/ulstu/fc/user/{ => service}/UserSessionLoginHandler.java (98%)
 rename src/main/java/ru/ulstu/fc/user/{ => service}/UserSessionLogoutHandler.java (98%)
 rename src/main/java/ru/ulstu/fc/user/{ => service}/UserSessionService.java (91%)
 rename src/main/java/ru/ulstu/fc/user/{ => utils}/UserUtils.java (96%)

diff --git a/build.gradle b/build.gradle
index a7dc0d0..d044239 100644
--- a/build.gradle
+++ b/build.gradle
@@ -24,11 +24,13 @@ dependencies {
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-web'
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-jetty'
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-thymeleaf'
+    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-validation'
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-data-jpa'
-    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-webflux'
+    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security'
     implementation group: 'org.json', name: 'json', version: '20220320'
 
     implementation group: 'nz.net.ultraq.thymeleaf', name: 'thymeleaf-layout-dialect'
+    implementation group: 'org.thymeleaf.extras', name: 'thymeleaf-extras-springsecurity6'
     implementation group: 'com.fasterxml.jackson.module', name: 'jackson-module-afterburner'
     implementation group: 'com.fasterxml.jackson.datatype', name: 'jackson-datatype-hibernate5'
     implementation group: 'com.h2database', name:'h2'
diff --git a/src/main/java/ru/ulstu/fc/project/service/ProjectService.java b/src/main/java/ru/ulstu/fc/project/service/ProjectService.java
index b53880d..97ae29a 100644
--- a/src/main/java/ru/ulstu/fc/project/service/ProjectService.java
+++ b/src/main/java/ru/ulstu/fc/project/service/ProjectService.java
@@ -4,6 +4,7 @@ import org.springframework.stereotype.Service;
 import ru.ulstu.fc.project.model.Project;
 import ru.ulstu.fc.project.model.ProjectForm;
 import ru.ulstu.fc.project.repository.ProjectRepository;
+import ru.ulstu.fc.user.utils.UserUtils;
 
 import java.util.List;
 
@@ -45,6 +46,6 @@ public class ProjectService {
     }
 
     private boolean isUserProject(Project project) {
-        return (userSevice.getCurrentUser().equals(project.getUser()));
+        return (UserUtils.getCurrentUserLogin().equals(project.getUser().getLogin()));
     }
 }
diff --git a/src/main/java/ru/ulstu/fc/user/UserNotFoundException.java b/src/main/java/ru/ulstu/fc/user/model/UserNotFoundException.java
similarity index 82%
rename from src/main/java/ru/ulstu/fc/user/UserNotFoundException.java
rename to src/main/java/ru/ulstu/fc/user/model/UserNotFoundException.java
index 49af789..7840fc6 100644
--- a/src/main/java/ru/ulstu/fc/user/UserNotFoundException.java
+++ b/src/main/java/ru/ulstu/fc/user/model/UserNotFoundException.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.model;
 
 public class UserNotFoundException extends RuntimeException {
     public UserNotFoundException(String message) {
diff --git a/src/main/java/ru/ulstu/fc/user/UserRepository.java b/src/main/java/ru/ulstu/fc/user/repository/UserRepository.java
similarity index 92%
rename from src/main/java/ru/ulstu/fc/user/UserRepository.java
rename to src/main/java/ru/ulstu/fc/user/repository/UserRepository.java
index 8610464..808bac5 100644
--- a/src/main/java/ru/ulstu/fc/user/UserRepository.java
+++ b/src/main/java/ru/ulstu/fc/user/repository/UserRepository.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.repository;
 
