working login-reg-forms branch

jwoolbright23 · jwoolbright23 · commit c2bf6fbb3e2e · 2023-08-02T16:13:45.000-05:00
diff --git a/src/main/java/org/launchcode/codingevents/controllers/AuthenticationController.java b/src/main/java/org/launchcode/codingevents/controllers/AuthenticationController.java
@@ -0,0 +1,131 @@
+package org.launchcode.codingevents.controllers;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
+import jakarta.validation.Valid;
+import org.launchcode.codingevents.data.UserRepository;
+import org.launchcode.codingevents.models.User;
+import org.launchcode.codingevents.models.dto.LoginFormDTO;
+import org.launchcode.codingevents.models.dto.RegisterFormDTO;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.validation.Errors;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+
+import java.util.Optional;
+
+@Controller
+public class AuthenticationController {
+
+    @Autowired
+    UserRepository userRepository;
+
+    private static final String userSessionKey = "user";
+
+    public User getUserFromSession(HttpSession session) {
+        Integer userId = (Integer) session.getAttribute(userSessionKey);
+        if (userId == null) {
+            return null;
+        }
+
+        Optional<User> user = userRepository.findById(userId);
+
+        if (user.isEmpty()) {
+            return null;
+        }
+
+        return user.get();
+    }
+
+    private static void setUserInSession(HttpSession session, User user) {
+        session.setAttribute(userSessionKey, user.getId());
+    }
+
+    @GetMapping("/register")
+    public String displayRegistrationForm(Model model) {
+        model.addAttribute(new RegisterFormDTO());
+        model.addAttribute("title", "Register");
+        return "register";
+    }
+
+    @PostMapping("/register")
+    public String processRegistrationForm(@ModelAttribute @Valid RegisterFormDTO registerFormDTO,
+                                          Errors errors, HttpServletRequest request,
+                                          Model model) {
+
+        if (errors.hasErrors()) {
+            model.addAttribute("title", "Register");
+            return "register";
+        }
+
+        User existingUser = userRepository.findByUsername(registerFormDTO.getUsername());
+
+        if (existingUser != null) {
+            errors.rejectValue("username", "username.alreadyexists", "A user with that username already exists");
+            model.addAttribute("title", "Register");
+            return "register";
+        }
+
+        String password = registerFormDTO.getPassword();
+        String verifyPassword = registerFormDTO.getVerifyPassword();
+        if (!password.equals(verifyPassword)) {
+            errors.rejectValue("password", "passwords.mismatch", "Passwords do not match");
+            model.addAttribute("title", "Register");
+            return "register";
+        }
+
+        User newUser = new User(registerFormDTO.getUsername(), registerFormDTO.getPassword());
+        userRepository.save(newUser);
+        setUserInSession(request.getSession(), newUser);
+
+        return "redirect:";
+    }
+
+    @GetMapping("/login")
+    public String displayLoginForm(Model model) {
+        model.addAttribute(new LoginFormDTO());
+        model.addAttribute("title", "Log In");
+        return "login";
+    }
+
+    @PostMapping("/login")
+    public String processLoginForm(@ModelAttribute @Valid LoginFormDTO loginFormDTO,
+                                   Errors errors, HttpServletRequest request,
+                                   Model model) {
+
+        if (errors.hasErrors()) {
+            model.addAttribute("title", "Log In");
+            return "login";
+        }
+
+        User theUser = userRepository.findByUsername(loginFormDTO.getUsername());
+
+        if (theUser == null) {
+            errors.rejectValue("username", "user.invalid", "The given username does not exist");
+            model.addAttribute("title", "Log In");
+            return "login";
+        }
+
+        String password = loginFormDTO.getPassword();
+
+        if (!theUser.isMatchingPassword(password)) {
+            errors.rejectValue("password", "password.invalid", "Invalid password");
+            model.addAttribute("title", "Log In");
+            return "login";
+        }
+
+        setUserInSession(request.getSession(), theUser);
+
+        return "redirect:";
+    }
+
+    @GetMapping("/logout")
+    public String logout(HttpServletRequest request){
+        request.getSession().invalidate();
+        return "redirect:/login";
+    }
+
+}
diff --git a/src/main/java/org/launchcode/codingevents/models/User.java b/src/main/java/org/launchcode/codingevents/models/User.java
@@ -19,7 +19,7 @@ public User() {}
 
