Revision 57264
Added by Michele Artini over 4 years ago
modules/dnet-orgs-database-application/trunk/src/main/java/eu/dnetlib/organizations/controller/HomeController.java | ||
---|---|---|
1 |
package eu.dnetlib.organizations.controller; |
|
2 |
|
|
3 |
import java.io.IOException; |
|
4 |
import java.security.Principal; |
|
5 |
import java.util.UUID; |
|
6 |
|
|
7 |
import javax.servlet.http.Cookie; |
|
8 |
import javax.servlet.http.HttpServletResponse; |
|
9 |
|
|
10 |
import org.apache.commons.io.IOUtils; |
|
11 |
import org.springframework.http.HttpStatus; |
|
12 |
import org.springframework.stereotype.Controller; |
|
13 |
import org.springframework.web.bind.annotation.CookieValue; |
|
14 |
import org.springframework.web.bind.annotation.RequestMapping; |
|
15 |
import org.springframework.web.bind.annotation.RequestMethod; |
|
16 |
|
|
17 |
@Controller |
|
18 |
public class HomeController { |
|
19 |
|
|
20 |
private static final String TEMPORARY_AUTH_CODE = "TEMP_COOKIE"; |
|
21 |
|
|
22 |
@RequestMapping(value = "/", method = RequestMethod.GET) |
|
23 |
public void logout(@CookieValue(name = "auth_code", required = false) final String authCode, final HttpServletResponse res, final Principal principal) |
|
24 |
throws IOException { |
|
25 |
res.setContentType("text/html"); |
|
26 |
|
|
27 |
if (authCode == null) { |
|
28 |
res.addCookie(new Cookie("auth_code", TEMPORARY_AUTH_CODE)); |
|
29 |
IOUtils.copy(getClass().getResourceAsStream("/templates/redirect.html"), res.getOutputStream()); |
|
30 |
} else if (authCode.equals(TEMPORARY_AUTH_CODE) || principal == null) { |
|
31 |
res.setStatus(HttpStatus.UNAUTHORIZED.value()); |
|
32 |
res.setHeader("WWW-Authenticate", "Basic realm=\"Realm\""); |
|
33 |
res.setHeader("X-Content-Type-Options", "nosniff"); |
|
34 |
res.setHeader("X-XSS-Protection", "1; mode=block"); |
|
35 |
res.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate"); |
|
36 |
res.setHeader("Pragma", "no-cache"); |
|
37 |
res.setHeader("Expires", "0"); |
|
38 |
res.setHeader("X-Frame-Options", "DENY"); |
|
39 |
res.addCookie(new Cookie("auth_code", UUID.randomUUID().toString())); |
|
40 |
IOUtils.copy(getClass().getResourceAsStream("/templates/redirect.html"), res.getOutputStream()); |
|
41 |
} else { |
|
42 |
IOUtils.copy(getClass().getResourceAsStream("/templates/home.html"), res.getOutputStream()); |
|
43 |
} |
|
44 |
|
|
45 |
} |
|
46 |
} |
modules/dnet-orgs-database-application/trunk/src/main/java/eu/dnetlib/organizations/WebSecurityConfig.java | ||
---|---|---|
23 | 23 |
protected void configure(final HttpSecurity http) throws Exception { |
24 | 24 |
|
25 | 25 |
http.authorizeRequests() |
26 |
.antMatchers("/swagger-ui.html", "/resources/**", "/messages/**").permitAll() |
|
27 |
.antMatchers("/", "/api").fullyAuthenticated()
|
|
26 |
.antMatchers("/", "/swagger-ui.html", "/resources/**", "/messages/**").permitAll()
|
|
27 |
.antMatchers("/api/**").fullyAuthenticated()
|
|
28 | 28 |
.and() |
29 | 29 |
.httpBasic() |
30 | 30 |
.and() |
31 | 31 |
.logout() |
32 | 32 |
.logoutSuccessUrl("/messages/logout.html").permitAll() |
33 | 33 |
.deleteCookies("auth_code", "JSESSIONID") |
34 |
.clearAuthentication(false)
|
|
34 |
.clearAuthentication(true)
|
|
35 | 35 |
.invalidateHttpSession(true) |
36 | 36 |
.and() |
37 | 37 |
.csrf().disable(); |
modules/dnet-orgs-database-application/trunk/src/main/resources/sql/samples.sql | ||
---|---|---|
3 | 3 |
