neviyn/ObservationDatabase
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Added basic authentication for some resources.

Browse Source
This commit is contained in:
neviyn 2018-09-21 12:51:13 +01:00
parent 61e00c4a43
commit 876a09bc85
7 changed files with 70 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/configuration.yml
View File

@ -11,4 +11,6 @@ database:
hibernate.hbm2ddl.auto: create
server:
rootPath: /api/
rootPath: /api/
adminPassword: "testPassword"

12
backend/src/main/java/uk/co/neviyn/Observations/ObservationsApplication.java
View File

@ -2,14 +2,19 @@ package uk.co.neviyn.Observations;
import io.dropwizard.Application;
import io.dropwizard.assets.AssetsBundle;
import io.dropwizard.auth.AuthDynamicFeature;
import io.dropwizard.auth.AuthValueFactoryProvider;
import io.dropwizard.auth.basic.BasicCredentialAuthFilter;
import io.dropwizard.db.DataSourceFactory;
import io.dropwizard.hibernate.HibernateBundle;
import io.dropwizard.jersey.setup.JerseyEnvironment;
import io.dropwizard.setup.Bootstrap;
import io.dropwizard.setup.Environment;
import uk.co.neviyn.Observations.auth.SimpleAuthenticator;
import uk.co.neviyn.Observations.core.Observation;
import uk.co.neviyn.Observations.core.Site;
import uk.co.neviyn.Observations.core.Tutor;
import uk.co.neviyn.Observations.core.User;
import uk.co.neviyn.Observations.dao.ObservationDao;
import uk.co.neviyn.Observations.dao.SiteDao;
import uk.co.neviyn.Observations.dao.TutorDao;
@ -45,6 +50,13 @@ public class ObservationsApplication extends Application<ObservationsConfigurati
@Override
public void run(ObservationsConfiguration observationsConfiguration, Environment environment) {
final JerseyEnvironment jersey = environment.jersey();
jersey.register(new AuthDynamicFeature(
new BasicCredentialAuthFilter.Builder<User>()
.setAuthenticator(new SimpleAuthenticator(observationsConfiguration.getAdminPassword()))
.setRealm("SECURITY")
.buildAuthFilter()
));
jersey.register(new AuthValueFactoryProvider.Binder<>(User.class));
TutorDao tutorDao = new TutorDao(hibernate.getSessionFactory());
SiteDao siteDao = new SiteDao(hibernate.getSessionFactory());
ObservationDao observationDao = new ObservationDao(hibernate.getSessionFactory());

10
backend/src/main/java/uk/co/neviyn/Observations/ObservationsConfiguration.java
View File

@ -3,6 +3,7 @@ package uk.co.neviyn.Observations;
import com.fasterxml.jackson.annotation.JsonProperty;
import io.dropwizard.Configuration;
import io.dropwizard.db.DataSourceFactory;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
@ -11,6 +12,10 @@ public class ObservationsConfiguration extends Configuration {
@NotNull
private DataSourceFactory database = new DataSourceFactory();
@Valid
@NotNull
private String adminPassword;
@JsonProperty("database")
public void setDataSourceFactory(DataSourceFactory factory) {
this.database = factory;
@ -21,4 +26,9 @@ public class ObservationsConfiguration extends Configuration {
return database;
}
@JsonProperty("adminPassword")
public String getAdminPassword() {
return adminPassword;
}
}

23
backend/src/main/java/uk/co/neviyn/Observations/auth/SimpleAuthenticator.java Normal file
View File

@ -0,0 +1,23 @@
package uk.co.neviyn.Observations.auth;
import io.dropwizard.auth.AuthenticationException;
import io.dropwizard.auth.Authenticator;
import io.dropwizard.auth.basic.BasicCredentials;
import lombok.AllArgsConstructor;
import uk.co.neviyn.Observations.core.User;
import java.util.Optional;
@AllArgsConstructor
public class SimpleAuthenticator implements Authenticator<BasicCredentials, User> {
private final String adminPassword;
@Override
public Optional<User> authenticate(BasicCredentials credentials) throws AuthenticationException {
if (adminPassword.equals(credentials.getPassword())) {
return Optional.of(new User(credentials.getUsername()));
}
return Optional.empty();
}
}

16
backend/src/main/java/uk/co/neviyn/Observations/core/User.java Normal file
View File

@ -0,0 +1,16 @@
package uk.co.neviyn.Observations.core;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.security.Principal;
@Data
@AllArgsConstructor
@NoArgsConstructor
public class User implements Principal {
private String name;
}

4
backend/src/main/java/uk/co/neviyn/Observations/resources/SiteResource.java
View File

@ -1,10 +1,12 @@
package uk.co.neviyn.Observations.resources;
import io.dropwizard.auth.Auth;
import io.dropwizard.hibernate.UnitOfWork;
import lombok.RequiredArgsConstructor;
import uk.co.neviyn.Observations.api.SelectOption;
import uk.co.neviyn.Observations.core.Site;
import uk.co.neviyn.Observations.core.Tutor;
import uk.co.neviyn.Observations.core.User;
import uk.co.neviyn.Observations.dao.SiteDao;
import javax.ws.rs.*;
@ -22,7 +24,7 @@ public class SiteResource {
@POST
@UnitOfWork
public Site add(String name) {
public Site add(@Auth User user, String name) {
return dao.persist(new Site(name));
}

4
backend/src/main/java/uk/co/neviyn/Observations/resources/TutorResource.java
View File

@ -1,11 +1,13 @@
package uk.co.neviyn.Observations.resources;
import com.fasterxml.jackson.annotation.JsonProperty;
import io.dropwizard.auth.Auth;
import io.dropwizard.hibernate.UnitOfWork;
import lombok.AllArgsConstructor;
import lombok.RequiredArgsConstructor;
import uk.co.neviyn.Observations.core.Site;
import uk.co.neviyn.Observations.core.Tutor;
import uk.co.neviyn.Observations.core.User;
import uk.co.neviyn.Observations.dao.SiteDao;
import uk.co.neviyn.Observations.dao.TutorDao;
@ -24,7 +26,7 @@ public class TutorResource {
@POST
@UnitOfWork
public Tutor add(NewTutor newTutor) {
public Tutor add(@Auth User user, NewTutor newTutor) {
final Site site = siteDao.get(newTutor.siteId);
final Tutor tutor = Tutor.builder().name(newTutor.name).site(site).build();
return dao.persist(tutor);