From a44efe06b750f9ebe6a10ac2e39d1b9d6cf15e0f Mon Sep 17 00:00:00 2001
From: Seil0 <seil0@mosad.xyz>
Date: Sun, 8 Dec 2019 17:16:17 +0100
Subject: [PATCH] reworked login to actually use a database

* added a very basic login setup, see wiki.mosad.xyz for more information
* updated spring boot to 2.2.2
---
 prototype/build.gradle                        | 10 ++-
 .../org/hso/ecommerce/app/Application.java    |  4 +
 .../hso/ecommerce/app/RequestController.java  | 79 ++++++++++++++++---
 .../org/hso/ecommerce/db/CustomerConfig.java  | 30 +++++++
 .../hso/ecommerce/db/CustomerRepository.java  | 18 +++++
 .../org/hso/ecommerce/entities/Customer.java  | 52 ++++++++++++
 .../java/org/hso/ecommerce/objects/User.java  | 23 ------
 .../src/main/resources/application.properties |  7 +-
 prototype/src/main/resources/db/customers.sql |  1 +
 .../resources/templates/fragments/header.html | 32 +-------
 .../src/main/resources/templates/home.html    |  2 +-
 .../src/main/resources/templates/login.html   | 35 ++++++++
 .../main/resources/templates/register.html    | 12 ++-
 13 files changed, 234 insertions(+), 71 deletions(-)
 create mode 100644 prototype/src/main/java/org/hso/ecommerce/db/CustomerConfig.java
 create mode 100644 prototype/src/main/java/org/hso/ecommerce/db/CustomerRepository.java
 create mode 100644 prototype/src/main/java/org/hso/ecommerce/entities/Customer.java
 delete mode 100644 prototype/src/main/java/org/hso/ecommerce/objects/User.java
 create mode 100644 prototype/src/main/resources/db/customers.sql
 create mode 100644 prototype/src/main/resources/templates/login.html

diff --git a/prototype/build.gradle b/prototype/build.gradle
index a8cdb7e..6cecc52 100644
--- a/prototype/build.gradle
+++ b/prototype/build.gradle
@@ -3,7 +3,7 @@ buildscript {
         mavenCentral()
     }
     dependencies {
-        classpath("org.springframework.boot:spring-boot-gradle-plugin:2.2.1.RELEASE")
+        classpath("org.springframework.boot:spring-boot-gradle-plugin:2.2.2.RELEASE")
     }
 }
 
@@ -20,9 +20,11 @@ sourceCompatibility = 1.8
 targetCompatibility = 1.8
 
 dependencies {
-    compile("org.springframework.boot:spring-boot-starter-web")
-    compile("org.springframework.boot:spring-boot-starter-thymeleaf")
-    compile("org.springframework.boot:spring-boot-devtools")
+    implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jdbc'
+    implementation 'org.springframework.boot:spring-boot-devtools'
+    implementation 'org.hsqldb:hsqldb'
     testCompile("org.springframework.boot:spring-boot-starter-test")
 }
 
diff --git a/prototype/src/main/java/org/hso/ecommerce/app/Application.java b/prototype/src/main/java/org/hso/ecommerce/app/Application.java
index 2e51c2e..3d335a9 100644
--- a/prototype/src/main/java/org/hso/ecommerce/app/Application.java
+++ b/prototype/src/main/java/org/hso/ecommerce/app/Application.java
@@ -2,8 +2,12 @@ package org.hso.ecommerce.app;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.data.jdbc.repository.config.EnableJdbcRepositories;
 
 @SpringBootApplication
+@EnableJdbcRepositories
+@ComponentScan(basePackages = {"org.hso.ecommerce"})
 public class Application {
 
     public static void main(String[] args){
diff --git a/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java b/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java
index 9dd209f..c46de63 100644
--- a/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java
+++ b/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java
@@ -1,17 +1,25 @@
 package org.hso.ecommerce.app;
 
-import org.hso.ecommerce.objects.User;
+import org.hso.ecommerce.db.CustomerRepository;
+import org.hso.ecommerce.entities.Customer;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
+import java.util.List;
 import java.util.UUID;
 
 @Controller
 public class RequestController {
 
+    private final CustomerRepository customerRepo;
+
+    public RequestController(CustomerRepository customerRepo) {
+        this.customerRepo = customerRepo;
+    }
+
     @GetMapping("/")
     public String greeting() {
         return "redirect:/home";
@@ -19,7 +27,7 @@ public class RequestController {
 
