Max665/biblenotes-java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Max W. 2024-09-09 00:06:55 +02:00
commit 4e75e25d62
20 changed files with 1056 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
.gitignore vendored Normal file
View File

@ -0,0 +1,37 @@
HELP.md
.gradle
build/
!gradle/wrapper/gradle-wrapper.jar
!**/src/main/**/build/
!**/src/test/**/build/
### STS ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
bin/
!**/src/main/**/bin/
!**/src/test/**/bin/
### IntelliJ IDEA ###
.idea
*.iws
*.iml
*.ipr
out/
!**/src/main/**/out/
!**/src/test/**/out/
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
### VS Code ###
.vscode/

50
build.gradle Normal file
View File

@ -0,0 +1,50 @@
plugins {
id 'java'
id 'org.springframework.boot' version '3.3.3'
id 'io.spring.dependency-management' version '1.1.6'
}
group = 'de.w665'
version = '0.0.1-SNAPSHOT'
java {
toolchain {
languageVersion = JavaLanguageVersion.of(21)
}
}
configurations {
compileOnly {
extendsFrom annotationProcessor
}
}
repositories {
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.boot:spring-boot-starter-web'
compileOnly 'org.projectlombok:lombok'
developmentOnly 'org.springframework.boot:spring-boot-devtools'
annotationProcessor 'org.projectlombok:lombok'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation 'org.springframework.security:spring-security-test'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
implementation 'com.rethinkdb:rethinkdb-driver:2.4.4'
implementation 'com.google.code.gson:gson:2.11.0'
// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api
implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.12.6'
// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-impl
runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.12.6'
// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-orgjson
runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-orgjson', version: '0.12.6'
}
tasks.named('test') {
useJUnitPlatform()
}

BIN
gradle/wrapper/gradle-wrapper.jar vendored Normal file
View File

Binary file not shown.

