diff --git a/pom.xml b/pom.xml
index 6c9dbf3..b188d1d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -56,6 +56,10 @@
io.quarkus
quarkus-hibernate-orm-panache
+
+ io.quarkus
+ quarkus-security-jpa
+
io.quarkus
quarkus-junit5
diff --git a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java
index 54df434..7e7be39 100644
--- a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java
+++ b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java
@@ -14,9 +14,7 @@ import javax.enterprise.event.Observes;
import javax.inject.Inject;
import javax.transaction.Transactional;
-import com.covas.Classes.Hash;
import com.covas.Entity.UsersEntity;
-import com.covas.Enums.Roles;
import org.eclipse.microprofile.config.inject.ConfigProperty;
@@ -33,37 +31,9 @@ public class ApplicationLifeCycle {
void onStart(@Observes StartupEvent ev) {
LOGGER.info("The application has started");
if (schemaCreate){
- UsersEntity users = new UsersEntity();
- UsersEntity users2 = new UsersEntity();
- Hash hash = new Hash();
- if(users.findByPseudo("Peter") == null){
- users.pseudo = "Peter";
- users.email = "peter@email.com";
- users.name = "Toto";
- users.firstName = "Peter";
- users.birth = LocalDate.of(1993, Month.FEBRUARY, 23);
- users.status = true;
- users.password = hash.encryptSHA512("toto");
- users.roles = Roles.User;
- users.persist();
- LOGGER.info("Peter test was created");
- } else {
- LOGGER.info("Peter's user test wasn't created");
- }
- if(users2.findByPseudo("Robert") == null){
- users2.pseudo = "Robert";
- users2.email = "robert@email.com";
- users2.name = "Toto";
- users2.firstName = "Peter";
- users2.birth = LocalDate.of(1993, Month.FEBRUARY, 23);
- users2.status = true;
- users2.password = hash.encryptSHA512("toto");
- users2.roles = Roles.Admin;
- users2.persist();
- LOGGER.info("Robert test was created");
- } else {
- LOGGER.info("Robert's user test wasn't created");
- }
+ UsersEntity.deleteAll();
+ UsersEntity.add("robert80", "robert80@gmail.com", "titi", "robert", LocalDate.of(1990, Month.JANUARY, 23), "toto", "User");
+ UsersEntity.add("peter93", "peter93gmail.com", "yollo", "peter", LocalDate.of(1993, Month.FEBRUARY, 26), "toto", "Admin");
} else {
LOGGER.info("DB init wassn't created");
}
diff --git a/src/main/java/com/covas/Entity/UsersEntity.java b/src/main/java/com/covas/Entity/UsersEntity.java
index 3f01c85..2735072 100644
--- a/src/main/java/com/covas/Entity/UsersEntity.java
+++ b/src/main/java/com/covas/Entity/UsersEntity.java
@@ -5,17 +5,26 @@ import java.time.LocalDate;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Table;
-
-import com.covas.Enums.Roles;
+import javax.xml.bind.DatatypeConverter;
import org.hibernate.annotations.ColumnDefault;
+import org.wildfly.security.password.interfaces.SimpleDigestPassword;
+import io.quarkus.elytron.security.common.BcryptUtil;
import io.quarkus.hibernate.orm.panache.PanacheEntity;
+import io.quarkus.security.jpa.UserDefinition;
+import io.quarkus.security.jpa.Username;
+import io.quarkus.security.jpa.Password;
+import io.quarkus.security.jpa.PasswordProvider;
+import io.quarkus.security.jpa.PasswordType;
+import io.quarkus.security.jpa.Roles;
@Entity
@Table(name = "users")
+@UserDefinition
public class UsersEntity extends PanacheEntity {
-
+
+ @Username
@Column(nullable = false, unique = true)
public String pseudo;
@Column(nullable = false, unique = true)
@@ -28,13 +37,36 @@ public class UsersEntity extends PanacheEntity {
public LocalDate birth;
@ColumnDefault("false")
public Boolean status;
+ @Password(value = PasswordType.CUSTOM, provider = CustomPasswordProvider.class)
@Column(nullable = false)
public String password;
-
- public Roles roles;
+ @Roles
+ public String roles;
public static UsersEntity findByPseudo(String pseudo){
return find("pseudo", pseudo).firstResult();
}
-
+
+ public static void add(String pseudo, String email, String name, String firstName, LocalDate birth, String password, String roles){
+ UsersEntity users = new UsersEntity();