INSERT INTO openaire_simrels(local_id, oa_id, oa_original_id, oa_name, oa_acronym, oa_country, oa_url, oa_collectedfrom) VALUES ('openorgs____::000248a304b41b83bed813260b2afec1','re3data_____::84913f34770f5f7f92af45775009580d','r3344','Institute of Informatics and Telematics','IIT','IT','http://','re3data'); |
4 | 4 |
INSERT INTO openaire_simrels(local_id, oa_id, oa_original_id, oa_name, oa_acronym, oa_country, oa_url, oa_collectedfrom) VALUES ('openorgs____::000248a304b41b83bed813260b2afec1','ec__________::9fdd5957f12affa9b7e50cad05c280b3', '9994324','Istituto Italiano di Tecnologia ','IIT','IT','http://','EC'); |
5 | 5 |
|
6 |
INSERT INTO users(email, password, valid, role) VALUES ('michele.artini@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'SUPERUSER');
|
|
7 |
INSERT INTO users(email, password, valid, role) VALUES ('emma.lazzeri@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'USER');
|
|
8 |
INSERT INTO users(email, password, valid, role) VALUES ('paolo.manghi@isti.cnr.it', '{MD5}'||MD5('dnetPwd'), true, 'USER');
|
|
6 |
INSERT INTO users(email, password, valid, role) VALUES ('michele', '{MD5}'||MD5('dnet'), true, 'SUPERUSER');
|
|
7 |
INSERT INTO users(email, password, valid, role) VALUES ('emma', '{MD5}'||MD5('dnet'), true, 'USER');
|
|
8 |
INSERT INTO users(email, password, valid, role) VALUES ('paolo', '{MD5}'||MD5('dnet'), true, 'USER');
|
|
9 | 9 |
|
10 |
INSERT INTO user_countries VALUES ('emma.lazzeri@isti.cnr.it', 'IT'); |
|
11 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'IT'); |
|
12 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'GR'); |
|
13 |
INSERT INTO user_countries VALUES ('paolo.manghi@isti.cnr.it', 'GB'); |
|
10 |
INSERT INTO user_countries VALUES ('emma', 'IT'); |
|
11 |
INSERT INTO user_countries VALUES ('paolo', 'IT'); |
|
12 |
INSERT INTO user_countries VALUES ('paolo', 'GR'); |
|
13 |
INSERT INTO user_countries VALUES ('paolo', 'GB'); |
modules/dnet-orgs-database-application/trunk/src/main/resources/static/index.html | ||
---|---|---|
1 |
<!doctype html> |
|
2 |
<html lang="en"> |
|
3 |
|
|
4 |
<head> |
|
5 |
<!-- Required meta tags --> |
|
6 |
<meta charset="utf-8"> |
|
7 |
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> |
|
8 |
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate"> |
|
9 |
<meta http-equiv="Pragma" content="no-cache"> |
|
10 |
<meta http-equiv="Expires" content="0"> |
|
11 |
|
|
12 |
<!-- Bootstrap CSS --> |
|
13 |
<link rel="stylesheet" href="resources/css/bootstrap.min.css" /> |
|
14 |
|
|
15 |
<style type="text/css"> |
|
16 |
.table > tbody > tr > td { |
|
17 |
vertical-align: middle; |
|
18 |
} |
|
19 |
.card > .table { |
|
20 |
margin-bottom: 0 !important; |
|
21 |
} |
|
22 |
</style> |
|
23 |
|
|
24 |
|
|
25 |
<title>Organizations Database</title> |
|
26 |
|
|
27 |
</head> |
|
28 |
|
|
29 |
<body ng-app="orgs"> |
|
30 |
<nav class="navbar navbar-expand-lg navbar-light bg-light" ng-controller="userCtrl"> |
|
31 |
<a class="navbar-brand" href="#"> <img |
|
32 |
src="resources/images/openaire_logo_small.png" width="30" height="30" alt=""> |
|
33 |
Organizations |
|
34 |
</a> |
|
35 |
<button class="navbar-toggler" type="button" data-toggle="collapse" |
|
36 |
data-target="#navbarSupportedContent"> |
|
37 |
<span class="navbar-toggler-icon"></span> |
|
38 |
</button> |
|
39 |
|
|
40 |
<div class="collapse navbar-collapse w-100 order-1" id="navbarSupportedContent"> |
|
41 |
<ul class="navbar-nav mr-auto"> |
