fixed role slug

harmlessprince · Feb 17, 2025 · e01c83d · e01c83d
1 parent b3ec23c
commit e01c83d
Show file tree

Hide file tree

Showing 3 changed files with 71 additions and 12 deletions.
diff --git a/src/main/java/com/harmlessprince/ecommerceApi/auth/AuthenticationService.java b/src/main/java/com/harmlessprince/ecommerceApi/auth/AuthenticationService.java
@@ -60,7 +60,7 @@ public User login(LoginRequest request) {
 
     public Customer loginAsCustomer(LoginRequest request, String tenantId) {
         Optional<Customer> user =  customerRepository.findFirstByEmailAndTenantId(request.email(), tenantId);
-
+        log.info("Tenant ID from loginAsCustomer: " + tenantId);
         if (user.isEmpty()){
             throw new BadCredentialsException("Invalid email or password");
         }

diff --git a/src/main/java/com/harmlessprince/ecommerceApi/configs/ApplicationConfiguration.java b/src/main/java/com/harmlessprince/ecommerceApi/configs/ApplicationConfiguration.java
@@ -4,28 +4,33 @@
 import com.harmlessprince.ecommerceApi.customer.CustomerRepository;
 import com.harmlessprince.ecommerceApi.user.UserRepository;
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
+import java.util.List;
+
+@Slf4j
 @AllArgsConstructor
 @Configuration
 public class ApplicationConfiguration {
     private final UserRepository userRepository;
     private final CustomerRepository customerRepository;
+    private final TenantAwareAuthenticationProvider authenticationProvider;
 
-    //    public ApplicationConfiguration(UserRepository userRepository) {
-//    }
     @Bean
     UserDetailsService userDetailsService() {
+        log.info("Loading user details from database. {}", TenantContext.getCurrentTenantID());
         if (TenantContext.getCurrentTenantID() != null) {
             return username -> customerRepository.findFirstByEmailAndTenantId(username, TenantContext.getCurrentTenantID()).orElseThrow(() -> new UsernameNotFoundException("Customer not found"));
         }
@@ -36,17 +41,22 @@ PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
-    @Bean
-    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
-        return authenticationConfiguration.getAuthenticationManager();
-    }
+//    @Bean
+//    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+//        return authenticationConfiguration.getAuthenticationManager();
+//    }
 
     @Bean
-    AuthenticationProvider authenticationProvider() {
-        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
-        authenticationProvider.setUserDetailsService(userDetailsService());
-        authenticationProvider.setPasswordEncoder(passwordEncoder());
-        return authenticationProvider;
+    public AuthenticationManager authenticationManager() {
+        return new ProviderManager(List.of(authenticationProvider));
     }
 
+//    @Bean
+//    AuthenticationProvider authenticationProvider() {
+//        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
+//        authenticationProvider.setUserDetailsService(userDetailsService());
+//        authenticationProvider.setPasswordEncoder(passwordEncoder());
+//        return authenticationProvider;
+//    }
+
 }
diff --git a/src/main/java/com/harmlessprince/ecommerceApi/configs/TenantAwareAuthenticationProvider.java b/src/main/java/com/harmlessprince/ecommerceApi/configs/TenantAwareAuthenticationProvider.java
@@ -0,0 +1,49 @@
+package com.harmlessprince.ecommerceApi.configs;
+import com.harmlessprince.ecommerceApi.contexts.TenantContext;
+import com.harmlessprince.ecommerceApi.customer.CustomerRepository;
+import com.harmlessprince.ecommerceApi.user.UserRepository;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class TenantAwareAuthenticationProvider implements AuthenticationProvider {
+    private final CustomerRepository customerRepository;
+    private final UserRepository userRepository;
+
+    public TenantAwareAuthenticationProvider(CustomerRepository customerRepository, UserRepository userRepository) {
+        this.customerRepository = customerRepository;
+        this.userRepository = userRepository;
+    }
+
+
+
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        String username = authentication.getName();
+        String password = authentication.getCredentials().toString();
+
+        String tenantId = TenantContext.getCurrentTenantID();  // Get tenant dynamically
+        UserDetails userDetails;
+
+        if (tenantId != null) {
+            userDetails = customerRepository.findFirstByEmailAndTenantId(username, tenantId)
+                    .orElseThrow(() -> new UsernameNotFoundException("Customer not found"));
+        } else {
+            userDetails = userRepository.findFirstByEmail(username)
+                    .orElseThrow(() -> new UsernameNotFoundException("User not found"));
+        }
+
+        return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return authentication.equals(UsernamePasswordAuthenticationToken.class);
+    }
+}