A CRUD Spring Boot project focused in building discussion board for web 3.0. To see the full website visit https://chainslog.herokuapp.com/.
For building and running the application you need:
This project is done through Eclipse IDE, to run the application locally open projects from file system and select the project, then run as spring application.
Alternatively you can use the Spring Boot Maven plugin like so:
get dependencies
mvn clean install
run application locally
mvn spring-boot:run
- Used in: Authentication and Route Protection [AuthService, Home Controller]
- Reference Video: Spring Boot Security Fundamentals
- How it is implemented in the project?:
-
Initial Setup for Spring Security (Dependency)
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
-
To configure spring security, create a SecurityConfiguration that extends WebSecurityConfigurerAdapter.
- Override two configure methdos (AuthenticationManagerBuilding and HttpSecurity)
- HttpSecurity focuses on route protection and must be user defined based on roles and authentication;
- Additionally, to interact with the session token the following must be also configure: Login, Logout, RememberMe.
- AuthenicationManagerBuilder focuses on authentication of the account, which needs to configure the following two beans;
- DaoAuthenticationProvider to get the input and validate the input from database using the UserAccountService, while
- Password Encoder is a spring security features that uses bycrpy to encrypt passwords before receiving and sending in databases.
-
Next, is configure the UserAccount Model;
- UserAccount will implements the UserDetails from Spring Security to access its internal model for users,
- Then map the username/email, password to your existing User model.
- [Optional], you can also implement custom properties in this model to be accessed in session token.
-
For the UserAccount Service,
- UserAccount service will implement the UserDetailsService from Spring Security to retrieve the user details from the database.
- Create a Data Access Object (Dao) that will find user using username.
- Assign the user to the UserAccount Model you configure earlier.
-
Additional Steps,
- You can interact directly to spring security if you are currently using thymeleaf.
- Include in the pom.xml the following dependency:
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency>
-
- Used in: Frontend [Template]
- Reference Link: Baeldung Thymeleaf Fundamentals
- How it is implemented in the project?:
- Initial Setup for Thymeleaf (Dependency)
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
- Integrating Thymeleaf in templates
- Create a HTML file in resources/templates.
- Include the following attributes in the HTML Tag;
<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/extras/spring-security" lang="en">
- Using Thymeleaf Fragments
- Create fragments.html which you will put all of your thymeleaf fragments in project.
- Suggested fragments is head (if you will not use JS), navbar and repetitive components in your web app.
- To define a thymeleaf fragment include in the opening tag the attribute
th:fragment="<name-of-fragment>"
- To use the defined fragment on other pages use the attribute
th:replace="<html-of-your-fragments> :: <name-of-fragment>"
- Using Thymeleaf Links/URL
- To link an image in your thymeleaf page, use the ordinary
<img>
tag with the following attribute,th:src="@{/link}"
- Similar with the
<a>
and other tags that utilizes links, you must appendth:
in the beggining of attribute and define the link as@{/link}
- To link an image in your thymeleaf page, use the ordinary
- Using Thymeleaf Conditionals
- In a scenario that you need to display something base on a variable (defined by `${var}), you can use conditionals directly in thymeleaf.
th:if="${var}"
is used to display a html tag when the var is true,- Vice versa,
th:unless="${true}"
is used to NOT display a html tag when the var is true. sec:authorize="isAuthenticated()"
is used to display a html tag if the user is authenticated.- Vice versa,
sec:authorize="isAnonymous()"
is used to display a html tag if the user is anonymous.
- Other usage of Thymeleaf in Project
th:text="${var} / <text>
is used to replace the text of the current tag.th:each="var-name: ${var-list}"
is used to repetively create a html tag based on the current var-list.
- Initial Setup for Thymeleaf (Dependency)