|
42 |
<li class="nav-item active"><a class="nav-link" href="#">Search</a></li> |
|
43 |
<li class="nav-item dropdown"><a |
|
44 |
class="nav-link dropdown-toggle" href="javascript:void(0)" id="navbarDropdown" |
|
45 |
role="button" data-toggle="dropdown">Browse</a> |
|
46 |
<div class="dropdown-menu"> |
|
47 |
<a class="dropdown-item" href="#!/countries">by country</a> <a |
|
48 |
class="dropdown-item" href="#!/types">by type</a> |
|
49 |
</div></li> |
|
50 |
<li class="nav-item"><a class="nav-link" href="#!/new">New</a></li> |
|
51 |
|
|
52 |
</ul> |
|
53 |
</div> |
|
54 |
|
|
55 |
<div class="navbar-collapse collapse w-100 order-2"> |
|
56 |
<ul class="navbar-nav ml-auto"> |
|
57 |
<li class="nav-item dropdown"> |
|
58 |
<a class="nav-link dropdown-toggle" href="javascript:void(0)" data-toggle="dropdown">{{user}}</a> |
|
59 |
<div class="dropdown-menu"> |
|
60 |
<a class="dropdown-item" href="javascript:void(0)" ng-click="logout()">Logout</a> |
|
61 |
</div> |
|
62 |
</li> |
|
63 |
<li class="nav-item"><a class="btn btn-outline-primary" href="/doc">API</a></li> |
|
64 |
</ul> |
|
65 |
</div> |
|
66 |
|
|
67 |
</nav> |
|
68 |
|
|
69 |
<div class="container-fluid small mt-4" ng-view></div> |
|
70 |
|
|
71 |
<script src="resources/js/jquery-3.4.1.min.js"></script> |
|
72 |
<script src="resources/js/popper.min.js"></script> |
|
73 |
<script src="resources/js/bootstrap.min.js"></script> |
|
74 |
<script src="resources/js/angular.min.js"></script> |
|
75 |
<script src="resources/js/angular-route.min.js"></script> |
|
76 |
<script src="resources/js/organizations.js"></script> |
|
77 |
</body> |
|
78 |
|
|
79 |
</html> |
modules/dnet-orgs-database-application/trunk/src/main/resources/static/messages/logout.html | ||
---|---|---|
22 | 22 |
<div class="card text-center" style="margin-top: 25px"> |
23 | 23 |
<div class="card-header">Organizations Database</div> |
24 | 24 |
<div class="card-body"> |
25 |
<h5 class="card-title" ng-if="!logged">You have been logged out !!!</h5> |
|
26 |
<h5 class="card-title" ng-if="logged">Performing logout ...</h5> |
|
27 |
<p class="card-text" ng-if="!logged">You will be redicted to the homepage between {{seconds}} second(s)</p> |
|
28 |
<button class="btn btn-sm btn-primary" ng-click="homepage()" ng-disabled="isLogged">return to homepage</button> |
|
25 |
<h5 class="card-title">You have been logged out !!!</h5> |
|
26 |
<p class="card-text">You will be redicted to the homepage between {{seconds}} second(s)</p> |
|
27 |
<button class="btn btn-sm btn-primary" ng-click="homepage()">return to homepage</button> |
|
29 | 28 |
</div> |
30 | 29 |
</div> |
31 | 30 |
</div> |
... | ... | |
41 | 40 |
.controller('logoutCtrl', function($scope, $http, $timeout) { |
42 | 41 |
|
43 | 42 |
$scope.seconds = 5; |
44 |
$scope.isLogged = true; |
|
43 |
|
|
45 | 44 |
$scope.homepage = function() { location.href = '/'; } |
46 | 45 |
$scope.onTimeout = function() { |
47 | 46 |
$scope.seconds--; |
... | ... | |
51 | 50 |
$scope.homepage(); |
52 | 51 |
} |
53 | 52 |
}; |
54 |
|
|
55 |
jQuery.ajax({ type: "GET", url: "/", async: true, username: "log", password: "out", headers: { "Authorization": "Basic xxx" } }) |
|
56 |
.done(function() {}) |
|
57 |
.fail(function() { |
|
58 |
$scope.isLogged = false; |
|
59 |
$timeout($scope.onTimeout, 1000); |
|
60 |
}); |
|
61 | 53 |
|
54 |
$timeout($scope.onTimeout, 1000); |
|
55 |
|
|
62 | 56 |
}); |
63 | 57 |
</script> |
