Revision 57264
Added by Michele Artini over 4 years ago
| modules/dnet-orgs-database-application/trunk/src/main/java/eu/dnetlib/organizations/controller/HomeController.java | ||
|---|---|---|
| 1 |
package eu.dnetlib.organizations.controller; |
|
| 2 |
|
|
| 3 |
import java.io.IOException; |
|
| 4 |
import java.security.Principal; |
|
| 5 |
import java.util.UUID; |
|
| 6 |
|
|
| 7 |
import javax.servlet.http.Cookie; |
|
| 8 |
import javax.servlet.http.HttpServletResponse; |
|
| 9 |
|
|
| 10 |
import org.apache.commons.io.IOUtils; |
|
| 11 |
import org.springframework.http.HttpStatus; |
|
| 12 |
import org.springframework.stereotype.Controller; |
|
| 13 |
import org.springframework.web.bind.annotation.CookieValue; |
|
| 14 |
import org.springframework.web.bind.annotation.RequestMapping; |
|
| 15 |
import org.springframework.web.bind.annotation.RequestMethod; |
|
| 16 |
|
|
| 17 |
@Controller |
|
| 18 |
public class HomeController {
|
|
| 19 |
|
|
| 20 |
private static final String TEMPORARY_AUTH_CODE = "TEMP_COOKIE"; |
|
| 21 |
|
|
| 22 |
@RequestMapping(value = "/", method = RequestMethod.GET) |
|
| 23 |
public void logout(@CookieValue(name = "auth_code", required = false) final String authCode, final HttpServletResponse res, final Principal principal) |
|
| 24 |
throws IOException {
|
|
| 25 |
res.setContentType("text/html");
|
|
| 26 |
|
|
| 27 |
if (authCode == null) {
|
|
| 28 |
res.addCookie(new Cookie("auth_code", TEMPORARY_AUTH_CODE));
|
|
| 29 |
IOUtils.copy(getClass().getResourceAsStream("/templates/redirect.html"), res.getOutputStream());
|
|
| 30 |
} else if (authCode.equals(TEMPORARY_AUTH_CODE) || principal == null) {
|
|
| 31 |
res.setStatus(HttpStatus.UNAUTHORIZED.value()); |
|
| 32 |
res.setHeader("WWW-Authenticate", "Basic realm=\"Realm\"");
|
|
| 33 |
res.setHeader("X-Content-Type-Options", "nosniff");
|
|
| 34 |
res.setHeader("X-XSS-Protection", "1; mode=block");
|
|
| 35 |
res.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
|
|
| 36 |
res.setHeader("Pragma", "no-cache");
|
|
| 37 |
res.setHeader("Expires", "0");
|
|
| 38 |
res.setHeader("X-Frame-Options", "DENY");
|
|
| 39 |
res.addCookie(new Cookie("auth_code", UUID.randomUUID().toString()));
|
|
| 40 |
IOUtils.copy(getClass().getResourceAsStream("/templates/redirect.html"), res.getOutputStream());
|
|
| 41 |
} else {
|
|
| 42 |
IOUtils.copy(getClass().getResourceAsStream("/templates/home.html"), res.getOutputStream());
|
|
| 43 |
} |
|
| 44 |
|
|
| 45 |
} |
|
| 46 |
} |
|
| modules/dnet-orgs-database-application/trunk/src/main/java/eu/dnetlib/organizations/WebSecurityConfig.java | ||
|---|---|---|
| 23 | 23 |
protected void configure(final HttpSecurity http) throws Exception {
|
| 24 | 24 |
|
| 25 | 25 |
http.authorizeRequests() |
| 26 |
.antMatchers("/swagger-ui.html", "/resources/**", "/messages/**").permitAll()
|
|
| 27 |
.antMatchers("/", "/api").fullyAuthenticated()
|
|
| 26 |
.antMatchers("/", "/swagger-ui.html", "/resources/**", "/messages/**").permitAll()
|
|
| 27 |
.antMatchers("/api/**").fullyAuthenticated()
|
|
| 28 | 28 |
.and() |
| 29 | 29 |
.httpBasic() |
| 30 | 30 |
.and() |
| 31 | 31 |
.logout() |
| 32 | 32 |
.logoutSuccessUrl("/messages/logout.html").permitAll()
|
| 33 | 33 |
.deleteCookies("auth_code", "JSESSIONID")
|
| 34 |
.clearAuthentication(false)
|
|
| 34 |
.clearAuthentication(true)
|
|
| 35 | 35 |
.invalidateHttpSession(true) |
| 36 | 36 |
.and() |
| 37 | 37 |
.csrf().disable(); |
| modules/dnet-orgs-database-application/trunk/src/main/resources/sql/samples.sql | ||
|---|---|---|
| 3 | 3 |