     public User(String username, String password) {
         this.username = username;
-        this.pwHash = password;
+        this.pwHash = encoder.encode(password);
     }
 
     public String getUsername() {
diff --git a/src/main/java/org/launchcode/codingevents/models/dto/LoginFormDTO.java b/src/main/java/org/launchcode/codingevents/models/dto/LoginFormDTO.java
@@ -0,0 +1,35 @@
+package org.launchcode.codingevents.models.dto;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+public class LoginFormDTO {
+
+    @NotNull
+    @NotBlank
+    @Size(min = 3, max = 20, message = "Invalid username. Must be between 3 and 20 characters.")
+    private String username;
+
+    @NotNull
+    @NotBlank
+    @Size(min = 5, max = 30, message = "Invalid password. Must be between 5 and 30 characters.")
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+}
diff --git a/src/main/java/org/launchcode/codingevents/models/dto/RegisterFormDTO.java b/src/main/java/org/launchcode/codingevents/models/dto/RegisterFormDTO.java
@@ -0,0 +1,15 @@
+package org.launchcode.codingevents.models.dto;
+
+public class RegisterFormDTO extends LoginFormDTO {
+
+    private String verifyPassword;
+
+    public String getVerifyPassword() {
+        return verifyPassword;
+    }
+
+    public void setVerifyPassword(String verifyPassword) {
+        this.verifyPassword = verifyPassword;
+    }
+
+}
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="en" xmlns:th="http://www.thymeleaf.org/">
+<head th:replace="fragments :: head"></head>
+<body class="container">
+
+<header th:replace="fragments :: header"></header>
+
+<form method="post">
+    <div class="form-group">
+        <label th:for="username">Username
+            <input class="form-control" th:field="${loginFormDTO.username}">
+        </label>
+        <p class="error" th:errors="${loginFormDTO.username}"></p>
+    </div>
+    <div class="form-group">
+        <label>Password
+            <input class="form-control" th:field="${loginFormDTO.password}" type="password">
+        </label>
+        <p class="error" th:errors="${loginFormDTO.password}"></p>
+    </div>
+
+    <input type="submit" class="btn btn-primary" value="Log In" />
+</form>
+
+<p>Don't have an account? <a href="/register">Register for one.</a></p>
+
+</body>
+</html>
diff --git a/src/main/resources/templates/register.html b/src/main/resources/templates/register.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html lang="en" xmlns:th="http://www.thymeleaf.org/">
+<head th:replace="fragments :: head"></head>
+<body class="container">
+
+<header th:replace="fragments :: header"></header>
+
+<form method="post">
+    <div class="form-group">
+        <label>Username
+            <input class="form-control" th:field="${registerFormDTO.username}" />
+        </label>
+        <p class="error" th:errors="${registerFormDTO.username}"></p>
+    </div>
+    <div class="form-group">
+        <label>Password
+            <input class="form-control" th:field="${registerFormDTO.password}" type="password" />
+        </label>
+        <p class="error" th:errors="${registerFormDTO.password}"></p>
+    </div>
+    <div class="form-group">
+        <label>Verify Password
+            <input class="form-control" th:field="${registerFormDTO.verifyPassword}" type="password" />
+        </label>
+    </div>
+
+    <input type="submit" class="btn btn-primary" value="Register" />
+</form>
+
+</body>
+</html>

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ public User() {}`
`19`	`19`
`20`	`20`	`public User(String username, String password) {`
`21`	`21`	`this.username = username;`
`22`		`- this.pwHash = password;`
	`22`	`+ this.pwHash = encoder.encode(password);`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`public String getUsername() {`