7
gradle/wrapper/gradle-wrapper.properties vendored Normal file
View File

@ -0,0 +1,7 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists

252
gradlew vendored Normal file
View File

@ -0,0 +1,252 @@
#!/bin/sh
#
# Copyright © 2015-2021 the original authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
#
##############################################################################
#
# Gradle start up script for POSIX generated by Gradle.
#
# Important for running:
#
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
# noncompliant, but you have some other compliant shell such as ksh or
# bash, then to run this script, type that shell name before the whole
# command line, like:
#
# ksh Gradle
#
# Busybox and similar reduced shells will NOT work, because this script
# requires all of these POSIX shell features:
# * functions;
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
# * compound commands having a testable exit status, especially «case»;
# * various built-in commands including «command», «set», and «ulimit».
#
# Important for patching:
#
# (2) This script targets any POSIX shell, so it avoids extensions provided
# by Bash, Ksh, etc; in particular arrays are avoided.
#
# The "traditional" practice of packing multiple parameters into a
# space-separated string is a well documented source of bugs and security
# problems, so this is (mostly) avoided, by progressively accumulating
# options in "$@", and eventually passing that to Java.
#
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
# see the in-line comments for details.
#
# There are tweaks for specific operating systems such as AIX, CygWin,
# Darwin, MinGW, and NonStop.
#
# (3) This script is generated from the Groovy template
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
# within the Gradle project.
#
# You can find Gradle at https://github.com/gradle/gradle/.
#
##############################################################################
# Attempt to set APP_HOME
# Resolve links: $0 may be a link
app_path=$0
# Need this for daisy-chained symlinks.
while
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
[ -h "$app_path" ]
do
ls=$( ls -ld "$app_path" )
link=${ls#*' -> '}
case $link in #(
/*) app_path=$link ;; #(
*) app_path=$APP_HOME$link ;;
esac
done
# This is normally unused
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
' "$PWD" ) || exit
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD=maximum
warn () {
echo "$*"
} >&2
die () {
echo
echo "$*"
echo
exit 1
} >&2
# OS specific support (must be 'true' or 'false').
cygwin=false
msys=false
darwin=false
nonstop=false
case "$( uname )" in #(
CYGWIN* ) cygwin=true ;; #(
Darwin* ) darwin=true ;; #(
MSYS* | MINGW* ) msys=true ;; #(
NONSTOP* ) nonstop=true ;;
esac
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
# Determine the Java command to use to start the JVM.
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD=$JAVA_HOME/jre/sh/java
else
JAVACMD=$JAVA_HOME/bin/java
fi
if [ ! -x "$JAVACMD" ] ; then
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
else
JAVACMD=java
if ! command -v java >/dev/null 2>&1
then
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
fi
# Increase the maximum file descriptors if we can.
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
case $MAX_FD in #(
max*)
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
MAX_FD=$( ulimit -H -n ) ||
warn "Could not query maximum file descriptor limit"
esac
case $MAX_FD in #(
'' | soft) :;; #(
*)
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
ulimit -n "$MAX_FD" ||
warn "Could not set maximum file descriptor limit to $MAX_FD"
esac
fi
# Collect all arguments for the java command, stacking in reverse order:
# * args from the command line
# * the main class name
# * -classpath
# * -D...appname settings
# * --module-path (only if needed)
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
# For Cygwin or MSYS, switch paths to Windows format before running java
if "$cygwin" || "$msys" ; then
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
JAVACMD=$( cygpath --unix "$JAVACMD" )
# Now convert the arguments - kludge to limit ourselves to /bin/sh
for arg do
if
case $arg in #(
-*) false ;; # don't mess with options #(
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
[ -e "$t" ] ;; #(
*) false ;;
esac
then
arg=$( cygpath --path --ignore --mixed "$arg" )
fi
# Roll the args list around exactly as many times as the number of
# args, so each arg winds up back in the position where it started, but
# possibly modified.
#
# NB: a `for` loop captures its iteration list before it begins, so
# changing the positional parameters here affects neither the number of
# iterations, nor the values presented in `arg`.
shift # remove old arg
set -- "$@" "$arg" # push replacement arg
done
fi
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# Collect all arguments for the java command:
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
# and any embedded shellness will be escaped.
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
# treated as '${Hostname}' itself on the command line.
set -- \
"-Dorg.gradle.appname=$APP_BASE_NAME" \
-classpath "$CLASSPATH" \
org.gradle.wrapper.GradleWrapperMain \
"$@"
# Stop when "xargs" is not available.
if ! command -v xargs >/dev/null 2>&1
then
die "xargs is not available"
fi
# Use "xargs" to parse quoted args.
#
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
#
# In Bash we could simply go:
#
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
# set -- "${ARGS[@]}" "$@"
#
# but POSIX shell has neither arrays nor command substitution, so instead we
# post-process each arg (as a line of input to sed) to backslash-escape any
# character that might be a shell metacharacter, then use eval to reverse
# that process (while maintaining the separation between arguments), and wrap
# the whole thing up as a single "set" statement.
#
# This will of course break if any of these variables contains a newline or
# an unmatched quote.
#
eval "set -- $(
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
xargs -n1 |
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
tr '\n' ' '
)" '"$@"'
exec "$JAVACMD" "$@"

94
gradlew.bat vendored Normal file
View File

@ -0,0 +1,94 @@
@rem
@rem Copyright 2015 the original author or authors.
@rem
@rem Licensed under the Apache License, Version 2.0 (the "License");
@rem you may not use this file except in compliance with the License.
@rem You may obtain a copy of the License at
@rem
@rem https://www.apache.org/licenses/LICENSE-2.0
@rem
@rem Unless required by applicable law or agreed to in writing, software
@rem distributed under the License is distributed on an "AS IS" BASIS,
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@rem
@rem Gradle startup script for Windows
@rem
@rem ##########################################################################
@rem Set local scope for the variables with windows NT shell
if "%OS%"=="Windows_NT" setlocal
set DIRNAME=%~dp0
if "%DIRNAME%"=="" set DIRNAME=.
@rem This is normally unused
set APP_BASE_NAME=%~n0
set APP_HOME=%DIRNAME%
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
@rem Find java.exe
if defined JAVA_HOME goto findJavaFromJavaHome
set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if %ERRORLEVEL% equ 0 goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:findJavaFromJavaHome
set JAVA_HOME=%JAVA_HOME:"=%
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:execute
@rem Setup the command line
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
@rem Execute Gradle
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
:end
@rem End local scope for the variables with windows NT shell
if %ERRORLEVEL% equ 0 goto mainEnd
:fail
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
rem the _cmd.exe /c_ return code!
set EXIT_CODE=%ERRORLEVEL%
if %EXIT_CODE% equ 0 set EXIT_CODE=1
if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
exit /b %EXIT_CODE%
:mainEnd
if "%OS%"=="Windows_NT" endlocal
:omega