INSERT INTO openaire_simrels(local_id, oa_id, oa_original_id, oa_name, oa_acronym, oa_country, oa_url, oa_collectedfrom) VALUES ('openorgs____::000248a304b41b83bed813260b2afec1','re3data_____::84913f34770f5f7f92af45775009580d','r3344','Institute of Informatics and Telematics','IIT','IT','http://','re3data');
|
| 4 | 4 |
INSERT INTO openaire_simrels(local_id, oa_id, oa_original_id, oa_name, oa_acronym, oa_country, oa_url, oa_collectedfrom) VALUES ('openorgs____::000248a304b41b83bed813260b2afec1','ec__________::9fdd5957f12affa9b7e50cad05c280b3', '9994324','Istituto Italiano di Tecnologia ','IIT','IT','http://','EC');
|
| 5 | 5 |
|
| 6 |
INSERT INTO users(email, password, valid, role) VALUES ('michele.artini@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'SUPERUSER');
|
|
| 7 |
INSERT INTO users(email, password, valid, role) VALUES ('emma.lazzeri@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'USER');
|
|
| 8 |
INSERT INTO users(email, password, valid, role) VALUES ('paolo.manghi@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'USER');
|
|
| 6 |
INSERT INTO users(email, password, valid, role) VALUES ('michele', '{MD5}'||MD5('dnet'), true, 'SUPERUSER');
|
|
| 7 |
INSERT INTO users(email, password, valid, role) VALUES ('emma', '{MD5}'||MD5('dnet'), true, 'USER');
|
|
| 8 |
INSERT INTO users(email, password, valid, role) VALUES ('paolo', '{MD5}'||MD5('dnet'), true, 'USER');
|
|
| 9 | 9 |
|
| 10 |
INSERT INTO user_countries VALUES ('emma.lazzeri@isti.cnr.it', 'IT');
|
|
| 11 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'IT');
|
|
| 12 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'GR');
|
|
| 13 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'GB');
|
|
| 10 |
INSERT INTO user_countries VALUES ('emma', 'IT');
|
|
| 11 |
INSERT INTO user_countries VALUES ('paolo', 'IT');
|
|
| 12 |
INSERT INTO user_countries VALUES ('paolo', 'GR');
|
|
| 13 |
INSERT INTO user_countries VALUES ('paolo', 'GB');
|
|
| modules/dnet-orgs-database-application/trunk/src/main/resources/static/index.html | ||
|---|---|---|
| 1 |
<!doctype html> |
|
| 2 |
<html lang="en"> |
|
| 3 |
|
|
| 4 |
<head> |
|
| 5 |
<!-- Required meta tags --> |
|
| 6 |
<meta charset="utf-8"> |
|
| 7 |
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> |
|
| 8 |
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate"> |
|
| 9 |
<meta http-equiv="Pragma" content="no-cache"> |
|
| 10 |
<meta http-equiv="Expires" content="0"> |
|
| 11 |
|
|
| 12 |
<!-- Bootstrap CSS --> |
|
| 13 |
<link rel="stylesheet" href="resources/css/bootstrap.min.css" /> |
|
| 14 |
|
|
| 15 |
<style type="text/css"> |
|
| 16 |
.table > tbody > tr > td {
|
|
| 17 |
vertical-align: middle; |
|
| 18 |
} |
|
| 19 |
.card > .table {
|
|
| 20 |
margin-bottom: 0 !important; |
|
| 21 |
} |
|
| 22 |
</style> |
|
| 23 |
|
|
| 24 |
|
|
| 25 |
<title>Organizations Database</title> |
|
| 26 |
|
|
| 27 |
</head> |
|
| 28 |
|
|
| 29 |
<body ng-app="orgs"> |
|
| 30 |
<nav class="navbar navbar-expand-lg navbar-light bg-light" ng-controller="userCtrl"> |
|
| 31 |
<a class="navbar-brand" href="#"> <img |
|
| 32 |
src="resources/images/openaire_logo_small.png" width="30" height="30" alt=""> |
|
| 33 |
Organizations |
|
| 34 |
</a> |
|
| 35 |
<button class="navbar-toggler" type="button" data-toggle="collapse" |
|
| 36 |
data-target="#navbarSupportedContent"> |
|
| 37 |
<span class="navbar-toggler-icon"></span> |
|
| 38 |
</button> |
|
| 39 |
|
|
| 40 |
<div class="collapse navbar-collapse w-100 order-1" id="navbarSupportedContent"> |
|
| 41 |
<ul class="navbar-nav mr-auto"> |
|
| 42 |
