Merge branch 'Olivier'

src/main/java/fr/eni/enchere/controllers/LoginController.java

@@ -2,8 +2,6 @@ package fr.eni.enchere.controllers;
 
 import fr.eni.enchere.bll.UserService;
 import fr.eni.enchere.bo.UserProfil;
-import fr.eni.enchere.dal.UserRepository;
-import jakarta.servlet.http.HttpSession;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -28,9 +26,8 @@ public class LoginController {
     }
 
     @PostMapping("/login")
-    public String login(@RequestParam("username") String username, @RequestParam("password") String password, HttpSession session) {
+    public String login(@RequestParam("username") String username, @RequestParam("password") String password) {
         UserProfil user = userService.utilisateurByName(username);
-        System.out.println("test");
         if (user != null && user.getPassword().equals(password)) {
             return "redirect:/accueil";
         } else {

src/main/java/fr/eni/enchere/controllers/ProfileController.java

@@ -33,7 +33,7 @@ public class ProfileController {
             // Utilisez le service approprié pour récupérer les informations de l'utilisateur à partir du nom d'utilisateur
             UserProfil userProfile = userService.utilisateurByName(username);
             // Ajoutez les informations du profil à l'objet Model pour les afficher dans la page HTML
-            model.addAttribute("user", new UserProfil());
+//            model.addAttribute("user", new UserProfil());
             model.addAttribute("userProfile", userProfile);
             return "profile";
         }else {

src/main/java/fr/eni/enchere/dal/UserRepository.java

@@ -7,7 +7,7 @@ import java.util.List;
 public interface UserRepository {
     List<UserProfil> findAll();
     UserProfil findById(int id);
-    UserProfil findByUsername(String username);
+    UserProfil findByUsername(String username, String email);
     void save(UserProfil utilisateur);
     void delete(int id);
 }

src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java

@@ -11,7 +11,6 @@ import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
 import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
 import org.springframework.jdbc.support.GeneratedKeyHolder;
 import org.springframework.jdbc.support.KeyHolder;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Repository;
 
@@ -58,11 +57,16 @@ public class UserRepositoryImpl implements UserRepository {
     }
 
     @Override
-    public UserProfil findByUsername(String username) {
-        String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = :username OR email = :username AND isDelete = 0";
-        Map<String, Object> params = new HashMap<>();
-        params.put("username", username);
-        UserProfil user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), params);
+    public UserProfil findByUsername(String username, String email) {
+        UserProfil user = null;
+        if (username != null) {
+            String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = ? AND isDelete = 0";
+            user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), username);
+        } else if (email != null) {
+            String sql = "SELECT * FROM UTILISATEURS WHERE email = ? AND isDelete = 0";
+            user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), email);
+        }
+        System.out.println(user.getPassword());
         return user;
     }
 

src/main/java/fr/eni/enchere/security/WebSecurityConfig.java

@@ -5,7 +5,6 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@@ -16,14 +15,16 @@ public class WebSecurityConfig{
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/accueil").permitAll()
-                        .requestMatchers("/login").permitAll()
+        http.authorizeHttpRequests((requests) -> requests
+                        .requestMatchers("/", "/accueil").permitAll()
+                        .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/profile/**").permitAll()
                         .requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll()
                         .requestMatchers("/article/**").authenticated()
                         .requestMatchers("/admin").hasRole("ADMIN")
                         .anyRequest().authenticated())
                 .formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))
-                .logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessUrl("/filmLogout")
+                .logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true)
+                        .deleteCookies("JSESSIONID").logoutSuccessUrl("/logout")
                         .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll());
 
         return http.build();