diff --git a/.gitignore b/.gitignore
index a83d689..a449874 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,7 @@
+### Security ###
+.env.local
+.env.prod
+
node_modules
HELP.md
target/
@@ -37,7 +41,3 @@ build/
videos/
generated
-
-### Security ###
-.env.local
-.env.prod
diff --git a/pom.xml b/pom.xml
index af35711..d722517 100644
--- a/pom.xml
+++ b/pom.xml
@@ -58,6 +58,14 @@
runtime
true
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
diff --git a/src/main/java/com/ddf/vodsystem/controllers/AuthController.java b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
new file mode 100644
index 0000000..107c7d4
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
@@ -0,0 +1,25 @@
+package com.ddf.vodsystem.controllers;
+
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/v1/auth/")
+public class AuthController {
+
+ @GetMapping("/user")
+ public Map user(@AuthenticationPrincipal OAuth2User principal) {
+ return Collections.singletonMap("name", principal.getAttribute("name"));
+ }
+
+ @GetMapping("/login")
+ public String login() {
+ return "login";
+ }
+}
diff --git a/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java b/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
index b907163..50262d6 100644
--- a/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
+++ b/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
@@ -2,8 +2,13 @@ package com.ddf.vodsystem.repositories;
import com.ddf.vodsystem.entities.User;
import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
+import java.util.Optional;
+
@Repository
public interface UserRepository extends JpaRepository {
+ @Query("SELECT u FROM User u WHERE u.googleId = ?1")
+ Optional findByGoogleId(String googleId);
}
diff --git a/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
new file mode 100644
index 0000000..0423922
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
@@ -0,0 +1,44 @@
+package com.ddf.vodsystem.security;
+
+import com.ddf.vodsystem.entities.User;
+import com.ddf.vodsystem.repositories.UserRepository;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.util.Optional;
+
+@Service
+public class CustomOAuth2UserService extends DefaultOAuth2UserService {
+
+ private final UserRepository userRepository;
+
+ public CustomOAuth2UserService(UserRepository userRepository) {
+ this.userRepository = userRepository;
+ }
+
+ @Override
+ public OAuth2User loadUser(OAuth2UserRequest userRequest) {
+ OAuth2User oauthUser = super.loadUser(userRequest);
+
+ String googleId = oauthUser.getAttribute("sub"); // Google's unique user ID
+ String email = oauthUser.getAttribute("email");
+ String name = oauthUser.getAttribute("name");
+
+ Optional userOptional = userRepository.findByGoogleId(googleId);
+ User user;
+ if (userOptional.isEmpty()) {
+ user = new User();
+ user.setGoogleId(googleId);
+ user.setEmail(email);
+ user.setName(name);
+ user.setUsername(email.split("@")[0]);
+ user.setCreatedAt(LocalDateTime.now());
+ userRepository.save(user);
+ }
+
+ return oauthUser;
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
new file mode 100644
index 0000000..93d3d8c
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
@@ -0,0 +1,38 @@
+package com.ddf.vodsystem.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+ private final CustomOAuth2UserService customOAuth2UserService;
+
+ public SecurityConfig(CustomOAuth2UserService customOAuth2UserService) {
+ this.customOAuth2UserService = customOAuth2UserService;
+ }
+
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ http
+ .csrf(AbstractHttpConfigurer::disable)
+ .authorizeHttpRequests(auth -> auth
+ .requestMatchers("/", "/css/**", "api/v1/**").permitAll()
+ .anyRequest().authenticated()
+ )
+ .oauth2Login(oauth2 -> oauth2
+ .loginPage("/login")
+ .userInfoEndpoint(userInfo -> userInfo
+ .userService(customOAuth2UserService))
+ )
+ .logout(logout -> logout
+ .logoutSuccessUrl("/")
+ .permitAll()
+ );
+
+ return http.build();
+ }
+}
diff --git a/src/main/resources/application-local.properties b/src/main/resources/application-local.properties
new file mode 100644
index 0000000..7aa05ee
--- /dev/null
+++ b/src/main/resources/application-local.properties
@@ -0,0 +1,16 @@
+# Database
+spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
+spring.datasource.username=myuser
+spring.datasource.password=mypassword
+spring.datasource.driver-class-name=org.postgresql.Driver
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=true
+spring.sql.init.mode=always
+spring.sql.init.schema-locations=classpath:db/schema.sql
+spring.sql.init.data-locations=classpath:db/data.sql
+
+# Security
+spring.security.oauth2.client.registration.google.client-id=${GOOGLE_CLIENT_ID}
+spring.security.oauth2.client.registration.google.client-secret=${GOOGLE_CLIENT_SECRET}
+spring.security.oauth2.client.registration.google.scope=openid,profile,email
+spring.security.oauth2.client.registration.google.redirect-uri=http://localhost:8080/login/oauth2/code/google
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index f3ab51b..773728b 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,4 +1,5 @@
spring.application.name=vodSystem
+spring.profiles.active=local
# VODs
spring.servlet.multipart.max-file-size=2GB
@@ -6,17 +7,5 @@ spring.servlet.multipart.max-request-size=2GB
temp.vod.storage=videos/inputs/
temp.vod.output=videos/outputs/
-# Database
-spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
-spring.datasource.username=myuser
-spring.datasource.password=mypassword
-spring.datasource.driver-class-name=org.postgresql.Driver
-spring.jpa.hibernate.ddl-auto=update
-spring.jpa.show-sql=true
-spring.sql.init.mode=always
-
-spring.sql.init.schema-locations=classpath:db/schema.sql
-spring.sql.init.data-locations=classpath:db/data.sql
-
# Logging
logging.level.org.springframework.web=DEBUG
\ No newline at end of file