diff --git a/src/main/java/com/projet/projetIndu/controllers/LoginController.java b/src/main/java/com/projet/projetIndu/controllers/LoginController.java
deleted file mode 100644
index 6e23cc15c7a8e0cdb32104b6cfaa477fbb1fec67..0000000000000000000000000000000000000000
--- a/src/main/java/com/projet/projetIndu/controllers/LoginController.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package com.projet.projetIndu.controllers;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
-
-@Controller
-public class LoginController {
-
- @GetMapping("/login")
- public String showLoginForm() {
- return "login"; // Correspond à login.html
- }
-}
diff --git a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
index 35e1e524e775e656de41371a8554484cc27c1422..5f8186108fe6c897ba0933f64f10eb6ba3c6ebc9 100644
--- a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
+++ b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
@@ -8,6 +8,8 @@ import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
+import java.util.Optional;
+
@Service
public class CustomUserDetailsService implements UserDetailsService {
@@ -20,15 +22,24 @@ public class CustomUserDetailsService implements UserDetailsService {
@Override
@Transactional
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
- User user = userRepository.findByEmail(email)
- .orElseThrow(() -> new UsernameNotFoundException("Utilisateur non trouvé avec l'email : " + email));
+ System.out.println("Tentative de connexion avec l'email : " + email);
+ Optional<User> optionalUser = userRepository.findByEmail(email);
+
+ if (optionalUser.isEmpty()) {
+ System.out.println("Utilisateur non trouvé !");
+ throw new UsernameNotFoundException("Utilisateur non trouvé avec l'email : " + email);
+ }
+
+ User user = optionalUser.get();
+ System.out.println("Utilisateur trouvé : " + user.getEmail() + " | Rôle : " + user.getRole());
return org.springframework.security.core.userdetails.User.builder()
.username(user.getEmail()) // L'email sert d'identifiant
.password(user.getPassword()) // Mot de passe hashé en BDD
- .roles(user.getRole().name()) // Récupération du rôle
+ .roles("ROLE_" + user.getRole())
.build();
}
+
}
diff --git a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
index b40bb41a80957938ad3f708ac00cbc747cf0d0a5..a792fe8299610ebe2a9edde860394260983d3c03 100644
--- a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
+++ b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
@@ -3,7 +3,10 @@ package com.projet.projetIndu.security;
import com.projet.projetIndu.repositories.UserRepository;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@@ -20,17 +23,34 @@ public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http
- .authorizeHttpRequests(auth -> auth
- .requestMatchers("/admin/**").hasRole("ADMIN") // Accès réservé aux admins
- .requestMatchers("/doctors/**").hasRole("DOCTOR") // Accès aux médecins
- .requestMatchers("/patients/**").hasRole("PATIENT") // Accès aux patients
- .anyRequest().authenticated()
- )
+ http.authorizeHttpRequests(auth -> auth
+ .requestMatchers("/", "/login", "/register", "/css/**", "/js/**").permitAll()
+ .requestMatchers("/admin/**").hasAuthority("ROLE_ADMIN")
+ .requestMatchers("/doctors/**").hasAuthority("ROLE_DOCTOR")
+ .requestMatchers("/patients/**").hasAuthority("ROLE_PATIENT")
+ .anyRequest().authenticated()
+ )
.formLogin(form -> form
.loginPage("/login")
.usernameParameter("email")
- .defaultSuccessUrl("/", true)
+ .passwordParameter("password")
+ .successHandler((request, response, authentication) -> {
+ // Gestion des redirections selon les rôles
+ String role = authentication.getAuthorities().stream()
+ .map(GrantedAuthority::getAuthority)
+ .findFirst()
+ .orElse(""); // Prévient une exception si aucun rôle
+ if (role.equals("ROLE_ADMIN")) {
+ response.sendRedirect("/admin/dashboard");
+ } else if (role.equals("ROLE_DOCTOR")) {
+ response.sendRedirect("/doctors/dashboard");
+ } else if (role.equals("ROLE_PATIENT")) {
+ response.sendRedirect("/patients/dashboard");
+ } else {
+ response.sendRedirect("/"); // URL par défaut
+ }
+ })
+ .failureUrl("/login?error=true") // En cas d'échec d'authentification
.permitAll()
)
.logout(logout -> logout
@@ -39,7 +59,6 @@ public class SecurityConfig {
.permitAll()
);
-
return http.build();
}
@@ -49,4 +68,15 @@ public class SecurityConfig {
}
+ @Bean
+ public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder passwordEncoder, UserDetailsService userDetailsService) throws Exception {
+ AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
+ authenticationManagerBuilder
+ .userDetailsService(userDetailsService)
+ .passwordEncoder(passwordEncoder);
+
+ return authenticationManagerBuilder.build();
+ }
+
+
}
\ No newline at end of file
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
index f2b5c1f4a3e4095a194fd363c82f7e304a970cff..772aea643864d7ecbd9505583f4aab07cffd9f6b 100644
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@@ -13,8 +13,8 @@
<h3 class="text-center mb-3">Connexion</h3>
<form th:action="@{/login}" method="post">
<div class="mb-3">
- <label for="username" class="form-label">Nom d'utilisateur</label>
- <input type="text" class="form-control" id="username" name="username" required>
+ <label for="email" class="form-label">Nom d'utilisateur</label>
+ <input type="text" class="form-control" id="email" name="email" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Mot de passe</label>