64 | 58 |
|
modules/dnet-orgs-database-application/trunk/src/main/resources/templates/redirect.html | ||
---|---|---|
1 |
<html> |
|
2 |
<meta http-equiv="refresh" content="0"> |
|
3 |
</html> |
modules/dnet-orgs-database-application/trunk/src/main/resources/templates/home.html | ||
---|---|---|
1 |
<!doctype html> |
|
2 |
<html lang="en"> |
|
3 |
|
|
4 |
<head> |
|
5 |
<!-- Required meta tags --> |
|
6 |
<meta charset="utf-8"> |
|
7 |
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> |
|
8 |
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate"> |
|
9 |
<meta http-equiv="Pragma" content="no-cache"> |
|
10 |
<meta http-equiv="Expires" content="0"> |
|
11 |
|
|
12 |
<!-- Bootstrap CSS --> |
|
13 |
<link rel="stylesheet" href="resources/css/bootstrap.min.css" /> |
|
14 |
|
|
15 |
<style type="text/css"> |
|
16 |
.table > tbody > tr > td { |
|
17 |
vertical-align: middle; |
|
18 |
} |
|
19 |
.card > .table { |
|
20 |
margin-bottom: 0 !important; |
|
21 |
} |
|
22 |
</style> |
|
23 |
|
|
24 |
|
|
25 |
<title>Organizations Database</title> |
|
26 |
|
|
27 |
</head> |
|
28 |
|
|
29 |
<body ng-app="orgs"> |
|
30 |
<nav class="navbar navbar-expand-lg navbar-light bg-light" ng-controller="userCtrl"> |
|
31 |
<a class="navbar-brand" href="#"> <img |
|
32 |
src="resources/images/openaire_logo_small.png" width="30" height="30" alt=""> |
|
33 |
Organizations |
|
34 |
</a> |
|
35 |
<button class="navbar-toggler" type="button" data-toggle="collapse" |
|
36 |
data-target="#navbarSupportedContent"> |
|
37 |
<span class="navbar-toggler-icon"></span> |
|
38 |
</button> |
|
39 |
|
|
40 |
<div class="collapse navbar-collapse w-100 order-1" id="navbarSupportedContent"> |
|
41 |
<ul class="navbar-nav mr-auto"> |
|
42 |
<li class="nav-item active"><a class="nav-link" href="#">Search</a></li> |
|
43 |
<li class="nav-item dropdown"><a |
|
44 |
class="nav-link dropdown-toggle" href="javascript:void(0)" id="navbarDropdown" |
|
45 |
role="button" data-toggle="dropdown">Browse</a> |
|
46 |
<div class="dropdown-menu"> |
|
47 |
<a class="dropdown-item" href="#!/countries">by country</a> <a |
|
48 |
class="dropdown-item" href="#!/types">by type</a> |
|
49 |
</div></li> |
|
50 |
<li class="nav-item"><a class="nav-link" href="#!/new">New</a></li> |
|
51 |
|
|
52 |
</ul> |
|
53 |
</div> |
|
54 |
|
|
55 |
<div class="navbar-collapse collapse w-100 order-2"> |
|
56 |
<ul class="navbar-nav ml-auto"> |
|
57 |
<li class="nav-item dropdown"> |
|
58 |
<a class="nav-link dropdown-toggle" href="javascript:void(0)" data-toggle="dropdown">{{user}}</a> |
|
59 |
<div class="dropdown-menu"> |
|
60 |
<a class="dropdown-item" href="javascript:void(0)" ng-click="logout()">Logout</a> |
|
61 |
</div> |
|
62 |
</li> |
|
63 |
<li class="nav-item"><a class="btn btn-outline-primary" href="/doc">API</a></li> |
|
64 |
</ul> |
|
65 |
</div> |
|
66 |
|
|
67 |
</nav> |
|
68 |
|
|
69 |
<div class="container-fluid small mt-4" ng-view></div> |
|
70 |
|
|
71 |
<script src="resources/js/jquery-3.4.1.min.js"></script> |
|
72 |
<script src="resources/js/popper.min.js"></script> |
|
73 |
<script src="resources/js/bootstrap.min.js"></script> |
|
74 |
<script src="resources/js/angular.min.js"></script> |
|
75 |
<script src="resources/js/angular-route.min.js"></script> |
|
76 |
<script src="resources/js/organizations.js"></script> |
|
77 |
</body> |
|
78 |
|
|
79 |
</html> |
Also available in: Unified diff
simple authentication (with logout ?)