+ users.pseudo = pseudo;
+ users.email = email;
+ users.name = name;
+ users.firstName = firstName;
+ users.birth = birth;
+ users.status = false;
+ users.password = BcryptUtil.bcryptHash(password);
+ users.roles = roles;
+ users.persist();
+ }
+}
+
+public class CustomPasswordProvider implements PasswordProvider {
+
+ @Override
+ public org.wildfly.security.password.Password getPassword(String pass) {
+ byte[] digest = DatatypeConverter.parseHexBinary(pass);
+ return SimpleDigestPassword.createRaw(SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_256, digest);
+ }
+
}
diff --git a/src/main/java/com/covas/Enums/Roles.java b/src/main/java/com/covas/Enums/Roles.java
deleted file mode 100644
index 8185ec4..0000000
--- a/src/main/java/com/covas/Enums/Roles.java
+++ /dev/null
@@ -1,9 +0,0 @@
-package com.covas;
-
-public enum Roles {
- User,
- Admin;
- Roles(){
-
- }
-}
\ No newline at end of file
diff --git a/src/main/java/com/covas/Json/Jwt2.java b/src/main/java/com/covas/Json/Jwt2.java
index d20a02d..ac6fbd9 100644
--- a/src/main/java/com/covas/Json/Jwt2.java
+++ b/src/main/java/com/covas/Json/Jwt2.java
@@ -8,6 +8,7 @@ public class Jwt2 {
public String name;
public Boolean status;
public String message;
+ public String password;
public Jwt2(){
name = "";
@@ -21,10 +22,18 @@ public class Jwt2 {
message = "";
}
- public Jwt2(String name, String message){
+ public Jwt2(String name, String password){
+ this.name = name;
+ status = true;
+ this.password = password;
+ message = "";
+ }
+
+ public Jwt2(String name, String password, String message){
this.name = name;
this.message = message;
status = true;
+ this.password = password;
}
public Jwt2(String name, Boolean status, String message){
diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java
index 84acce6..b9bb5c6 100644
--- a/src/main/java/com/covas/Resources/TokenRessource.java
+++ b/src/main/java/com/covas/Resources/TokenRessource.java
@@ -38,25 +38,32 @@ public class TokenRessource {
@GET
@Path("authentificate")
+ @RolesAllowed("User")
@Produces(MediaType.APPLICATION_JSON)
- public Response getUserName(@CookieParam("jwt") String jwtCookie) {
- if (jwtCookie == null) {
+ public Response getUserName(@Context SecurityContext ctx, @CookieParam("jwt") String jwtCookie) {
+ String name = "anonymous";
+ String hash = "";
+ if(ctx.getUserPrincipal() != null){
+ name = ctx.getUserPrincipal().getName();
+ hash = ctx.getUserPrincipal().toString();
+ }
+ if (jwtCookie == null) {
// Create a JWT token signed using the 'HS256' algorithm
String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn("Alice").groups(new HashSet<>(Arrays.asList("User"))).sign();
// or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret);
- return Response.status(Response.Status.CREATED).entity(new Jwt2("Alice")).cookie(new NewCookie("jwt", newJwtCookie)).build();
+ return Response.status(Response.Status.CREATED).entity(new Jwt2(name, hash)).cookie(new NewCookie("jwt", newJwtCookie)).build();
} else {
// All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
try {
jwt = parser.parse(jwtCookie);
}
catch(ParseException p){
- return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2("Alice", false, p.getMessage())).build();
+ return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2(name, false, p.getMessage())).build();
}
// or jwt = parser.decrypt(jwtCookie, secret);
- return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName())).build();
+ return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName(),hash)).build();
}
}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 8e2db47..cf310af 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -12,4 +12,5 @@ quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/toto
# drop and create the database at startup (use `update` to only update the schema)
quarkus.hibernate-orm.database.generation = drop-and-create
-covas.schema.create = true
\ No newline at end of file
+covas.schema.create = true
+