From d4f39f27ae9a89478794939ff8234d5ecf368411 Mon Sep 17 00:00:00 2001
From: Marcel Schwarz <marcel@icaotix.de>
Date: Mon, 11 May 2020 21:15:25 +0200
Subject: [PATCH] Add LoginUser to successfully parse the request and create a
 token

---
 .../security/JWTAuthenticationFilter.java        |  7 ++++---
 .../java/de/hft/geotime/security/LoginUser.java  | 16 ++++++++++++++++
 .../java/de/hft/geotime/user/UserController.java |  5 ++++-
 3 files changed, 24 insertions(+), 4 deletions(-)
 create mode 100644 backend/src/main/java/de/hft/geotime/security/LoginUser.java

diff --git a/backend/src/main/java/de/hft/geotime/security/JWTAuthenticationFilter.java b/backend/src/main/java/de/hft/geotime/security/JWTAuthenticationFilter.java
index f111c1f..7ca7442 100644
--- a/backend/src/main/java/de/hft/geotime/security/JWTAuthenticationFilter.java
+++ b/backend/src/main/java/de/hft/geotime/security/JWTAuthenticationFilter.java
@@ -2,7 +2,6 @@ package de.hft.geotime.security;
 
 import com.auth0.jwt.JWT;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import de.hft.geotime.user.TimetrackUser;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -32,7 +31,7 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
             HttpServletRequest req,
             HttpServletResponse res) throws AuthenticationException {
         try {
-            TimetrackUser creds = new ObjectMapper().readValue(req.getInputStream(), TimetrackUser.class);
+            LoginUser creds = new ObjectMapper().readValue(req.getInputStream(), LoginUser.class);
             return authenticationManager.authenticate(
                     new UsernamePasswordAuthenticationToken(
                             creds.getUsername(),
@@ -41,7 +40,9 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
                     )
             );
         } catch (IOException e) {
-            throw new RuntimeException(e);
+            logger.info("Unsuccessful login attempt: " + e.getMessage());
+            res.setStatus(HttpServletResponse.SC_FORBIDDEN);
+            return null;
         }
     }
 
diff --git a/backend/src/main/java/de/hft/geotime/security/LoginUser.java b/backend/src/main/java/de/hft/geotime/security/LoginUser.java
new file mode 100644
index 0000000..13a0bb6
--- /dev/null
+++ b/backend/src/main/java/de/hft/geotime/security/LoginUser.java
@@ -0,0 +1,16 @@
+package de.hft.geotime.security;
+
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class LoginUser {
+
+    private String password;
+    private String username;
+
+}
diff --git a/backend/src/main/java/de/hft/geotime/user/UserController.java b/backend/src/main/java/de/hft/geotime/user/UserController.java
index 723dde1..0bb15d6 100644
--- a/backend/src/main/java/de/hft/geotime/user/UserController.java
+++ b/backend/src/main/java/de/hft/geotime/user/UserController.java
@@ -4,7 +4,10 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
 
 @RestController
 public class UserController {