     @GetMapping("/home")
     public String home(Model model) {
-        model.addAttribute(new User());
+        model.addAttribute(new Customer());
         return "home";
     }
 
@@ -29,12 +37,63 @@ public class RequestController {
         return "greeting";
     }
 
-    @RequestMapping(value="/home", method=RequestMethod.POST, params="action=login")
-    public String login(@ModelAttribute User user, HttpServletResponse response) {
-        // do the login magic and get a loginToken
-        System.out.println(user.getUname());
-        System.out.println(user.getPwd());
+    @GetMapping("/login")
+    public String login(@CookieValue(value = "loginToken", defaultValue = "") String loginToken, Model model) {
+        model.addAttribute(new Customer());
 
+        System.out.println(loginToken); // TODO if cookie is present, redirect to home
+        return "login";
+    }
+    @RequestMapping(value="/login", method=RequestMethod.POST, params="action=login")
+    public String loginAction(@ModelAttribute Customer customer, HttpServletResponse response) {
+        // do the login magic and get a loginToken
+        System.out.println(customer.username);
+        System.out.println(customer.password);
+
+        List<Customer> customers = customerRepo.findByUsername(customer.username);
+
+        if (customers.size() == 1 && (customers.get(0).username.equals(customer.username) && customers.get(0).password.equals(customer.password))) {
+            System.out.println("The login data is valid");
+
+            String loginToken = UUID.randomUUID().toString();
+
+            // set the loginToken as session cookie
+            Cookie cookie = new Cookie("loginToken", loginToken);
+            response.addCookie(cookie);
+        } else {
+            System.out.println("The login data is invalid!");
+            return "redirect:/login"; // redirect so the input files get cleared, otherwise only pwd gets cleared
+        }
+
+        return "redirect:/home";
+    }
+
+    @GetMapping("/register")
+    public String register(@CookieValue(value = "loginToken", defaultValue = "") String loginToken, Model model) {
+        model.addAttribute(new Customer());
+
+        System.out.println(loginToken); // TODO if cookie is present, redirect to home
+        return "register";
+    }
+
+
+
+    @RequestMapping(value="/register", method=RequestMethod.POST, params="action=register")
+    public String registerAction(@ModelAttribute Customer customer, HttpServletResponse response) {
+        // do the register magic and get a loginToken
+        System.out.println(customer.username);
+        System.out.println(customer.password);
+
+        if (customerRepo.findByUsername(customer.username).size() != 0) {
+            // TODO
+            System.out.println("The customer exists already");
+            return "register";
+        } else {
+            customerRepo.save(customer);
+            System.out.println(customerRepo.findByUsername(customer.username).size());
+        }
+
+        // return a login token after successful registration
         String loginToken = UUID.randomUUID().toString();
 
         // set the loginToken as session cookie
@@ -43,10 +102,4 @@ public class RequestController {
         return "redirect:/home";
     }
 
