Adding basic authentication to the server.

This will allow us to host it on a webserver for integration purposes.

app/server/server/pom.xml

@@ -23,19 +23,29 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-cache</artifactId>
 		</dependency>
-		<!--<dependency>-->
-			<!--<groupId>org.springframework.boot</groupId>-->
-			<!--<artifactId>spring-boot-starter-data-jpa</artifactId>-->
-		<!--</dependency>-->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-client</artifactId>
+			<version>5.1.4.RELEASE</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-jose</artifactId>
+			<version>5.1.4.RELEASE</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-config</artifactId>
+			<version>5.1.4.RELEASE</version>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-webflux</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
@@ -50,6 +60,7 @@
 			<artifactId>lombok</artifactId>
 			<optional>true</optional>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>

app/server/server/src/main/java/com/mobtools/server/configurations/CommonConfig.java

@@ -2,12 +2,10 @@ package com.mobtools.server.configurations;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.data.mongodb.config.EnableMongoAuditing;
 import reactor.core.scheduler.Scheduler;
 import reactor.core.scheduler.Schedulers;
 
 @Configuration
-@EnableMongoAuditing
 public class CommonConfig {
 
     private String ELASTIC_THREAD_POOL_NAME = "mobtools-elastic-pool";

app/server/server/src/main/java/com/mobtools/server/configurations/MongoConfig.java

@@ -2,14 +2,20 @@ package com.mobtools.server.configurations;
 
 import com.mongodb.reactivestreams.client.MongoClient;
 import com.mongodb.reactivestreams.client.MongoClients;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.data.mongodb.config.AbstractReactiveMongoConfiguration;
+import org.springframework.data.mongodb.config.EnableMongoAuditing;
 import org.springframework.data.mongodb.core.ReactiveMongoTemplate;
 import org.springframework.data.mongodb.repository.config.EnableReactiveMongoRepositories;
 
+@EnableMongoAuditing
 @EnableReactiveMongoRepositories
 public class MongoConfig extends AbstractReactiveMongoConfiguration {
 
+    @Value("${spring.data.mongodb.database}")
+    private String dbName;
+
     @Override
     public MongoClient reactiveMongoClient() {
         return MongoClients.create();
@@ -17,11 +23,11 @@ public class MongoConfig extends AbstractReactiveMongoConfiguration {
 
     @Bean
     public ReactiveMongoTemplate reactiveMongoTemplate() throws Exception {
-        return new ReactiveMongoTemplate(reactiveMongoClient(), "mobtools");
+        return new ReactiveMongoTemplate(reactiveMongoClient(), dbName);
     }
 
     @Override
     protected String getDatabaseName() {
-        return "mobtools";
+        return dbName;
     }
 }

app/server/server/src/main/java/com/mobtools/server/configurations/SecurityConfig.java

@@ -1,41 +1,48 @@
 package com.mobtools.server.configurations;
 
 
+import com.mobtools.server.constants.Security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.web.reactive.config.EnableWebFlux;
 
 @Configuration
+@EnableWebFlux
 @EnableWebFluxSecurity
 @EnableReactiveMethodSecurity
 public class SecurityConfig {
 
-//    private final DaoAuthenticationManager reactiveAuthenticationManager;
+    @Bean
+    public MapReactiveUserDetailsService userDetailsService() {
+        UserDetails user = User
+                .withUsername("api_user")
+                .password(passwordEncoder().encode("8uA@;&mB:cnvN~{#"))
+                .roles(Security.USER_ROLE)
+                .build();
+        return new MapReactiveUserDetailsService(user);
+    }
 
-//    private final SecurityContextRepository securityContextRepository;
+    @Bean
-
+    public PasswordEncoder passwordEncoder() {
-//    @Autowired
+        return new BCryptPasswordEncoder();
-//    public SecurityConfig(DaoAuthenticationManager reactiveAuthenticationManager,
+    }
-//                          SecurityContextRepository securityContextRepository) {
-//        this.reactiveAuthenticationManager = reactiveAuthenticationManager;
-//        this.securityContextRepository = securityContextRepository;
-//    }
 
