Merge remote-tracking branch 'refs/remotes/origin/Johan' into marvin
# Conflicts: # src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
This commit is contained in:
mepiphana2023
@@ -12,14 +12,15 @@ public class UserProfil {
|
||||
private String rue;
|
||||
private String code_postal;
|
||||
private String ville;
|
||||
private String password; //Voir la sécurité du mot de passe
|
||||
private String password;
|
||||
private String confirmPassword;
|
||||
private float credit;
|
||||
private boolean isAdmin;
|
||||
|
||||
//Constructeur
|
||||
public UserProfil(){}
|
||||
|
||||
public UserProfil(int id, String pseudo, String nom, String prenom, String email, String telephone, String rue, String code_postal, String ville, String password, int credit, boolean isAdmin) {
|
||||
public UserProfil(int id, String pseudo, String nom, String prenom, String email, String telephone, String rue, String code_postal, String ville, String password, String confirmPassword, int credit, boolean isAdmin) {
|
||||
setId(id);
|
||||
setPrenom(prenom);
|
||||
setNom(nom);
|
||||
@@ -30,6 +31,7 @@ public class UserProfil {
|
||||
setCode_postal(code_postal);
|
||||
setVille(ville);
|
||||
setPassword(password);
|
||||
setConfirmPassword(confirmPassword);
|
||||
setCredit(credit);
|
||||
setAdmin(isAdmin);
|
||||
}
|
||||
@@ -115,6 +117,14 @@ public class UserProfil {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
public String getConfirmPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setConfirmPassword(String confirmPassword) {
|
||||
this.confirmPassword = confirmPassword;
|
||||
}
|
||||
|
||||
public float getCredit() {
|
||||
return credit;
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package fr.eni.enchere.controllers;
|
||||
|
||||
import fr.eni.enchere.bll.ArticleService;
|
||||
import fr.eni.enchere.bll.CategorieService;
|
||||
import fr.eni.enchere.bll.UserService;
|
||||
import fr.eni.enchere.bo.Article;
|
||||
import org.springframework.stereotype.Controller;
|
||||
@@ -13,10 +14,12 @@ public class ArticleController {
|
||||
|
||||
private final ArticleService articleService;
|
||||
private final UserService userService;
|
||||
private CategorieService categorieService;
|
||||
|
||||
public ArticleController(ArticleService articleService, UserService userService) {
|
||||
public ArticleController(ArticleService articleService, UserService userService, CategorieService categorieService) {
|
||||
this.articleService = articleService;
|
||||
this.userService = userService;
|
||||
this.categorieService = categorieService;
|
||||
}
|
||||
|
||||
@GetMapping
|
||||
@@ -24,7 +27,8 @@ public class ArticleController {
|
||||
return "accueil";
|
||||
}
|
||||
|
||||
@GetMapping("/article")
|
||||
//Affichage d'un article
|
||||
@GetMapping("/show")
|
||||
public String showArticle(@RequestParam(name = "slug")int id, Model model) {
|
||||
Article article = articleService.findArticleById(id);
|
||||
return "article";
|
||||
@@ -39,14 +43,14 @@ public class ArticleController {
|
||||
|
||||
@GetMapping("/new")
|
||||
public String test(@PathVariable(name = "slug")int id, Model model) {
|
||||
|
||||
return "article";
|
||||
model.addAttribute("categories", categorieService.findAllCategories());
|
||||
return "newArticle";
|
||||
}
|
||||
|
||||
@PostMapping("/new/add")
|
||||
public String newArticle(@ModelAttribute("article") Article article) {
|
||||
articleService.saveArticle(article);
|
||||
return "redirect:/article";
|
||||
return "redirect:/accueil";
|
||||
}
|
||||
|
||||
@PostMapping("/update")
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
package fr.eni.enchere.controllers;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.validation.BindingResult;
|
||||
import fr.eni.enchere.bll.UserService;
|
||||
import fr.eni.enchere.bo.UserProfil;
|
||||
@@ -14,9 +17,11 @@ public class InscriptionController {
|
||||
|
||||
@Autowired
|
||||
private final UserService userService;
|
||||
private PasswordEncoder passwordEncoder;
|
||||
|
||||
public InscriptionController(UserService userService) {
|
||||
public InscriptionController(UserService userService, PasswordEncoder passwordEncoder) {
|
||||
this.userService = userService;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
}
|
||||
|
||||
@GetMapping
|
||||
@@ -26,10 +31,33 @@ public class InscriptionController {
|
||||
}
|
||||
|
||||
@PostMapping("/newUser")
|
||||
public String setUser(@ModelAttribute UserProfil user) {
|
||||
//Ajouter vérification du formulaire -> @RequestParam("confirmPassword") String confirmPassword
|
||||
userService.setUtilisateur(user);
|
||||
return "redirect:/accueil";
|
||||
public String setUser(@ModelAttribute("userProfile") UserProfil userProfile, BindingResult result) {
|
||||
// Obtenez l'authentification actuelle
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
// Vérifiez si l'utilisateur est authentifié
|
||||
if (!authentication.getName().equals("anonymousUser")) {
|
||||
// Obtenez les détails de l'utilisateur authentifié
|
||||
String username = authentication.getName();
|
||||
// Utilisez le service approprié pour récupérer les informations de l'utilisateur à partir du nom d'utilisateur
|
||||
UserProfil currentUserProfile = userService.utilisateurByName(username);
|
||||
// Vérifiez si le mot de passe actuel correspond à celui stocké dans la base de données
|
||||
if (!passwordEncoder.matches(userProfile.getPassword(), currentUserProfile.getPassword())) {
|
||||
// Mot de passe actuel incorrect, renvoyer une erreur
|
||||
result.rejectValue("currentPassword", "invalid", "Mot de passe actuel incorrect");
|
||||
return "editProfil"; // Rediriger vers la page de modification du profil avec une erreur
|
||||
}
|
||||
// Vérifiez si le nouveau mot de passe et sa confirmation correspondent
|
||||
if (!userProfile.getPassword().equals(userProfile.getConfirmPassword())) {
|
||||
// Mauvaise correspondance entre le nouveau mot de passe et sa confirmation, renvoyer une erreur
|
||||
result.rejectValue("confirmPassword", "invalid", "La confirmation du mot de passe ne correspond pas au nouveau mot de passe");
|
||||
return "editProfil"; // Rediriger vers la page de modification du profil avec une erreur
|
||||
}
|
||||
// Mettez à jour le mot de passe de l'utilisateur avec le nouveau mot de passe
|
||||
userService.setUtilisateur(currentUserProfile);
|
||||
return "redirect:/profil"; // Rediriger vers la page de profil après la modification réussie
|
||||
} else {
|
||||
return "accueil";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -17,9 +17,9 @@ public class WebSecurityConfig{
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.authorizeHttpRequests((requests) -> requests
|
||||
.requestMatchers("/", "/accueil").permitAll()
|
||||
.requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language", "/profile/**").permitAll()
|
||||
.requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**", "/assets/**").permitAll()
|
||||
.requestMatchers("/profile/**").authenticated()
|
||||
.requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language").permitAll()
|
||||
.requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll()
|
||||
.requestMatchers("/profil/**", "/article/new/**", "/article/update", "/article/delete").authenticated()
|
||||
.requestMatchers("/admin").hasRole("ADMIN")
|
||||
.anyRequest().authenticated())
|
||||
.formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))
|
||||
|
||||
Reference in New Issue
Block a user