-    @RequestMapping("/register")
-    public String register(@CookieValue(value = "loginToken", defaultValue = "") String loginToken) {
-        System.out.println(loginToken);
-        return "register";
-    }
-
 }
diff --git a/prototype/src/main/java/org/hso/ecommerce/db/CustomerConfig.java b/prototype/src/main/java/org/hso/ecommerce/db/CustomerConfig.java
new file mode 100644
index 0000000..4ea9ec5
--- /dev/null
+++ b/prototype/src/main/java/org/hso/ecommerce/db/CustomerConfig.java
@@ -0,0 +1,30 @@
+package org.hso.ecommerce.db;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.jdbc.repository.config.AbstractJdbcConfiguration;
+import org.springframework.data.jdbc.repository.config.EnableJdbcRepositories;
+import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
+
+import javax.sql.DataSource;
+
+@Configuration
+@EnableJdbcRepositories
+public class CustomerConfig extends AbstractJdbcConfiguration {
+
+    @Bean
+    public DataSource dataSource() {
+        return new EmbeddedDatabaseBuilder()
+                .generateUniqueName(true)
+                .setType(EmbeddedDatabaseType.HSQL)
+                .addScript("classpath:db/customers.sql")
+                .build();
+    }
+
+    @Bean
+    public NamedParameterJdbcTemplate namedParameterJdbcTemplate(DataSource dataSource) {
+        return new NamedParameterJdbcTemplate(dataSource);
+    }
+}
diff --git a/prototype/src/main/java/org/hso/ecommerce/db/CustomerRepository.java b/prototype/src/main/java/org/hso/ecommerce/db/CustomerRepository.java
new file mode 100644
index 0000000..b66f1c0
--- /dev/null
+++ b/prototype/src/main/java/org/hso/ecommerce/db/CustomerRepository.java
@@ -0,0 +1,18 @@
+package org.hso.ecommerce.db;
+
+import org.hso.ecommerce.entities.Customer;
+import org.springframework.data.jdbc.repository.query.Query;
+import org.springframework.data.repository.CrudRepository;
+
+import java.util.List;
+
+public interface CustomerRepository extends CrudRepository<Customer, Long> {
+
+    @Query("SELECT * FROM customer WHERE lastName = :lastName")
+    List<Customer> findByLastname(String lastName);
+
+    @Query("SELECT * FROM customer WHERE username = :username")
+    List<Customer> findByUsername(String username);
+}
+
+
diff --git a/prototype/src/main/java/org/hso/ecommerce/entities/Customer.java b/prototype/src/main/java/org/hso/ecommerce/entities/Customer.java
new file mode 100644
index 0000000..3c3b0e9
--- /dev/null
+++ b/prototype/src/main/java/org/hso/ecommerce/entities/Customer.java
@@ -0,0 +1,52 @@
+package org.hso.ecommerce.entities;
+
+import org.springframework.data.annotation.Id;
+
+public class Customer {
+    @Id
+    public Long id;
+    public String lastname;
+    public String firstname;
+    public String username;
+    public String password;
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getLastname() {
+        return lastname;
+    }
+
+    public void setLastname(String lastname) {
+        this.lastname = lastname;
+    }
+
+    public String getFirstname() {
+        return firstname;
+    }
+
+    public void setFirstname(String firstname) {
+        this.firstname = firstname;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}
diff --git a/prototype/src/main/java/org/hso/ecommerce/objects/User.java b/prototype/src/main/java/org/hso/ecommerce/objects/User.java
deleted file mode 100644
index 8d8c789..0000000
--- a/prototype/src/main/java/org/hso/ecommerce/objects/User.java
+++ /dev/null
@@ -1,23 +0,0 @@
-package org.hso.ecommerce.objects;
-
-public class User {
-
-    private String uname;
-    private String pwd;
-
-    public String getUname() {
-        return uname;
-    }
-
-    public void setUname(String uname) {
-        this.uname = uname;
-    }
-
-    public String getPwd() {
-        return pwd;
-    }
-
-    public void setPwd(String pwd) {
-        this.pwd = pwd;
-    }
-}
diff --git a/prototype/src/main/resources/application.properties b/prototype/src/main/resources/application.properties
index 8cff660..fbf6f8d 100644
--- a/prototype/src/main/resources/application.properties
+++ b/prototype/src/main/resources/application.properties
@@ -3,9 +3,14 @@
 # ----------------------------------------
 
 # LOGGING
-
 logging.level.org.springframework.web=INFO
 
+# DATABASE
+spring.datasource.url=jdbc:HSQL
+spring.datasource.username=
+spring.datasource.password=
+spring.datasource.driver-class-name=org.hsqldb.jdbc.JDBCDriver
+
 # ----------------------------------------
 # WEB PROPERTIES
 # ----------------------------------------
diff --git a/prototype/src/main/resources/db/customers.sql b/prototype/src/main/resources/db/customers.sql
new file mode 100644
index 0000000..7dde34b
--- /dev/null
+++ b/prototype/src/main/resources/db/customers.sql
@@ -0,0 +1 @@
+CREATE TABLE IF NOT EXISTS customer (id INTEGER IDENTITY PRIMARY KEY, lastname VARCHAR(100), firstname VARCHAR(100), username VARCHAR(100), password VARCHAR(100));
diff --git a/prototype/src/main/resources/templates/fragments/header.html b/prototype/src/main/resources/templates/fragments/header.html
index e631277..c3678d2 100644
--- a/prototype/src/main/resources/templates/fragments/header.html
+++ b/prototype/src/main/resources/templates/fragments/header.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="de" dir="ltr" xmlns:th="http://www.thymeleaf.org">
 <head>
-    <meta charset="UTF-8">
+    <meta charset="utf-8">
     <title>e-commerce</title>
 </head>
 <body>
@@ -14,33 +14,9 @@
                 <button>Finden</button>
             </div>
 
