From fa2e4b066916975bb1f3714679dd15ada54909ce Mon Sep 17 00:00:00 2001
From: djmil <andriy@djmil.dev>
Date: Mon, 21 Aug 2023 18:01:46 +0200
Subject: [PATCH] SpringBoot: add user security

---
 backend/build.gradle                          |  5 ++-
 .../djmil/cordacheckers/ApiController.java    | 11 ++++++
 .../djmil/cordacheckers/SecurityConfig.java   | 38 +++++++++++++++++++
 3 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100644 backend/src/main/java/djmil/cordacheckers/SecurityConfig.java

diff --git a/backend/build.gradle b/backend/build.gradle
index 9144c67..9063fa1 100644
--- a/backend/build.gradle
+++ b/backend/build.gradle
@@ -16,12 +16,13 @@ repositories {
 }
 
 dependencies {
-	//implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
-	implementation 'org.springframework.boot:spring-boot-starter-webflux'
 	implementation 'org.apache.httpcomponents.client5:httpclient5:5.2.1'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testImplementation 'io.projectreactor:reactor-test'
+	developmentOnly 'org.springframework.boot:spring-boot-devtools'
+
 	//testImplementation 'org.springframework.security:spring-security-test'
 }
 
diff --git a/backend/src/main/java/djmil/cordacheckers/ApiController.java b/backend/src/main/java/djmil/cordacheckers/ApiController.java
index ed989e1..3970d61 100644
--- a/backend/src/main/java/djmil/cordacheckers/ApiController.java
+++ b/backend/src/main/java/djmil/cordacheckers/ApiController.java
@@ -1,5 +1,6 @@
 package djmil.cordacheckers;
 
+import java.security.Principal;
 import java.util.List;
 
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,4 +27,14 @@ public class ApiController {
         return ResponseEntity.ok(joke);
     }
 
+    /**
+     * 
+     * @return a Json list of active games
+     */
+    @GetMapping("/api/activegames")
+    public ResponseEntity<String> dashboard(Principal principal) {
+
+        return ResponseEntity.ok("{ \"ActiveGames\" : [\"game\", \"GAME\", \""+principal.getName()+ "\" ] }" );
+    }
+
 }
\ No newline at end of file
diff --git a/backend/src/main/java/djmil/cordacheckers/SecurityConfig.java b/backend/src/main/java/djmil/cordacheckers/SecurityConfig.java
new file mode 100644
index 0000000..9ea149d
--- /dev/null
+++ b/backend/src/main/java/djmil/cordacheckers/SecurityConfig.java
@@ -0,0 +1,38 @@
+package djmil.cordacheckers;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    UserDetailsService hardcodedCordaUsers(PasswordEncoder passwordEncoder) {
+        User.UserBuilder users = User.builder();
+	
+        UserDetails alice = users
+            .username("alice")
+            .password(passwordEncoder.encode("qaz123"))
+            .build();
+
+        UserDetails bob = users
+            .username("bob")
+            .password(passwordEncoder.encode("qaz123"))
+            .build();
+        
+        return new InMemoryUserDetailsManager(alice, bob);
+    }
+
+}