1
settings.gradle Normal file
View File

@ -0,0 +1 @@
rootProject.name = 'biblenotes'

13
src/main/java/de/w665/biblenotes/BiblenotesApplication.java Normal file
View File

@ -0,0 +1,13 @@
package de.w665.biblenotes;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class BiblenotesApplication {
public static void main(String[] args) {
SpringApplication.run(BiblenotesApplication.class, args);
}
}

52
src/main/java/de/w665/biblenotes/config/SecurityConfig.java Normal file
View File

@ -0,0 +1,52 @@
package de.w665.biblenotes.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
private final JwtAuthenticationFilter jwtAuthenticationFilter;
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter) {
this.jwtAuthenticationFilter = jwtAuthenticationFilter;
}
// This bean is required for Spring Security, though it's not used in this project
// Prevents Spring from generating a default password
@Bean
UserDetailsService emptyDetailsService() {
return username -> { throw new UsernameNotFoundException("no local users, only JWT tokens allowed"); };
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// TODO: Fix security config for this project (currently old state from sharepulse)
http
.csrf(csrf -> csrf.ignoringRequestMatchers("/api/v1/**")) // Disable CSRF for API routes
.sessionManagement(sessionManagement -> sessionManagement
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // No session will be created by Spring Security
)
.authorizeHttpRequests(authorize -> authorize
.requestMatchers("/api/v1/secure/**").authenticated() // Secure these endpoints
.anyRequest().permitAll() // All other requests are allowed without authentication
)
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) // Apply JWT filter
.logout(LogoutConfigurer::permitAll)
.rememberMe(Customizer.withDefaults());
return http.build();
}
}

18
src/main/java/de/w665/biblenotes/db/RethinkDBConfig.java Normal file
View File

@ -0,0 +1,18 @@
package de.w665.biblenotes.db;
import lombok.Getter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
@Getter
@Configuration
public class RethinkDBConfig {
@Value("${rethinkdb.host}")
private String host;
@Value("${rethinkdb.port}")
private int port;
@Value("${rethinkdb.database}")
private String database;
}

27
src/main/java/de/w665/biblenotes/db/RethinkDBConnector.java Normal file
View File

@ -0,0 +1,27 @@
package de.w665.biblenotes.db;
import com.rethinkdb.RethinkDB;
import com.rethinkdb.net.Connection;
import jakarta.annotation.PostConstruct;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
@Slf4j
@Component
@RequiredArgsConstructor
public class RethinkDBConnector {
private final RethinkDBConfig config;
@Getter
private final RethinkDB r = RethinkDB.r;
@Getter
private Connection connection;
@PostConstruct
public void connectToDatabae() {
connection = r.connection().hostname(config.getHost()).port(config.getPort()).connect();
log.info("Connected to RethinkDB at " + config.getHost() + ":" + config.getPort() + " on database " + config.getDatabase());
}
}

154
src/main/java/de/w665/biblenotes/db/RethinkDBService.java Normal file
View File

