Permalink
Browse files

dashboard improvements

  • Loading branch information...
dimafeng committed Jun 18, 2015
1 parent ef0d2ad commit 6672abfa97636974162f48cc0a9e0c908c6e2a70
@@ -102,7 +102,9 @@ angular.module('starter.controllers', [])
})
.controller('LoginCtrl', function ($scope, $timeout, UserService, $rootScope) {
$scope.loginData = {};
$scope.loginData = {
"remember-me": true
};
$scope.doLogin = function () {
UserService.login($scope.loginData).then(function () {
@@ -9,15 +9,16 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.RememberMeAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.security.web.authentication.rememberme.*;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
@@ -26,20 +27,21 @@
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
//@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class AppSecurityConfig extends WebSecurityConfigurerAdapter
{
public class AppSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserService userService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
{
PersistentTokenRepository repository;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService).passwordEncoder(userService);
}
@Override
protected void configure(HttpSecurity http) throws Exception
{
protected void configure(HttpSecurity http) throws Exception {
http
/**
* TODO enable csrf
@@ -77,7 +79,10 @@ protected void configure(HttpSecurity http) throws Exception
* marked by @Secured annotation, we don't need to redirect request to
* /login page, we just need to return 403 error code
*/
.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint())
.and()
.rememberMe()
.tokenRepository(repository);
}
}
@@ -0,0 +1,31 @@
package com.dimafeng.cards.model;
import org.springframework.data.annotation.Id;
import org.springframework.data.annotation.PersistenceConstructor;
import org.springframework.data.mongodb.core.index.CompoundIndex;
import org.springframework.data.mongodb.core.index.CompoundIndexes;
import org.springframework.data.mongodb.core.mapping.Document;
import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
import java.util.Date;
@Document
@CompoundIndexes({
@CompoundIndex(name = "i_username", def = "{'username': 1}"),
@CompoundIndex(name = "i_series", def = "{'series': 1}")
})
public class Token extends PersistentRememberMeToken {
@Id
private final String id;
@PersistenceConstructor
public Token(String id, String username, String series, String tokenValue, Date date) {
super(username, series, tokenValue, date);
this.id = id;
}
public String getId() {
return id;
}
}
@@ -0,0 +1,9 @@
package com.dimafeng.cards.repository;
import com.dimafeng.cards.model.Token;
import org.springframework.data.mongodb.repository.MongoRepository;
public interface TokenRepository extends MongoRepository<Token, String> {
Token findBySeries(String series);
Token findByUsername(String username);
}
@@ -0,0 +1,45 @@
package com.dimafeng.cards.service;
import com.dimafeng.cards.model.Token;
import com.dimafeng.cards.repository.TokenRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.stereotype.Component;
import java.util.Date;
@Component
public class TokenService implements PersistentTokenRepository {
@Autowired
TokenRepository repository;
@Override
public void createNewToken(PersistentRememberMeToken token) {
repository.save(new Token(null,
token.getUsername(),
token.getSeries(),
token.getTokenValue(),
token.getDate()));
}
@Override
public void updateToken(String series, String tokenValue, Date lastUsed) {
Token token = repository.findBySeries(series);
repository.save(new Token(token.getId(), token.getUsername(), series, tokenValue, lastUsed));
}
@Override
public PersistentRememberMeToken getTokenForSeries(String seriesId) {
return repository.findBySeries(seriesId);
}
@Override
public void removeUserTokens(String username) {
Token token = repository.findByUsername(username);
repository.save(token);
}
}

0 comments on commit 6672abf

Please sign in to comment.