9884c65b10
# Description This pull request includes several changes aimed at improving the code structure and removing redundant code. The most significant changes involve reordering methods, removing unnecessary annotations, and refactoring constructors to use dependency injection. Autowired now comes via constructor (which also doesn't need autowired annotation as its done by default for configuration) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
64 lines
2.5 KiB
Java
64 lines
2.5 KiB
Java
package stirling.software.SPDF.config.security;
|
|
|
|
import java.util.Collection;
|
|
import java.util.Set;
|
|
import java.util.stream.Collectors;
|
|
|
|
import org.springframework.security.authentication.LockedException;
|
|
import org.springframework.security.core.GrantedAuthority;
|
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
import org.springframework.security.core.userdetails.UserDetails;
|
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|
import org.springframework.stereotype.Service;
|
|
|
|
import stirling.software.SPDF.model.Authority;
|
|
import stirling.software.SPDF.model.User;
|
|
import stirling.software.SPDF.repository.UserRepository;
|
|
|
|
@Service
|
|
public class CustomUserDetailsService implements UserDetailsService {
|
|
|
|
private final UserRepository userRepository;
|
|
|
|
private final LoginAttemptService loginAttemptService;
|
|
|
|
public CustomUserDetailsService(
|
|
UserRepository userRepository, LoginAttemptService loginAttemptService) {
|
|
this.userRepository = userRepository;
|
|
this.loginAttemptService = loginAttemptService;
|
|
}
|
|
|
|
@Override
|
|
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
|
User user =
|
|
userRepository
|
|
.findByUsername(username)
|
|
.orElseThrow(
|
|
() ->
|
|
new UsernameNotFoundException(
|
|
"No user found with username: " + username));
|
|
if (loginAttemptService.isBlocked(username)) {
|
|
throw new LockedException(
|
|
"Your account has been locked due to too many failed login attempts.");
|
|
}
|
|
if (!user.hasPassword()) {
|
|
throw new IllegalArgumentException("Password must not be null");
|
|
}
|
|
return new org.springframework.security.core.userdetails.User(
|
|
user.getUsername(),
|
|
user.getPassword(),
|
|
user.isEnabled(),
|
|
true,
|
|
true,
|
|
true,
|
|
getAuthorities(user.getAuthorities()));
|
|
}
|
|
|
|
private Collection<? extends GrantedAuthority> getAuthorities(Set<Authority> authorities) {
|
|
return authorities.stream()
|
|
.map(authority -> new SimpleGrantedAuthority(authority.getAuthority()))
|
|
.collect(Collectors.toList());
|
|
}
|
|
}
|