@ -0,0 +1,154 @@
package de.w665.biblenotes.db;
import com.rethinkdb.RethinkDB;
import com.rethinkdb.gen.exc.ReqlOpFailedError;
import com.rethinkdb.net.Connection;
import de.w665.biblenotes.db.repo.UserRepository;
import de.w665.biblenotes.model.User;
import jakarta.annotation.PostConstruct;
import jakarta.annotation.PreDestroy;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Optional;
@Slf4j
@Service
public class RethinkDBService {
private final RethinkDBConfig config;
private final RethinkDB r;
private final Connection connection;
private final UserRepository userRepository;
@Value("${biblenotes.auto-reset-on-startup}")
private boolean autoResetOnStartup;
@Value("${biblenotes.management.user.username}")
private String defaultUsername;
@Value("${biblenotes.management.user.password}")
private String defaultPassword;
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
@Autowired
public RethinkDBService(RethinkDBConfig config, RethinkDBConnector connector, UserRepository userRepository) {
this.config = config;
// mapping to private vars for easier access
this.r = connector.getR();
this.connection = connector.getConnection();
this.userRepository = userRepository;
}
@PostConstruct
public void initialize() {
// rethinkdb check if database exists
try {
r.dbCreate(config.getDatabase()).run(connection).stream();
log.debug("Database " + config.getDatabase() + " created");
} catch (ReqlOpFailedError e) {
log.debug("Database " + config.getDatabase() + " already exists. Error: " + e.getClass().getSimpleName());
}
// rethinkdb check if table file_uploads exists
try {
r.db(config.getDatabase()).tableCreate("file_uploads").run(connection).stream();
log.debug("Table 'file_uploads' created successfully.");
} catch (ReqlOpFailedError e) {
log.debug("Table 'file_uploads' already exists.");
if(autoResetOnStartup) {
log.debug("Clearing content...");
r.db(config.getDatabase()).table("file_uploads").delete().run(connection);
log.debug("Table 'file_uploads' cleared successfully.");
}
}
// rethinkdb check if table id_store exists
try {
r.db(config.getDatabase()).tableCreate("id_store").run(connection).stream();
log.debug("Table 'id_store' created successfully.");
} catch (ReqlOpFailedError e) {
log.debug("Table 'id_store' already exists.");
if(autoResetOnStartup) {
log.debug("Clearing content...");
r.db(config.getDatabase()).table("id_store").delete().run(connection);
log.debug("Table 'id_store' cleared successfully.");
}
}
// rethinkdb check if table expired_file_uploads exists
try {
r.db(config.getDatabase()).tableCreate("expired_file_uploads").run(connection).stream();
log.debug("Table 'expired_file_uploads' created successfully.");
} catch (ReqlOpFailedError e) {
log.debug("Table 'expired_file_uploads' already exists.");
if(autoResetOnStartup) {
log.debug("Clearing content...");
r.db(config.getDatabase()).table("expired_file_uploads").delete().run(connection);
log.debug("Table 'expired_file_uploads' cleared successfully.");
}
}
// rethinkdb check if table users exists
try {
r.db(config.getDatabase()).tableCreate("users").run(connection).stream();
log.debug("Table 'users' created successfully.");
} catch (ReqlOpFailedError e) {
log.debug("Table 'users' already exists.");
if(autoResetOnStartup) {
log.debug("Clearing content...");
r.db(config.getDatabase()).table("users").delete().run(connection);
log.debug("Table 'users' cleared successfully.");
}
}
// rethinkdb check if table user_logins exists
try {
r.db(config.getDatabase()).tableCreate("user_logins").run(connection).stream();
log.debug("Table 'user_logins' created successfully.");
} catch (ReqlOpFailedError e) {
log.debug("Table 'user_logins' already exists.");
if(autoResetOnStartup) {
log.debug("Clearing content...");
r.db(config.getDatabase()).table("user_logins").delete().run(connection);
log.debug("Table 'user_logins' cleared successfully.");
}
} finally {
try {
r.db(config.getDatabase()).table("user_logins").indexCreate("loginTime").run(connection);
log.debug("Secondary index 'loginTime' on table 'user_logins' successfully created.");
} catch (ReqlOpFailedError e) {
log.debug("Secondary index 'loginTime' already exists.");
} finally {
r.db(config.getDatabase()).table("user_logins").indexWait("loginTime").run(connection);
}
}
initializeAdminUser();
log.info("Database ready for operation!");
}
private void initializeAdminUser() {
Optional<User> adminUser = userRepository.retrieveUserByUsername("admin");
if(adminUser.isEmpty()) {
User user = new User();
user.setUsername(defaultUsername);
user.setPassword(passwordEncoder.encode(defaultPassword));
user.setRole("ADMIN");
userRepository.insertUser(user);
log.debug("Admin user created with default credentials. Username: admin, Password: admin");
}
}
@PreDestroy
public void close() {
if (connection != null) {
connection.close();
}
}
}

67
src/main/java/de/w665/biblenotes/db/repo/UserLoginRepository.java Normal file
View File