<li class="nav-item active"><a class="nav-link" href="#">Search</a></li> |
|
| 43 |
<li class="nav-item dropdown"><a |
|
| 44 |
class="nav-link dropdown-toggle" href="javascript:void(0)" id="navbarDropdown" |
|
| 45 |
role="button" data-toggle="dropdown">Browse</a> |
|
| 46 |
<div class="dropdown-menu"> |
|
| 47 |
<a class="dropdown-item" href="#!/countries">by country</a> <a |
|
| 48 |
class="dropdown-item" href="#!/types">by type</a> |
|
| 49 |
</div></li> |
|
| 50 |
<li class="nav-item"><a class="nav-link" href="#!/new">New</a></li> |
|
| 51 |
|
|
| 52 |
</ul> |
|
| 53 |
</div> |
|
| 54 |
|
|
| 55 |
<div class="navbar-collapse collapse w-100 order-2"> |
|
| 56 |
<ul class="navbar-nav ml-auto"> |
|
| 57 |
<li class="nav-item dropdown"> |
|
| 58 |
<a class="nav-link dropdown-toggle" href="javascript:void(0)" data-toggle="dropdown">{{user}}</a>
|
|
| 59 |
<div class="dropdown-menu"> |
|
| 60 |
<a class="dropdown-item" href="javascript:void(0)" ng-click="logout()">Logout</a> |
|
| 61 |
</div> |
|
| 62 |
</li> |
|
| 63 |
<li class="nav-item"><a class="btn btn-outline-primary" href="/doc">API</a></li> |
|
| 64 |
</ul> |
|
| 65 |
</div> |
|
| 66 |
|
|
| 67 |
</nav> |
|
| 68 |
|
|
| 69 |
<div class="container-fluid small mt-4" ng-view></div> |
|
| 70 |
|
|
| 71 |
<script src="resources/js/jquery-3.4.1.min.js"></script> |
|
| 72 |
<script src="resources/js/popper.min.js"></script> |
|
| 73 |
<script src="resources/js/bootstrap.min.js"></script> |
|
| 74 |
<script src="resources/js/angular.min.js"></script> |
|
| 75 |
<script src="resources/js/angular-route.min.js"></script> |
|
| 76 |
<script src="resources/js/organizations.js"></script> |
|
| 77 |
</body> |
|
| 78 |
|
|
| 79 |
</html> |
|
| modules/dnet-orgs-database-application/trunk/src/main/resources/static/messages/logout.html | ||
|---|---|---|
| 22 | 22 |
<div class="card text-center" style="margin-top: 25px"> |
| 23 | 23 |
<div class="card-header">Organizations Database</div> |
| 24 | 24 |
<div class="card-body"> |
| 25 |
<h5 class="card-title" ng-if="!logged">You have been logged out !!!</h5> |
|
| 26 |
<h5 class="card-title" ng-if="logged">Performing logout ...</h5> |
|
| 27 |
<p class="card-text" ng-if="!logged">You will be redicted to the homepage between {{seconds}} second(s)</p>
|
|
| 28 |
<button class="btn btn-sm btn-primary" ng-click="homepage()" ng-disabled="isLogged">return to homepage</button> |
|
| 25 |
<h5 class="card-title">You have been logged out !!!</h5> |
|
| 26 |
<p class="card-text">You will be redicted to the homepage between {{seconds}} second(s)</p>
|
|
| 27 |
<button class="btn btn-sm btn-primary" ng-click="homepage()">return to homepage</button> |
|
| 29 | 28 |
</div> |
| 30 | 29 |
</div> |
| 31 | 30 |
</div> |
| ... | ... | |
| 41 | 40 |
.controller('logoutCtrl', function($scope, $http, $timeout) {
|
| 42 | 41 |
|
| 43 | 42 |
$scope.seconds = 5; |
| 44 |
$scope.isLogged = true; |
|
| 43 |
|
|
| 45 | 44 |
$scope.homepage = function() { location.href = '/'; }
|
| 46 | 45 |
$scope.onTimeout = function() {
|
| 47 | 46 |
$scope.seconds--; |
| ... | ... | |
| 51 | 50 |
$scope.homepage(); |
| 52 | 51 |
} |
| 53 | 52 |
}; |
| 54 |
|
|
| 55 |
jQuery.ajax({ type: "GET", url: "/", async: true, username: "log", password: "out", headers: { "Authorization": "Basic xxx" } })
|
|
| 56 |
.done(function() {})
|
|
| 57 |
.fail(function() {
|
|
| 58 |
$scope.isLogged = false; |
|
| 59 |
$timeout($scope.onTimeout, 1000); |
|
| 60 |
}); |
|
| 61 | 53 |
|
| 54 |
$timeout($scope.onTimeout, 1000); |
|
| 55 |
|
|
| 62 | 56 |
}); |
| 63 | 57 |
</script> |
| 64 | 58 |
|
