ADD SecurityConfig & ADD Auth Endpoints

2025-06-13 15:45:12 +02:00
parent fcd722f33b
commit 8d7f74e189
8 changed files with 141 additions and 16 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,7 @@
+### Security ###
+.env.local
+.env.prod
+
 node_modules
 HELP.md
 target/
@@ -37,7 +41,3 @@ build/
 videos/

 generated
-
-### Security ###
-.env.local
-.env.prod
--- a/pom.xml
+++ b/pom.xml
@@ -58,6 +58,14 @@
 			<scope>runtime</scope>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-oauth2-client</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
 	</dependencies>

 	<build>
--- a/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
+++ b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
@@ -0,0 +1,25 @@
+package com.ddf.vodsystem.controllers;
+
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/v1/auth/")
+public class AuthController {
+
+    @GetMapping("/user")
+    public Map<String, Object> user(@AuthenticationPrincipal OAuth2User principal) {
+        return Collections.singletonMap("name", principal.getAttribute("name"));
+    }
+
+    @GetMapping("/login")
+    public String login() {
+        return "login";
+    }
+}
--- a/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
+++ b/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
@@ -2,8 +2,13 @@ package com.ddf.vodsystem.repositories;

 import com.ddf.vodsystem.entities.User;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Repository;

+import java.util.Optional;
+
@Repository
 public interface UserRepository extends JpaRepository<User, Long> {
+    @Query("SELECT u FROM User u WHERE u.googleId = ?1")
+    Optional<User> findByGoogleId(String googleId);
 }
--- a/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
+++ b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
@@ -0,0 +1,44 @@
+package com.ddf.vodsystem.security;
+
+import com.ddf.vodsystem.entities.User;
+import com.ddf.vodsystem.repositories.UserRepository;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.util.Optional;
+
+@Service
+public class CustomOAuth2UserService extends DefaultOAuth2UserService {
+
+    private final UserRepository userRepository;
+
+    public CustomOAuth2UserService(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+    @Override
+    public OAuth2User loadUser(OAuth2UserRequest userRequest) {
+        OAuth2User oauthUser = super.loadUser(userRequest);
+
+        String googleId = oauthUser.getAttribute("sub"); // Google's unique user ID
+        String email = oauthUser.getAttribute("email");
+        String name = oauthUser.getAttribute("name");
+
+        Optional<User> userOptional = userRepository.findByGoogleId(googleId);
+        User user;
+        if (userOptional.isEmpty()) {
+            user = new User();
+            user.setGoogleId(googleId);
+            user.setEmail(email);
+            user.setName(name);
+            user.setUsername(email.split("@")[0]);
+            user.setCreatedAt(LocalDateTime.now());
+            userRepository.save(user);
+        }
+
+        return oauthUser;
+    }
+}
--- a/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
+++ b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
@@ -0,0 +1,38 @@
+package com.ddf.vodsystem.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    private final CustomOAuth2UserService customOAuth2UserService;
+
+    public SecurityConfig(CustomOAuth2UserService customOAuth2UserService) {
+        this.customOAuth2UserService = customOAuth2UserService;
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/", "/css/**", "api/v1/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .oauth2Login(oauth2 -> oauth2
+                        .loginPage("/login")
+                        .userInfoEndpoint(userInfo -> userInfo
+                            .userService(customOAuth2UserService))
+                )
+                .logout(logout -> logout
+                        .logoutSuccessUrl("/")
+                        .permitAll()
+                );
+
+        return http.build();
+    }
+}
--- a/src/main/resources/application-local.properties
+++ b/src/main/resources/application-local.properties
@@ -0,0 +1,16 @@
+# Database
+spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
+spring.datasource.username=myuser
+spring.datasource.password=mypassword
+spring.datasource.driver-class-name=org.postgresql.Driver
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=true
+spring.sql.init.mode=always
+spring.sql.init.schema-locations=classpath:db/schema.sql
+spring.sql.init.data-locations=classpath:db/data.sql
+
+# Security
+spring.security.oauth2.client.registration.google.client-id=${GOOGLE_CLIENT_ID}
+spring.security.oauth2.client.registration.google.client-secret=${GOOGLE_CLIENT_SECRET}
+spring.security.oauth2.client.registration.google.scope=openid,profile,email
+spring.security.oauth2.client.registration.google.redirect-uri=http://localhost:8080/login/oauth2/code/google
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,4 +1,5 @@
 spring.application.name=vodSystem
+spring.profiles.active=local

 # VODs
 spring.servlet.multipart.max-file-size=2GB
@@ -6,17 +7,5 @@ spring.servlet.multipart.max-request-size=2GB
 temp.vod.storage=videos/inputs/
 temp.vod.output=videos/outputs/

-# Database
-spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
-spring.datasource.username=myuser
-spring.datasource.password=mypassword
-spring.datasource.driver-class-name=org.postgresql.Driver
-spring.jpa.hibernate.ddl-auto=update
-spring.jpa.show-sql=true
-spring.sql.init.mode=always
-
-spring.sql.init.schema-locations=classpath:db/schema.sql
-spring.sql.init.data-locations=classpath:db/data.sql
-
 # Logging
 logging.level.org.springframework.web=DEBUG