 import org.springframework.data.jpa.repository.EntityGraph;
 import org.springframework.data.jpa.repository.JpaRepository;
diff --git a/src/main/java/ru/ulstu/fc/user/UserRoleRepository.java b/src/main/java/ru/ulstu/fc/user/repository/UserRoleRepository.java
similarity index 83%
rename from src/main/java/ru/ulstu/fc/user/UserRoleRepository.java
rename to src/main/java/ru/ulstu/fc/user/repository/UserRoleRepository.java
index 5aec61f..3f03a8d 100644
--- a/src/main/java/ru/ulstu/fc/user/UserRoleRepository.java
+++ b/src/main/java/ru/ulstu/fc/user/repository/UserRoleRepository.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import ru.ulstu.fc.user.model.UserRole;
diff --git a/src/main/java/ru/ulstu/fc/user/UserSessionRepository.java b/src/main/java/ru/ulstu/fc/user/repository/UserSessionRepository.java
similarity index 90%
rename from src/main/java/ru/ulstu/fc/user/UserSessionRepository.java
rename to src/main/java/ru/ulstu/fc/user/repository/UserSessionRepository.java
index ff28f93..f4a6de4 100644
--- a/src/main/java/ru/ulstu/fc/user/UserSessionRepository.java
+++ b/src/main/java/ru/ulstu/fc/user/repository/UserSessionRepository.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import ru.ulstu.fc.user.model.UserSession;
diff --git a/src/main/java/ru/ulstu/fc/user/service/IpAddressResolver.java b/src/main/java/ru/ulstu/fc/user/service/IpAddressResolver.java
new file mode 100644
index 0000000..51a0f36
--- /dev/null
+++ b/src/main/java/ru/ulstu/fc/user/service/IpAddressResolver.java
@@ -0,0 +1,22 @@
+package ru.ulstu.fc.user.service;
+
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.util.StringUtils;
+
+public final class IpAddressResolver {
+    private static final String CLIENT_IP_HEADER = "Client-IP";
+    private static final String FORWARDED_FOR_HEADER = "X-Forwarded-For";
+
+    public static String getRemoteAddr(HttpServletRequest request) {
+        String headerClientIp = request.getHeader("");
+        String headerXForwardedFor = request.getHeader(HttpServletRequest.FORM_AUTH);
+        if (StringUtils.isEmpty(request.getRemoteAddr()) && !StringUtils.isEmpty(headerClientIp)) {
+            return headerClientIp;
+        }
+        if (!StringUtils.isEmpty(headerXForwardedFor)) {
+            return headerXForwardedFor;
+        }
+        return request.getRemoteAddr();
+    }
+
+}
diff --git a/src/main/java/ru/ulstu/fc/user/UserService.java b/src/main/java/ru/ulstu/fc/user/service/UserService.java
similarity index 90%
rename from src/main/java/ru/ulstu/fc/user/UserService.java
rename to src/main/java/ru/ulstu/fc/user/service/UserService.java
index 517c4f0..f30ffd9 100644
--- a/src/main/java/ru/ulstu/fc/user/UserService.java
+++ b/src/main/java/ru/ulstu/fc/user/service/UserService.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.service;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -10,8 +10,11 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import ru.ulstu.fc.user.model.User;
+import ru.ulstu.fc.user.model.UserNotFoundException;
 import ru.ulstu.fc.user.model.UserRole;
 import ru.ulstu.fc.user.model.UserRoleConstants;
+import ru.ulstu.fc.user.repository.UserRepository;
+import ru.ulstu.fc.user.repository.UserRoleRepository;
 
 import java.util.Collections;
 import java.util.Optional;
@@ -82,16 +85,4 @@ public class UserService implements UserDetailsService {
     public void initDefaultAdmin() {
         createDefaultUser("admin", UserRoleConstants.ADMIN);
     }
-
-    public void initDefaultAspirant() {
-        createDefaultUser("aspirant", UserRoleConstants.ASPIRANT);
-    }
-
-    public void initDefaultManager() {
-        createDefaultUser("manager", UserRoleConstants.MANAGER);
-    }
-
-    public void initDefaultHead() {
-        createDefaultUser("head", UserRoleConstants.HEAD);
-    }
 }
diff --git a/src/main/java/ru/ulstu/fc/user/UserSessionLoginHandler.java b/src/main/java/ru/ulstu/fc/user/service/UserSessionLoginHandler.java
similarity index 98%
rename from src/main/java/ru/ulstu/fc/user/UserSessionLoginHandler.java
rename to src/main/java/ru/ulstu/fc/user/service/UserSessionLoginHandler.java
index ded0a1b..b05710d 100644
--- a/src/main/java/ru/ulstu/fc/user/UserSessionLoginHandler.java
+++ b/src/main/java/ru/ulstu/fc/user/service/UserSessionLoginHandler.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.service;
 
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
diff --git a/src/main/java/ru/ulstu/fc/user/UserSessionLogoutHandler.java b/src/main/java/ru/ulstu/fc/user/service/UserSessionLogoutHandler.java
similarity index 98%
rename from src/main/java/ru/ulstu/fc/user/UserSessionLogoutHandler.java
rename to src/main/java/ru/ulstu/fc/user/service/UserSessionLogoutHandler.java
index 2063de8..98d50fe 100644
--- a/src/main/java/ru/ulstu/fc/user/UserSessionLogoutHandler.java
+++ b/src/main/java/ru/ulstu/fc/user/service/UserSessionLogoutHandler.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.service;
 
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
diff --git a/src/main/java/ru/ulstu/fc/user/UserSessionService.java b/src/main/java/ru/ulstu/fc/user/service/UserSessionService.java
similarity index 91%
rename from src/main/java/ru/ulstu/fc/user/UserSessionService.java
rename to src/main/java/ru/ulstu/fc/user/service/UserSessionService.java
index 7f6e5ce..037957c 100644
--- a/src/main/java/ru/ulstu/fc/user/UserSessionService.java
+++ b/src/main/java/ru/ulstu/fc/user/service/UserSessionService.java
@@ -1,11 +1,13 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.service;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import ru.ulstu.fc.user.model.User;
+import ru.ulstu.fc.user.model.UserNotFoundException;
 import ru.ulstu.fc.user.model.UserSession;
+import ru.ulstu.fc.user.repository.UserSessionRepository;
 
 @Service
 @Transactional
diff --git a/src/main/java/ru/ulstu/fc/user/UserUtils.java b/src/main/java/ru/ulstu/fc/user/utils/UserUtils.java
similarity index 96%
rename from src/main/java/ru/ulstu/fc/user/UserUtils.java
rename to src/main/java/ru/ulstu/fc/user/utils/UserUtils.java
index a7169c8..fc610b7 100644
--- a/src/main/java/ru/ulstu/fc/user/UserUtils.java
+++ b/src/main/java/ru/ulstu/fc/user/utils/UserUtils.java
@@ -1,4 +1,4 @@
-package ru.ulstu.fc.user;
+package ru.ulstu.fc.user.utils;
 
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContext;