• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• spring-security-mybatis-demo-master
  • src
    • main
      • resources
        • application.yml
        • mappers
          • UserRoleMapper.xml
          • UserMapper.xml
          • RoleMapper.xml
        • generatorConfig.xml
      • java
        • com
          • liumapp
            • demo
              • security
                • config
                  • SecurityConfig.java
                • Main.java
                • domain
                  • UserRoleExample.java
                  • UserRole.java
                  • Role.java
                  • RoleExample.java
                  • User.java
                  • UserExample.java
                • auth
                  • JwtAuthenticationEntryPoint.java
                  • user
                    • JwtUserFactory.java
                    • JwtUser.java
                  • response
                    • JwtAuthenticationResponse.java
                  • util
                    • JwtTokenUtil.java
                  • request
                    • JwtAuthenticationRequest.java
                  • service
                    • impl
                      • JwtUserDetailsServiceImpl.java
                    • MultyUserDetailsService.java
                  • filter
                    • JwtAuthenticationTokenFilter.java
                • mapper
                  • RoleMapper.java
                  • UserMapper.java
                  • UserRoleMapper.java
                • controller
                  • EmployeeController.java
                  • UserController.java
                  • ManagerController.java
                  • PersonalController.java
                  • BossController.java
                  • AuthenticationController.java
    • test
      • java
        • com
          • liumapp
            • demo
              • security
                • package-info.java
  • db
    • spring-security-mybatis-demo.sql
    • spring-security-mybatis-demo.mwb
  • pom.xml
  • LICENSE
  • pic
  • README.md
  • .gitignore

package com.liumapp.demo.security.controller;

import com.liumapp.demo.security.auth.request.JwtAuthenticationRequest;
import com.liumapp.demo.security.auth.response.JwtAuthenticationResponse;
import com.liumapp.demo.security.auth.service.MultyUserDetailsService;
import com.liumapp.demo.security.auth.user.JwtUser;
import com.liumapp.demo.security.auth.util.JwtTokenUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.mobile.device.Device;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

/**
 * Created by liumapp on 2/2/18.
 * E-mail:[email protected]
 * home-page:http://www.liumapp.com
 */
@RestController
public class AuthenticationController {

    @Value("${jwt.header}")
    private String tokenHeader;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private JwtTokenUtil jwtTokenUtil;

    @Autowired
    private MultyUserDetailsService userDetailsService;

    @RequestMapping("${jwt.route.authentication.path}/hello")
    public ResponseEntity<?> hello (@RequestBody JwtAuthenticationRequest authenticationRequest , Device device) {
        return ResponseEntity.ok("hello");
    }

    @RequestMapping(value = "${jwt.route.authentication.path}/company", method = RequestMethod.POST)
    public ResponseEntity<?> createCompanyAuthenticationToken(@RequestBody JwtAuthenticationRequest authenticationRequest, Device device) throws AuthenticationException {
        authenticationRequest.setUsername(authenticationRequest.getEmail());
        // Perform the security
        Authentication authentication = null;

        try {
            authentication = authenticationManager.authenticate(
                    new UsernamePasswordAuthenticationToken(
                            authenticationRequest.getUsername(),
                            authenticationRequest.getPassword()
                    )
            );
        } catch (AuthenticationException e) {
            System.out.println(e.getMessage());
        }

        SecurityContextHolder.getContext().setAuthentication(authentication);

        // Reload password post-security so we can generate token
        final UserDetails userDetails = userDetailsService.loadUserByEmail(authenticationRequest.getEmail());
        final String token = jwtTokenUtil.generateToken(userDetails, device);

        // Return the token
        return ResponseEntity.ok(new JwtAuthenticationResponse(token));
    }

    @RequestMapping(value = "${jwt.route.authentication.path}/personal", method = RequestMethod.POST)
    public ResponseEntity<?> createPersonalAuthenticationToken(@RequestBody JwtAuthenticationRequest authenticationRequest, Device device) throws AuthenticationException {
        authenticationRequest.setUsername(authenticationRequest.getPhone());
        // Perform the security
        Authentication authentication = null;

        try {
            authentication = authenticationManager.authenticate(
                    new UsernamePasswordAuthenticationToken(
                            authenticationRequest.getUsername(),
                            authenticationRequest.getPassword()
                    )
            );
        } catch (AuthenticationException e) {
            System.out.println(e.getMessage());
        }

        SecurityContextHolder.getContext().setAuthentication(authentication);

        // Reload password post-security so we can generate token
        final UserDetails userDetails = userDetailsService.loadUserByPhone(authenticationRequest.getPhone());
        final String token = jwtTokenUtil.generateToken(userDetails, device);

        // Return the token
        return ResponseEntity.ok(new JwtAuthenticationResponse(token));
    }

    @RequestMapping(value = "${jwt.route.authentication.refresh}/company", method = RequestMethod.GET)
    public ResponseEntity<?> refreshAndGetCompanyAuthenticationToken(HttpServletRequest request) {
        String authToken = request.getHeader(tokenHeader);
        final String token = authToken.substring(7);
        String email = jwtTokenUtil.getUsernameFromToken(token);
        JwtUser user = (JwtUser) userDetailsService.loadUserByEmail(email);

        if (jwtTokenUtil.canTokenBeRefreshed(token)) {
            String refreshedToken = jwtTokenUtil.refreshToken(token);
            return ResponseEntity.ok(new JwtAuthenticationResponse(refreshedToken));
        } else {
            return ResponseEntity.badRequest().body(null);
        }
    }

    @RequestMapping(value = "${jwt.route.authentication.refresh}/personal", method = RequestMethod.GET)
    public ResponseEntity<?> refreshAndGetPersonalAuthenticationToken(HttpServletRequest request) {
        String authToken = request.getHeader(tokenHeader);
        final String token = authToken.substring(7);
        String phone = jwtTokenUtil.getPhoneFromToken(token);
        JwtUser user = (JwtUser) userDetailsService.loadUserByUsername(phone);

        if (jwtTokenUtil.canTokenBeRefreshed(token)) {
            String refreshedToken = jwtTokenUtil.refreshToken(token);
            return ResponseEntity.ok(new JwtAuthenticationResponse(refreshedToken));
        } else {
            return ResponseEntity.badRequest().body(null);
        }
    }

}