-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAuthController.java
More file actions
50 lines (44 loc) · 2.02 KB
/
AuthController.java
File metadata and controls
50 lines (44 loc) · 2.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package ftn.security.minikms.controller;
import ftn.security.minikms.dto.AuthDTO;
import ftn.security.minikms.dto.TokenDTO;
import ftn.security.minikms.repository.UserRepository;
import ftn.security.minikms.service.auth.JwtService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/api/v1/auth")
public class AuthController {
private final UserRepository userRepository;
private final AuthenticationManager authManager;
private final JwtService jwtService;
@Autowired
public AuthController(
UserRepository userRepository,
AuthenticationManager authManager,
JwtService jwtService) {
this.userRepository = userRepository;
this.authManager = authManager;
this.jwtService = jwtService;
}
@PostMapping
public ResponseEntity<?> auth(@RequestBody AuthDTO dto) {
try {
var username = authManager.authenticate(
new UsernamePasswordAuthenticationToken(dto.getUsername(), dto.getPassword())
).getName();
var user = userRepository.findByUsername(username).orElseThrow(() ->
new IllegalStateException("Authenticated user not found in database"));
var token = jwtService.generateToken(username, user.getId(), user.getRole());
return ResponseEntity.ok(new TokenDTO(token));
} catch (AuthenticationException e) {
return ResponseEntity.status(401).body("Invalid credentials");
}
}
}