Implemented Login and Logout Functionality

ajaynegi45 · Oct 12, 2024 · 4cc8056 · 4cc8056
1 parent 57ae1cf
commit 4cc8056
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 14 deletions.
diff --git a/src/main/java/com/libraryman_api/security/config/WebConfiguration.java b/src/main/java/com/libraryman_api/security/config/WebConfiguration.java
@@ -39,8 +39,8 @@ public SecurityFilterChain web(HttpSecurity http) throws Exception {
                                 // make sure it is in order to access the proper Url
 
                                 .requestMatchers("/api/signup").permitAll()
-                                .requestMatchers("/api/signup/admin").permitAll()
-                                .requestMatchers("/api/signup/librarian").permitAll()
+                                .requestMatchers("/api/signup/admin/{secretKey}").permitAll()
+                                .requestMatchers("/api/signup/librarian/{secretKey}").permitAll()
                                 .requestMatchers("/api/login").permitAll()
                                 .requestMatchers("/api/logout").permitAll()
                                 .anyRequest().authenticated()

diff --git a/src/main/java/com/libraryman_api/security/controllers/SignupController.java b/src/main/java/com/libraryman_api/security/controllers/SignupController.java
@@ -1,7 +1,6 @@
 package com.libraryman_api.security.controllers;
 
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
@@ -23,12 +22,12 @@ public void signup(@RequestBody Members members) {
 		this.signupService.signup(members);
 
 	}
-	@PostMapping("/api/signup/admin")
-	public void signupAdmin(@RequestBody Members members) {
-		this.signupService.signupAdmin(members);
+	@PostMapping("/api/signup/admin/{secretKey}")
+	public void signupAdmin(@RequestBody Members members,@PathVariable String secretKey) {
+		this.signupService.signupAdmin(members,secretKey);
 	}
-	@PostMapping("/api/signup/librarian")
-	public void signupLibrarian(@RequestBody Members members) {
-		this.signupService.signupLibrarian(members);
+	@PostMapping("/api/signup/librarian/{secretKey}")
+	public void signupLibrarian(@RequestBody Members members,@PathVariable String secretKey) {
+		this.signupService.signupLibrarian(members,secretKey);
 	}
 }
diff --git a/src/main/java/com/libraryman_api/security/services/SignupService.java b/src/main/java/com/libraryman_api/security/services/SignupService.java
@@ -3,7 +3,7 @@
 import java.util.Date;
 import java.util.Optional;
 
-
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
 
@@ -20,6 +20,12 @@ public class SignupService {
 
 	private PasswordEncoder passwordEncoder;
 
+	@Value("${admin.secretKey}")
+	private String adminSecretKey;
+
+	@Value("${librarian.secretKey}")
+	private String librarianSecretKey;
+
 	public SignupService(MemberRepository memberRepository,PasswordEncoder passwordEncoder) {
 		this.memberRepository=memberRepository;
 		this.passwordEncoder=passwordEncoder;
@@ -44,7 +50,7 @@ public void signup(Members members) {
 		memberRepository.save(new_members);
 	}
 
-	public void signupAdmin(Members members) {
+	public void signupAdmin(Members members,String secretKey) {
 		Optional<Members> memberOptId=memberRepository.findById(members.getMemberId());
 		Optional<Members> memberOptUsername=memberRepository.findByUsername(members.getUsername());
 		if(memberOptId.isPresent()) {
@@ -53,6 +59,9 @@ public void signupAdmin(Members members) {
 		if(memberOptUsername.isPresent()) {
 			throw new ResourceNotFoundException("User already Exists"); 
 		}
+		if(!adminSecretKey.equals(secretKey)) {
+			throw new ResourceNotFoundException("Secret Key does not match");
+		}
 		String encoded_password=passwordEncoder.bCryptPasswordEncoder().encode(members.getPassword());
 		Members new_members=new Members();
 		new_members.setEmail(members.getEmail());
@@ -64,7 +73,7 @@ public void signupAdmin(Members members) {
 		memberRepository.save(new_members);
 
 	}
-	public void signupLibrarian(Members members) {
+	public void signupLibrarian(Members members,String secretKey) {
 		Optional<Members> memberOptId=memberRepository.findById(members.getMemberId());
 		Optional<Members> memberOptUsername=memberRepository.findByUsername(members.getUsername());
 		if(memberOptId.isPresent()) {
@@ -73,6 +82,9 @@ public void signupLibrarian(Members members) {
 		if(memberOptUsername.isPresent()) {
 			throw new ResourceNotFoundException("User already Exists"); 
 		}
+		if(!librarianSecretKey.equals(secretKey)) {
+			throw new ResourceNotFoundException("secret key does not match");
+		}
 		String encoded_password=passwordEncoder.bCryptPasswordEncoder().encode(members.getPassword());
 		Members new_members=new Members();
 		new_members.setEmail(members.getEmail());

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -1,3 +1,5 @@
 spring.application.name=libraryman-api
 spring.profiles.active=${ENV:dev}
-jwt.secretKey=${YOUR_JWT_SECRET_KEY}
+jwt.secretKey=${YOUR_JWT_SECRET_KEY}
+admin.secretKey=${ADMIN_SECRET_KEY}
+librarian.secretKey=${LIBRARIAN_SECRET_KEY}