From 70de54d6e8a7ed854a7d270b495272581b5784f9 Mon Sep 17 00:00:00 2001
From: Jessie Ragot <jessie.ragot@hotmail.com>
Date: Thu, 27 Feb 2025 10:57:54 +0100
Subject: [PATCH] Authentification functional, session management is not yet
 optimal and media files are absent but present in database

---
 .../controllers/LoginController.java          | 13 ++++
 .../security/CustomUserDetailsService.java    |  6 +-
 .../projetIndu/security/SecurityConfig.java   | 59 ++++++++++---------
 3 files changed, 48 insertions(+), 30 deletions(-)
 create mode 100644 src/main/java/com/projet/projetIndu/controllers/LoginController.java

diff --git a/src/main/java/com/projet/projetIndu/controllers/LoginController.java b/src/main/java/com/projet/projetIndu/controllers/LoginController.java
new file mode 100644
index 0000000..4d5194a
--- /dev/null
+++ b/src/main/java/com/projet/projetIndu/controllers/LoginController.java
@@ -0,0 +1,13 @@
+package com.projet.projetIndu.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class LoginController {
+    @GetMapping("/login")
+    public String loginPage() {
+        return "login";
+    }
+}
+
diff --git a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
index 5f81861..d67019b 100644
--- a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
+++ b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
@@ -34,9 +34,9 @@ public class CustomUserDetailsService implements UserDetailsService {
         System.out.println("Utilisateur trouvé : " + user.getEmail() + " | Rôle : " + user.getRole());
 
         return org.springframework.security.core.userdetails.User.builder()
-                .username(user.getEmail()) // L'email sert d'identifiant
-                .password(user.getPassword()) // Mot de passe hashé en BDD
-                .roles("ROLE_" + user.getRole())
+                .username(user.getEmail())
+                .password(user.getPassword())
+                .authorities("ROLE_" + user.getRole())
                 .build();
     }
 
diff --git a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
index a792fe8..bbfd926 100644
--- a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
+++ b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
@@ -4,9 +4,9 @@ import com.projet.projetIndu.repositories.UserRepository;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
@@ -25,34 +25,41 @@ public class SecurityConfig {
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests(auth -> auth
                         .requestMatchers("/", "/login", "/register", "/css/**", "/js/**").permitAll()
-                        .requestMatchers("/admin/**").hasAuthority("ROLE_ADMIN")
-                        .requestMatchers("/doctors/**").hasAuthority("ROLE_DOCTOR")
-                        .requestMatchers("/patients/**").hasAuthority("ROLE_PATIENT")
-                        .anyRequest().authenticated()
+                        .requestMatchers("/admin/**").hasRole("ADMIN")
+                        .requestMatchers("/doctors/**").hasRole("DOCTOR")
+                        .requestMatchers("/patients/**").hasRole("PATIENT")
+                        .anyRequest().permitAll()
                 )
                 .formLogin(form -> form
                         .loginPage("/login")
                         .usernameParameter("email")
                         .passwordParameter("password")
+                        .defaultSuccessUrl("/", false) // Redirige vers l'accueil en évitant la boucle infinie
                         .successHandler((request, response, authentication) -> {
-                            // Gestion des redirections selon les rôles
-                            String role = authentication.getAuthorities().stream()
-                                    .map(GrantedAuthority::getAuthority)
-                                    .findFirst()
-                                    .orElse(""); // Prévient une exception si aucun rôle
-                            if (role.equals("ROLE_ADMIN")) {
-                                response.sendRedirect("/admin/dashboard");
-                            } else if (role.equals("ROLE_DOCTOR")) {
-                                response.sendRedirect("/doctors/dashboard");
-                            } else if (role.equals("ROLE_PATIENT")) {
-                                response.sendRedirect("/patients/dashboard");
-                            } else {
-                                response.sendRedirect("/"); // URL par défaut
+                            if (response.isCommitted()) return; // Évite une double redirection
+
+                            String role = authentication.getAuthorities().iterator().next().getAuthority();
+
+                            switch (role) {
+                                case "ROLE_ADMIN" -> response.sendRedirect("/admin/dashboard");
+                                case "ROLE_DOCTOR" -> response.sendRedirect("/doctors/dashboard");
+                                case "ROLE_PATIENT" -> response.sendRedirect("/patients/dashboard");
+                                default -> response.sendRedirect("/");
                             }
                         })
-                        .failureUrl("/login?error=true") // En cas d'échec d'authentification
+
+
+                        .failureHandler((request, response, exception) -> {
+                            response.sendRedirect("/login?error=true");
+                        })
                         .permitAll()
                 )
+
+                .sessionManagement(session -> session
+                        .maximumSessions(1)
+                        .expiredUrl("/login?expired=true") // Redirige proprement si la session expire
+                )
+
                 .logout(logout -> logout
                         .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                         .logoutSuccessUrl("/login?logout")
@@ -69,13 +76,11 @@ public class SecurityConfig {
 
 
     @Bean
-    public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder passwordEncoder, UserDetailsService userDetailsService) throws Exception {
-        AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
-        authenticationManagerBuilder
-                .userDetailsService(userDetailsService)
-                .passwordEncoder(passwordEncoder);
-
-        return authenticationManagerBuilder.build();
+    public AuthenticationManager authenticationManager(UserDetailsService userDetailsService, BCryptPasswordEncoder passwordEncoder) {
+        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
+        provider.setUserDetailsService(userDetailsService);
+        provider.setPasswordEncoder(passwordEncoder);
+        return new ProviderManager(provider);
     }
 
 
-- 
GitLab