-            <button onclick="document.getElementById('login').style.display='block'" style="width:auto;">Login</button>
-            <div id="login" class="dialog">
-                <form class="dialog-content" th:action="@{/home}" th:object="${user}" method="post">
-                    <div class="container">
-                        <label><b>Username</b></label>
-                        <input type="text" th:field="*{uname}" placeholder="Enter Username" name="uname" required>
-
-                        <label><b>Password</b></label>
-                        <input type="password" th:field="*{pwd}" placeholder="Enter Password" name="pwd" required>
-
-                        <button type="submit" name="action" value="login">Login</button>
-                        <label>
-                            <input type="checkbox" checked="checked" name="remember"> Remember me
-                        </label>
-                    </div>
-
-                    <div class="container">
-                        <button type="button" onclick="document.getElementById('login').style.display='none'" class="cancelbtn">Cancel</button>
-                        <span class="psw">Forgot <a href="#">password?</a></span>
-                    </div>
-                </form>
-
-            </div>
-
- <!--           <form class="button" th:action="@{/home}" method="POST">
-                <button type="submit" name="action" value="login">Login</button>
-            </form>-->
+            <form class="button" th:action="@{/login}" method="GET">
+                <button type="submit">Login</button>
+            </form>
         </div>
     </nav>
 </body>
diff --git a/prototype/src/main/resources/templates/home.html b/prototype/src/main/resources/templates/home.html
index 0f83442..6bd1849 100644
--- a/prototype/src/main/resources/templates/home.html
+++ b/prototype/src/main/resources/templates/home.html
@@ -78,7 +78,7 @@
                         <h2>Werde jetzt Kunde</h2>
                         <p> Jetzt Kunde werden und viele Vorteile sichern,
                             wie z.B. personalisierte Empfehlungen. </p>
-                        <form class="button" th:action="@{/register}" method="POST">
+                        <form class="button" th:action="@{/register}">
                             <button type="submit" name="action" value="register">Registieren</button>
                         </form>
                     </div>
diff --git a/prototype/src/main/resources/templates/login.html b/prototype/src/main/resources/templates/login.html
new file mode 100644
index 0000000..326c0d5
--- /dev/null
+++ b/prototype/src/main/resources/templates/login.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html lang="de" dir="ltr" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="utf-8">
+    <title>e-commerce</title>
+    <link href="../static/css/ecom.css" rel="stylesheet" th:href="@{/css/ecom.css}"/>
+</head>
+<body>
+    <nav th:replace="fragments/header :: header">Header</nav>
+    <div class='hero'>
+        <main>
+            <form class="content-width" th:action="@{/login}" th:object="${customer}" method="post">
+                <div class="container">
+                    <label><b>Username</b></label>
+                    <input type="text" th:field="*{username}" placeholder="Enter Username" name="uname" required>
+
+                    <label><b>Password</b></label>
+                    <input type="password" th:field="*{password}" placeholder="Enter Password" name="pwd" required>
+
+                    <button type="submit" name="action" value="login">Login</button>
+                    <label>
+                        <input type="checkbox" checked="checked" name="remember"> Remember me
+                    </label>
+                </div>
+
+                <div class="container">
+                    <button type="button" onclick="document.getElementById('login').style.display='none'" class="cancelbtn">Cancel</button>
+                    <span class="psw">Forgot <a href="#">password?</a></span>
+                </div>
+            </form>
+        </main>
+    </div>
+    <footer th:replace="fragments/footer :: footer"></footer>
+</body>
+</html>
diff --git a/prototype/src/main/resources/templates/register.html b/prototype/src/main/resources/templates/register.html
index 005062d..e7b8339 100644
--- a/prototype/src/main/resources/templates/register.html
+++ b/prototype/src/main/resources/templates/register.html
@@ -8,7 +8,17 @@
 <body>
     <nav th:replace="fragments/header :: header">Header</nav>
     <main>
-    <!-- TODO -->
+        <form class="dialog-content" th:action="@{/register}" th:object="${customer}" method="post">
+            <div class="container">
+                <label><b>Username</b></label>
+                <input type="text" th:field="*{username}" placeholder="Enter Username" name="uname" required>
+
+                <label><b>Password</b></label>
+                <input type="password" th:field="*{password}" placeholder="Enter Password" name="pwd" required>
+
+                <button type="submit" name="action" value="register">Login</button>
+            </div>
+        </form>
     </main>
     <footer th:replace="fragments/footer :: footer"></footer>
 </body>