REFINE OAuth2 user handling and update database schema

2025-06-23 23:28:29 +02:00
parent 8d7f74e189
commit c7b3f6bf70
8 changed files with 56 additions and 54 deletions
--- a/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
+++ b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
@@ -6,7 +6,6 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

-import java.util.Collections;
 import java.util.Map;

@RestController
@@ -15,7 +14,7 @@ public class AuthController {

    @GetMapping("/user")
    public Map<String, Object> user(@AuthenticationPrincipal OAuth2User principal) {
-        return Collections.singletonMap("name", principal.getAttribute("name"));
+        return principal.getAttributes();
    }

    @GetMapping("/login")
--- a/src/main/java/com/ddf/vodsystem/entities/User.java
+++ b/src/main/java/com/ddf/vodsystem/entities/User.java
@@ -29,7 +29,7 @@ public class User {
    @Column(name = "role", nullable = false)
    private Integer role; // 0: user, 1: admin

-    @Column(name = "created_at", nullable = false)
+    @Column(name = "created_at")
    private LocalDateTime createdAt;
 }

--- a/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
+++ b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
@@ -1,17 +1,15 @@
 package com.ddf.vodsystem.security;
-
-import com.ddf.vodsystem.entities.User;
 import com.ddf.vodsystem.repositories.UserRepository;
+
 import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Service;

-import java.time.LocalDateTime;
-import java.util.Optional;

@Service
-public class CustomOAuth2UserService extends DefaultOAuth2UserService {
+public class CustomOAuth2UserService extends DefaultOAuth2UserService  {

    private final UserRepository userRepository;

@@ -20,25 +18,21 @@ public class CustomOAuth2UserService extends DefaultOAuth2UserService {
    }

    @Override
-    public OAuth2User loadUser(OAuth2UserRequest userRequest) {
-        OAuth2User oauthUser = super.loadUser(userRequest);
+    public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
+        OAuth2User oAuth2User = super.loadUser(userRequest);

-        String googleId = oauthUser.getAttribute("sub"); // Google's unique user ID
-        String email = oauthUser.getAttribute("email");
-        String name = oauthUser.getAttribute("name");
+//        String email = oAuth2User.getAttribute("email");
+//        String name = oAuth2User.getAttribute("name");
+//        String googleId = oAuth2User.getAttribute("sub");
+//
+//        userRepository.findByGoogleId(googleId).orElseGet(() -> {
+//            User user = new User();
+//            user.setEmail(email);
+//            user.setName(name);
+//            user.setGoogleId(googleId);
+//            return userRepository.save(user);
+//        });

-        Optional<User> userOptional = userRepository.findByGoogleId(googleId);
-        User user;
-        if (userOptional.isEmpty()) {
-            user = new User();
-            user.setGoogleId(googleId);
-            user.setEmail(email);
-            user.setName(name);
-            user.setUsername(email.split("@")[0]);
-            user.setCreatedAt(LocalDateTime.now());
-            userRepository.save(user);
-        }
-
-        return oauthUser;
+        return oAuth2User;
    }
-}
+}
--- a/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
+++ b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
@@ -3,10 +3,14 @@ package com.ddf.vodsystem.security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;

@Configuration
+@EnableWebSecurity
 public class SecurityConfig {

    private final CustomOAuth2UserService customOAuth2UserService;
@@ -20,19 +24,22 @@ public class SecurityConfig {
        http
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/", "/css/**", "api/v1/**").permitAll()
                        .anyRequest().authenticated()
                )
                .oauth2Login(oauth2 -> oauth2
-                        .loginPage("/login")
                        .userInfoEndpoint(userInfo -> userInfo
-                            .userService(customOAuth2UserService))
-                )
-                .logout(logout -> logout
-                        .logoutSuccessUrl("/")
-                        .permitAll()
+                                .userService(customOAuth2UserService)
+
+                        )
+                        .successHandler(successHandler())
                );

        return http.build();
    }
+
+    @Bean
+    public AuthenticationSuccessHandler successHandler() {
+        return new SimpleUrlAuthenticationSuccessHandler("/api/v1/auth/user");
+    }
+
 }