@ -0,0 +1,67 @@
package de.w665.biblenotes.db.repo;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.gson.Gson;
import com.rethinkdb.RethinkDB;
import com.rethinkdb.net.Connection;
import com.rethinkdb.net.Result;
import de.w665.biblenotes.db.RethinkDBConfig;
import de.w665.biblenotes.db.RethinkDBConnector;
import de.w665.biblenotes.model.UserLogin;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import java.util.List;
@Slf4j
@Repository
public class UserLoginRepository {
private final RethinkDB r;
private final Connection connection;
private final RethinkDBConfig config;
private final String TABLE_NAME = "user_logins";
private final Gson gson = new Gson();
private final ObjectMapper mapper = new ObjectMapper();
@Autowired
public UserLoginRepository(RethinkDBConnector connector, RethinkDBConfig config) {
this.r = connector.getR();
this.connection = connector.getConnection();
this.config = config;
}
public void insertUserLogin(UserLogin userLogin) {
String uuid = r.uuid().run(connection, String.class).first();
userLogin.setId(uuid);
r.db(config.getDatabase()).table(TABLE_NAME).insert(userLogin).run(connection);
}
public UserLogin getLastLogin(String userId) {
// Get the second most recent login (the most recent is the current one)
Result<UserLogin> result = r.db(config.getDatabase()).table(TABLE_NAME)
.orderBy().optArg("index", r.desc("loginTime"))
.filter(r.hashMap("userId", userId))
.skip(1).limit(1)
.run(connection, UserLogin.class);
// Return the second most recent login if exists
return result.hasNext() ? result.next() : null;
}
public List<UserLogin> getUserLogins(String userId) {
Result<UserLogin> result = r.db(config.getDatabase()).table(TABLE_NAME)
.orderBy().optArg("index", r.desc("loginTime"))
.filter(r.hashMap("userId", userId))
.run(connection, UserLogin.class);
return result.toList();
}
public void deleteAllUserLogins(String userId) {
r.db(config.getDatabase()).table(TABLE_NAME)
.filter(r.hashMap("userId", userId))
.delete()
.run(connection);
}
}

55
src/main/java/de/w665/biblenotes/db/repo/UserRepository.java Normal file
View File

@ -0,0 +1,55 @@
package de.w665.biblenotes.db.repo;
import com.rethinkdb.RethinkDB;
import com.rethinkdb.net.Connection;
import de.w665.biblenotes.db.RethinkDBConfig;
import de.w665.biblenotes.db.RethinkDBConnector;
import de.w665.biblenotes.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import java.util.*;
@Repository
public class UserRepository {
private final RethinkDB r;
private final Connection connection;
private final RethinkDBConfig config;
@Autowired
public UserRepository(RethinkDBConnector connector, RethinkDBConfig config) {
this.r = connector.getR();
this.connection = connector.getConnection();
this.config = config;
}
public Optional<User> retrieveUserByUsername(String username) {
try {
User user = r.db(config.getDatabase()).table("users")
.filter(r.hashMap("username", username))
.run(connection, User.class)
.next();
return Optional.ofNullable(user);
} catch (NoSuchElementException e) {
return Optional.empty();
}
}
public void updateLastLoginForUser(String username, Date lastLogin) {
r.db(config.getDatabase()).table("users")
.filter(r.hashMap("username", username))
.update(r.hashMap("lastLogin", lastLogin.getTime()))
.run(connection);
}
public void updateUser(User user) {
r.db(config.getDatabase()).table("users")
.filter(r.hashMap("id", user.getId()))
.update(user)
.run(connection);
}
public void insertUser(User user) {
String optionalUuid = r.uuid().run(connection, String.class).first();
user.setId(optionalUuid);
r.db(config.getDatabase()).table("users").insert(user).run(connection);
}
}

16
src/main/java/de/w665/biblenotes/model/User.java Normal file
View File

@ -0,0 +1,16 @@
package de.w665.biblenotes.model;
import lombok.*;
@Getter
@Setter
@ToString
@NoArgsConstructor
@AllArgsConstructor
public class User {
private String id; // ID is auto mapped by RethinkDB
private String username;
private String password;
private String email;
private String role;
}

21
src/main/java/de/w665/biblenotes/model/UserLogin.java Normal file
View File

@ -0,0 +1,21 @@
package de.w665.biblenotes.model;
import com.fasterxml.jackson.annotation.JsonFormat;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import java.util.Date;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class UserLogin {
String id;
String userId;
@JsonFormat(timezone = "ETC")
Date loginTime;
String loginIp;
}

72
src/main/java/de/w665/biblenotes/rest/security/JwtAuthenticationFilter.java Normal file
View File

