diff --git a/src/main/java/fr/eni/enchere/controllers/LoginController.java b/src/main/java/fr/eni/enchere/controllers/LoginController.java index cbe15e2..dcd0ce7 100644 --- a/src/main/java/fr/eni/enchere/controllers/LoginController.java +++ b/src/main/java/fr/eni/enchere/controllers/LoginController.java @@ -2,8 +2,6 @@ package fr.eni.enchere.controllers; import fr.eni.enchere.bll.UserService; import fr.eni.enchere.bo.UserProfil; -import fr.eni.enchere.dal.UserRepository; -import jakarta.servlet.http.HttpSession; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -28,9 +26,8 @@ public class LoginController { } @PostMapping("/login") - public String login(@RequestParam("username") String username, @RequestParam("password") String password, HttpSession session) { + public String login(@RequestParam("username") String username, @RequestParam("password") String password) { UserProfil user = userService.utilisateurByName(username); - System.out.println("test"); if (user != null && user.getPassword().equals(password)) { return "redirect:/accueil"; } else { diff --git a/src/main/java/fr/eni/enchere/controllers/ProfileController.java b/src/main/java/fr/eni/enchere/controllers/ProfileController.java index 1a5d887..f484fa3 100644 --- a/src/main/java/fr/eni/enchere/controllers/ProfileController.java +++ b/src/main/java/fr/eni/enchere/controllers/ProfileController.java @@ -33,7 +33,7 @@ public class ProfileController { // Utilisez le service approprié pour récupérer les informations de l'utilisateur à partir du nom d'utilisateur UserProfil userProfile = userService.utilisateurByName(username); // Ajoutez les informations du profil à l'objet Model pour les afficher dans la page HTML - model.addAttribute("user", new UserProfil()); +// model.addAttribute("user", new UserProfil()); model.addAttribute("userProfile", userProfile); return "profile"; }else { diff --git a/src/main/java/fr/eni/enchere/dal/UserRepository.java b/src/main/java/fr/eni/enchere/dal/UserRepository.java index cd03bae..adfe6d7 100644 --- a/src/main/java/fr/eni/enchere/dal/UserRepository.java +++ b/src/main/java/fr/eni/enchere/dal/UserRepository.java @@ -7,7 +7,7 @@ import java.util.List; public interface UserRepository { List findAll(); UserProfil findById(int id); - UserProfil findByUsername(String username); + UserProfil findByUsername(String username, String email); void save(UserProfil utilisateur); void delete(int id); } diff --git a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java index 0508d19..3e9eeee 100644 --- a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java +++ b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java @@ -11,7 +11,6 @@ import org.springframework.jdbc.core.namedparam.MapSqlParameterSource; import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate; import org.springframework.jdbc.support.GeneratedKeyHolder; import org.springframework.jdbc.support.KeyHolder; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Repository; @@ -58,11 +57,16 @@ public class UserRepositoryImpl implements UserRepository { } @Override - public UserProfil findByUsername(String username) { - String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = :username OR email = :username AND isDelete = 0"; - Map params = new HashMap<>(); - params.put("username", username); - UserProfil user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), params); + public UserProfil findByUsername(String username, String email) { + UserProfil user = null; + if (username != null) { + String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = ? AND isDelete = 0"; + user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), username); + } else if (email != null) { + String sql = "SELECT * FROM UTILISATEURS WHERE email = ? AND isDelete = 0"; + user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), email); + } + System.out.println(user.getPassword()); return user; } diff --git a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java index 1f4e974..b6fd6cb 100644 --- a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java +++ b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java @@ -5,7 +5,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @@ -16,14 +15,16 @@ public class WebSecurityConfig{ @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/accueil").permitAll() - .requestMatchers("/login").permitAll() + http.authorizeHttpRequests((requests) -> requests + .requestMatchers("/", "/accueil").permitAll() + .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/profile/**").permitAll() .requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll() .requestMatchers("/article/**").authenticated() .requestMatchers("/admin").hasRole("ADMIN") .anyRequest().authenticated()) .formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true)) - .logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessUrl("/filmLogout") + .logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true) + .deleteCookies("JSESSIONID").logoutSuccessUrl("/logout") .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll()); return http.build();