Merge branch 'main' of https://github.com/CodeURJC-DAW-2021-22/webapp9 into JuanFase3

Author: JLRR2019

backend/gamelink/Docker-compose.yml

@@ -9,7 +9,7 @@ services:
     environment:
       - SPRING_DATASOURCE_URL=jdbc:postgresql://db:5432/gamelink
       - SPRING_DATASOURCE_USERNAME=postgres
-      - SPRING_DATASOURCE_PASSWORD=password
+      - SPRING_DATASOURCE_PASSWORD=Juanluis-123
       - SPRING_JPA_HIBERNATE_DLL_AUTO=update
       - SPRING_JPA_SHOW_SQL=true
     restart: on-failure
@@ -21,7 +21,7 @@ services:
     restart: always
     environment:
       - POSTGRES_USER=postgres
-      - POSTGRES_PASSWORD=password
+      - POSTGRES_PASSWORD=Juanluis-123
       - POSTGRES_DB=gamelink
     volumes:
       - ./postgres:/var/lib/postgres

backend/gamelink/pom.xml

@@ -52,6 +52,11 @@
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
 		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.9.1</version>
+		</dependency>
+		<!-- <dependency>
 			<groupId>io.jsonwebtoken</groupId>
 			<artifactId>jjwt-impl</artifactId>
 			<version>0.11.1</version>
@@ -65,7 +70,7 @@
 			<groupId>io.jsonwebtoken</groupId>
 			<artifactId>jjwt-jackson</artifactId>
 			<version>0.11.1</version>
-		</dependency>
+		</dependency> -->
 			<dependency>
 			<groupId>org.springdoc</groupId>
 			<artifactId>springdoc-openapi-ui</artifactId>

backend/gamelink/src/main/java/urjc/gamelink/Configuration/Security/RestSecurityConfig.java

@@ -51,7 +51,7 @@ protected void configure(HttpSecurity http) throws Exception {
 		// URLs that need authentication to access to it
 		http.authorizeRequests().antMatchers(HttpMethod.POST, "/api/**").permitAll();
 		http.authorizeRequests().antMatchers(HttpMethod.PUT, "/api/**").permitAll();
-		http.authorizeRequests().antMatchers(HttpMethod.DELETE, "/api/**").permitAll();	
+		http.authorizeRequests().antMatchers(HttpMethod.DELETE, "/api/**").hasAnyRole("ADMIN");
 
 		// Other URLs can be accessed without authentication
 		http.authorizeRequests().anyRequest().permitAll();

backend/gamelink/src/main/java/urjc/gamelink/Configuration/Security/jwt/JwtTokenProvider.java

@@ -48,7 +48,7 @@ public Authentication getAuthentication(String token) {
 	}
 
 	public String getUsername(String token) {
-		return ((JwtParser) Jwts.parserBuilder().setSigningKey(jwtSecret)).parseClaimsJws(token).getBody().getSubject();
+		return Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody().getSubject();
 	}
 
 	public String resolveToken(HttpServletRequest req) {
@@ -61,7 +61,7 @@ public String resolveToken(HttpServletRequest req) {
 
 	public boolean validateToken(String token) {
 		try {
-			((JwtParser) Jwts.parserBuilder().setSigningKey(jwtSecret)).parseClaimsJws(token);
+			Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token);
 			return true;
 		} catch (MalformedJwtException ex) {
 			LOG.debug("Invalid JWT token");

backend/gamelink/src/main/java/urjc/gamelink/Controllers/LoginRestController.java

@@ -22,29 +22,31 @@
 @RequestMapping("/api/auth")
 public class LoginRestController {
 
-    @Autowired
-    private UserLoginService userService;
 
-    @PostMapping("/login")
-    public ResponseEntity<AuthResponse> login(
-            @CookieValue(name = "accessToken", required = false) String accessToken,
-            @CookieValue(name = "refreshToken", required = false) String refreshToken,
-            @RequestBody LoginRequest loginRequest) {
-
-        return userService.login(loginRequest, accessToken, refreshToken);
-    }
-
-    @PostMapping("/refresh")
-    public ResponseEntity<AuthResponse> refreshToken(
-            @CookieValue(name = "refreshToken", required = false) String refreshToken) {
-
-        return userService.refresh(refreshToken);
-    }
-
-    @PostMapping("/logout")
-    public ResponseEntity<AuthResponse> logOut(HttpServletRequest request, HttpServletResponse response) {
-
-        return ResponseEntity.ok(new AuthResponse(Status.SUCCESS, userService.logout(request, response)));
+        
+        @Autowired
+        private UserLoginService userService;
+    
+        @PostMapping("/login")
+        public ResponseEntity<AuthResponse> login(
+                @CookieValue(name = "accessToken", required = false) String accessToken,
+                @CookieValue(name = "refreshToken", required = false) String refreshToken,
+                @RequestBody LoginRequest loginRequest) {
+            
+            return userService.login(loginRequest, accessToken, refreshToken);
+        }
+    
+        @PostMapping("/refresh")
+        public ResponseEntity<AuthResponse> refreshToken(
+                @CookieValue(name = "refreshToken", required = false) String refreshToken) {
+    
+            return userService.refresh(refreshToken);
+        }
+    
+        @PostMapping("/logout")
+        public ResponseEntity<AuthResponse> logOut(HttpServletRequest request, HttpServletResponse response) {
+    
+            return ResponseEntity.ok(new AuthResponse(Status.SUCCESS, userService.logout(request, response)));
+        }
     }
 
-}