@ -0,0 +1,72 @@
package de.w665.biblenotes.rest.security;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
@Component
@Slf4j
@RequiredArgsConstructor
public class JwtAuthenticationFilter extends OncePerRequestFilter {
private final AuthenticationService authenticationService;
private final RequestMatcher requestMatcher = new AntPathRequestMatcher("/api/v1/secure/**");
@Override
protected void doFilterInternal(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException {
logger.debug("Filtering request: " + request.getRequestURI());
if(!requestMatcher.matches(request)) {
logger.debug("Request does not match the secure path. Skipping JWT authentication.");
filterChain.doFilter(request, response);
return;
}
try {
String jwt = getJwtFromRequest(request);
if (jwt != null && authenticationService.validateToken(jwt)) {
String username = authenticationService.extractSubject(jwt);
// Extract the role from the JWT and set it to Spring AuthenticationContext for access control
String role = authenticationService.getClaimValue(jwt, "role", String.class);
List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role));
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(username, null, authorities);
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
// SUCCESSFUL AUTHENTICATION
filterChain.doFilter(request, response);
} else {
logger.warn("Unauthorized: Authentication token is missing or invalid.");
}
} catch (Exception ex) {
logger.warn("Could not set user authentication in security context. An error occurred during JWT processing.", ex);
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
private String getJwtFromRequest(HttpServletRequest request) {
String bearerToken = request.getHeader("Authorization");
if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
return bearerToken.substring(7);
}
return null;
}
}

106
src/main/java/de/w665/biblenotes/service/AuthenticationService.java Normal file
View File

@ -0,0 +1,106 @@
package de.w665.biblenotes.service;
import jakarta.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import javax.crypto.SecretKey;
import java.util.Base64;
import java.util.Date;
import java.util.Optional;
@Slf4j
@Service
public class AuthenticationService {
private final UserRepository userRepository;
private final UserLoginRepository userLoginRepository;
@Value("${secureapi.jwt.secret}")
private String secretString;
@Value("${secureapi.jwt.expiration}")
private long expirationTime; // in milliseconds
private SecretKey secretKey;
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
public AuthenticationService(UserRepository userRepository, UserLoginRepository userLoginRepository) {
this.userRepository = userRepository;
this.userLoginRepository = userLoginRepository;
}
@PostConstruct
public void init() {
log.debug("Initializing secret key");
byte[] encodedKey = Base64.getEncoder().encode(secretString.getBytes()); // encode the secret key
this.secretKey = Keys.hmacShaKeyFor(encodedKey);
}
public String authenticate(String username, String password, String remoteAddr, long... expirationTime/*FOR TESTING VALIDITY*/) {
if(expirationTime.length > 0) {
this.expirationTime = expirationTime[0];
}
Optional<User> optionalUser = userRepository.retrieveUserByUsername(username);
if (optionalUser.isPresent() && passwordEncoder.matches(password, optionalUser.get().getPassword())) {
User user = optionalUser.get();
userLoginRepository.insertUserLogin(new UserLogin(""/*Auto generated*/, user.getId(), new Date(), remoteAddr));
userRepository.updateLastLoginForUser(user.getUsername(), new Date());
return generateToken(user);
}
return null;
}
private String generateToken(User username) {
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
Date expiryDate = new Date(nowMillis + expirationTime);
return Jwts.builder()
.subject("SharePulse Authentication Token")
.issuedAt(now)
.claim("role", username.getRole())
.claim("username", username.getUsername())
.expiration(expiryDate)
.signWith(secretKey)
.compact();
}
public boolean validateToken(String token) {
try {
Jwt<?,?> jwt = Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token);
Claims claims = (Claims) jwt.getPayload();
return !claims.getExpiration().before(new Date()); // Checks if the token is expired too
} catch (Exception e) {
return false;
}
}
public String extractSubject(String token) {
return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload().getSubject();
}
/**
* Retrieves a typed claim from the JWT.
* @param token the JWT from which to extract the claim
* @param claimName the name of the claim to retrieve
* @param claimType the Class object of <T> the expected type of the claim value
* @return the value of the specified claim as type T, or null if not found or in case of an error
* Usage example: getClaimValue(token, "role", String.class)
*/
public <T> T getClaimValue(String token, String claimName, Class<T> claimType) {
try {
Jwt<?, ?> jwt = Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token);
Claims claims = (Claims) jwt.getPayload();
return claims.get(claimName, claimType);
} catch (Exception e) {
log.error("Error parsing claims from token: ", e);
return null;
}
}
public String encodePassword(String password) {
return passwordEncoder.encode(password);
}
}

1
src/main/resources/application.properties Normal file
View File

@ -0,0 +1 @@
spring.application.name=biblenotes

13
src/test/java/de/w665/biblenotes/BiblenotesApplicationTests.java Normal file
View File

@ -0,0 +1,13 @@
package de.w665.biblenotes;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class BiblenotesApplicationTests {
@Test
void contextLoads() {
}
}