     @Bean
     public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
         return http
-                .csrf().disable()
-                .formLogin().disable()
-                .httpBasic().disable()
-//            .authenticationManager(reactiveAuthenticationManager)
-//            .securityContextRepository(securityContextRepository)
                 .authorizeExchange()
-                .anyExchange().permitAll()
+                .anyExchange()
-                .and()
+                .authenticated()
-                .logout().disable()
+                .and().httpBasic()
-                .build();
+                .and().build();
     }
 }

app/server/server/src/main/java/com/mobtools/server/constants/Security.java

@@ -0,0 +1,5 @@
+package com.mobtools.server.constants;
+
+public interface Security {
+    String USER_ROLE = "USER_ROLE";
+}

app/server/server/src/main/java/com/mobtools/server/controllers/IndexController.java

@@ -0,0 +1,24 @@
+package com.mobtools.server.controllers;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import reactor.core.publisher.Mono;
+
+import java.security.Principal;
+
+@Slf4j
+@RestController
+@RequestMapping("")
+public class IndexController {
+
+    @GetMapping
+    public Mono<String> index(Mono<Principal> principal) {
+        return principal
+                .map(Principal::getName)
+                .map(name -> String.format("Hello %s", name));
+    }
+}

app/server/server/src/main/java/com/mobtools/server/domains/Role.java

@@ -0,0 +1,22 @@
+package com.mobtools.server.domains;
+
+
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import org.springframework.data.mongodb.core.mapping.Document;
+
+import javax.validation.constraints.NotEmpty;
+
+
+@Document
+@Getter
+@Setter
+@ToString
+public class Role extends BaseDomain {
+
+    private static final long serialVersionUID = -9218373922209100577L;
+
+    @NotEmpty
+    private String name;
+}

app/server/server/src/main/java/com/mobtools/server/domains/User.java

@@ -6,6 +6,8 @@ import lombok.Setter;
 import lombok.ToString;
 import org.springframework.data.mongodb.core.mapping.Document;
 
+import java.util.Set;
+
 
 @Getter
 @Setter
@@ -17,4 +19,8 @@ public class User extends BaseDomain {
     private String name;
 
     private String email;
+
+    private Set<Role> roles;
+
+    private String password;
 }

app/server/server/src/main/java/com/mobtools/server/repositories/UserRepository.java

@@ -2,7 +2,10 @@ package com.mobtools.server.repositories;
 
 import com.mobtools.server.domains.User;
 import org.springframework.stereotype.Repository;
+import reactor.core.publisher.Mono;
 
 @Repository
 public interface UserRepository extends BaseRepository<User, String> {
+
+    Mono<User> findByName(String name);
 }

app/server/server/src/main/java/com/mobtools/server/services/UserService.java

@@ -1,6 +1,9 @@
 package com.mobtools.server.services;
 
 import com.mobtools.server.domains.User;
+import reactor.core.publisher.Mono;
 
 public interface UserService extends CrudService<User, String> {
+
+    Mono<User> findByUsername(String name);
 }

app/server/server/src/main/java/com/mobtools/server/services/UserServiceImpl.java

@@ -5,15 +5,24 @@ import com.mobtools.server.repositories.UserRepository;
 import org.springframework.data.mongodb.core.ReactiveMongoTemplate;
 import org.springframework.data.mongodb.core.convert.MongoConverter;
 import org.springframework.stereotype.Service;
+import reactor.core.publisher.Mono;
 import reactor.core.scheduler.Scheduler;
 
 @Service
 public class UserServiceImpl extends BaseService<UserRepository, User, String> implements UserService {
 
+    private UserRepository repository;
+
     public UserServiceImpl(Scheduler scheduler,
                            MongoConverter mongoConverter,
                            ReactiveMongoTemplate reactiveMongoTemplate,
                            UserRepository repository) {
         super(scheduler, mongoConverter, reactiveMongoTemplate, repository);
+        this.repository = repository;
+    }
+
+    @Override
+    public Mono<User> findByUsername(String name) {
+        return repository.findByName(name);
     }
 }