| modules/dnet-orgs-database-application/trunk/src/main/resources/templates/redirect.html | ||
|---|---|---|
| 1 |
<html> |
|
| 2 |
<meta http-equiv="refresh" content="0"> |
|
| 3 |
</html> |
|
| modules/dnet-orgs-database-application/trunk/src/main/resources/templates/home.html | ||
|---|---|---|
| 1 |
<!doctype html> |
|
| 2 |
<html lang="en"> |
|
| 3 |
|
|
| 4 |
<head> |
|
| 5 |
<!-- Required meta tags --> |
|
| 6 |
<meta charset="utf-8"> |
|
| 7 |
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> |
|
| 8 |
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate"> |
|
| 9 |
<meta http-equiv="Pragma" content="no-cache"> |
|
| 10 |
<meta http-equiv="Expires" content="0"> |
|
| 11 |
|
|
| 12 |
<!-- Bootstrap CSS --> |
|
| 13 |
<link rel="stylesheet" href="resources/css/bootstrap.min.css" /> |
|
| 14 |
|
|
| 15 |
<style type="text/css"> |
|
| 16 |
.table > tbody > tr > td {
|
|
| 17 |
vertical-align: middle; |
|
| 18 |
} |
|
| 19 |
.card > .table {
|
|
| 20 |
margin-bottom: 0 !important; |
|
| 21 |
} |
|
| 22 |
</style> |
|
| 23 |
|
|
| 24 |
|
|
| 25 |
<title>Organizations Database</title> |
|
| 26 |
|
|
| 27 |
</head> |
|
| 28 |
|
|
| 29 |
<body ng-app="orgs"> |
|
| 30 |
<nav class="navbar navbar-expand-lg navbar-light bg-light" ng-controller="userCtrl"> |
|
| 31 |
<a class="navbar-brand" href="#"> <img |
|
| 32 |
src="resources/images/openaire_logo_small.png" width="30" height="30" alt=""> |
|
| 33 |
Organizations |
|
| 34 |
</a> |
|
| 35 |
<button class="navbar-toggler" type="button" data-toggle="collapse" |
|
| 36 |
data-target="#navbarSupportedContent"> |
|
| 37 |
<span class="navbar-toggler-icon"></span> |
|
| 38 |
</button> |
|
| 39 |
|
|
| 40 |
<div class="collapse navbar-collapse w-100 order-1" id="navbarSupportedContent"> |
|
| 41 |
<ul class="navbar-nav mr-auto"> |
|
| 42 |
<li class="nav-item active"><a class="nav-link" href="#">Search</a></li> |
|
| 43 |
<li class="nav-item dropdown"><a |
|
| 44 |
class="nav-link dropdown-toggle" href="javascript:void(0)" id="navbarDropdown" |
|
| 45 |
role="button" data-toggle="dropdown">Browse</a> |
|
| 46 |
<div class="dropdown-menu"> |
|
| 47 |
<a class="dropdown-item" href="#!/countries">by country</a> <a |
|
| 48 |
class="dropdown-item" href="#!/types">by type</a> |
|
| 49 |
</div></li> |
|
| 50 |
<li class="nav-item"><a class="nav-link" href="#!/new">New</a></li> |
|
| 51 |
|
|
| 52 |
</ul> |
|
| 53 |
</div> |
|
| 54 |
|
|
| 55 |
<div class="navbar-collapse collapse w-100 order-2"> |
|
| 56 |
<ul class="navbar-nav ml-auto"> |
|
| 57 |
<li class="nav-item dropdown"> |
|
| 58 |
<a class="nav-link dropdown-toggle" href="javascript:void(0)" data-toggle="dropdown">{{user}}</a>
|
|
| 59 |
<div class="dropdown-menu"> |
|
| 60 |
<a class="dropdown-item" href="javascript:void(0)" ng-click="logout()">Logout</a> |
|
| 61 |
</div> |
|
| 62 |
</li> |
|
| 63 |
<li class="nav-item"><a class="btn btn-outline-primary" href="/doc">API</a></li> |
|
| 64 |
</ul> |
|
| 65 |
</div> |
|
| 66 |
|
|
| 67 |
</nav> |
|
| 68 |
|
|
| 69 |
<div class="container-fluid small mt-4" ng-view></div> |
|
| 70 |
|
|
| 71 |
<script src="resources/js/jquery-3.4.1.min.js"></script> |
|
| 72 |
<script src="resources/js/popper.min.js"></script> |
|
| 73 |
<script src="resources/js/bootstrap.min.js"></script> |
|
| 74 |
<script src="resources/js/angular.min.js"></script> |
|
| 75 |
<script src="resources/js/angular-route.min.js"></script> |
|
| 76 |
<script src="resources/js/organizations.js"></script> |
|
| 77 |
</body> |
|
| 78 |
|
|
| 79 |
</html> |
|
Also available in: Unified diff
simple authentication (with logout ?)