cred change start

2023-09-03 16:40:40 +01:00
parent 9fe96bec40
commit 146dd3c00b
11 changed files with 275 additions and 30 deletions
--- a/src/main/java/stirling/software/SPDF/config/AppConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/AppConfig.java
@@ -13,7 +13,6 @@ public class AppConfig {
    
    @Bean(name = "loginEnabled")
    public boolean loginEnabled() {
-        System.out.println(applicationProperties.toString());
        return applicationProperties.getSecurity().getEnableLogin();
    }

--- a/src/main/java/stirling/software/SPDF/config/security/FirstLoginFilter.java
+++ b/src/main/java/stirling/software/SPDF/config/security/FirstLoginFilter.java
@@ -0,0 +1,53 @@
+package stirling.software.SPDF.config.security;
+
+import java.io.IOException;
+import java.util.Optional;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import stirling.software.SPDF.model.User;
+
+@Component
+public class FirstLoginFilter extends OncePerRequestFilter {
+	
+    @Autowired
+    @Lazy
+    private UserService userService;
+    
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+    	String method = request.getMethod();
+    	String requestURI = request.getRequestURI(); 
+    	 // Check if the request is for static resources
+        boolean isStaticResource = requestURI.startsWith("/css/") 
+                                || requestURI.startsWith("/js/")
+                                || requestURI.startsWith("/images/")
+                                || requestURI.startsWith("/public/")
+                                || requestURI.endsWith(".svg");
+
+        // If it's a static resource, just continue the filter chain and skip the logic below
+        if (isStaticResource) {
+            filterChain.doFilter(request, response);
+            return;
+        }
+        
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication != null && authentication.isAuthenticated()) {
+            Optional<User> user = userService.findByUsername(authentication.getName());
+            if ("GET".equalsIgnoreCase(method) && user.isPresent() && user.get().isFirstLogin() && !"/change-creds".equals(requestURI)) {
+                response.sendRedirect("/change-creds");
+                return;
+            }
+        }
+        filterChain.doFilter(request, response);
+    }
+}
--- a/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java
+++ b/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java
@@ -28,7 +28,7 @@ public class InitialSecuritySetup {
 		if (!userService.hasUsers()) {
 			String initialUsername = "admin";
 			String initialPassword = "stirling";
-			userService.saveUser(initialUsername, initialPassword, Role.ADMIN.getRoleId());
+			userService.saveUser(initialUsername, initialPassword, Role.ADMIN.getRoleId(), true);
 			
 			
 	        
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@@ -41,6 +41,9 @@ public class SecurityConfiguration {
    @Autowired
    private UserAuthenticationFilter userAuthenticationFilter;
    
+    @Autowired
+    private FirstLoginFilter firstLoginFilter;
+    
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception  {
    	http.addFilterBefore(userAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
@@ -48,6 +51,7 @@ public class SecurityConfiguration {
    	if(loginEnabledValue) {
    		
    		http.csrf(csrf -> csrf.disable());
+    		http.addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class);
 	        http
 	            .formLogin(formLogin -> formLogin
 	                .loginPage("/login")
--- a/src/main/java/stirling/software/SPDF/config/security/UserService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/UserService.java
@@ -113,12 +113,23 @@ public class UserService {
        userRepository.save(user);
    }

+    public void saveUser(String username, String password, String role, boolean firstLogin) {
+        User user = new User();
+        user.setUsername(username);
+        user.setPassword(passwordEncoder.encode(password));
+        user.addAuthority(new Authority(role, user));
+        user.setEnabled(true);
+        user.setFirstLogin(firstLogin);
+        userRepository.save(user);
+    }
+    
    public void saveUser(String username, String password, String role) {
        User user = new User();
        user.setUsername(username);
        user.setPassword(passwordEncoder.encode(password));
        user.addAuthority(new Authority(role, user));
        user.setEnabled(true);
+        user.setFirstLogin(false);
        userRepository.save(user);
    }
    
@@ -168,6 +179,12 @@ public class UserService {
        userRepository.save(user);
    }
    
+    public void changeFirstUse(User user, boolean firstUse) {
+        user.setFirstLogin(firstUse);
+        userRepository.save(user);
+    }
+    
+    
    public boolean isPasswordCorrect(User user, String currentPassword) {
        return passwordEncoder.matches(currentPassword, user.getPassword());
    }