Spring Security: in-memory user store

pom.xml

@@ -63,6 +63,19 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+	        <groupId>org.thymeleaf.extras</groupId>
+	        <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/tacos/TacoCloud2Application.java

@@ -15,5 +15,6 @@ public static void main(String[] args) {
 	@Override
 	public void addViewControllers(ViewControllerRegistry registry) {
 		registry.addViewController("/").setViewName("home");
+		registry.addViewController("/login");
 	}
 }

src/main/java/tacos/security/SecurityConfig.java

@@ -0,0 +1,43 @@
+package tacos.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@SuppressWarnings("deprecation")
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter{
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
+		auth.inMemoryAuthentication()
+				.withUser("holo")
+				.password(encoder.encode("thewisewolf"))
+				.authorities("ROLE_USER")
+			.and()
+				.withUser("mai")
+				.password(encoder.encode("bunnygirlsenpai"))
+				.authorities("ROLE_USER");
+		System.out.println(org.springframework.security.core.SpringSecurityCoreVersion.getVersion());
+
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable().authorizeRequests()
+				.antMatchers("/design", "/orders").hasRole("USER")
+				.antMatchers("/", "/**").permitAll()
+			.and()
+				.formLogin().loginPage("/login")
+				.defaultSuccessUrl("/design", true)
+			.and()
+				.logout().logoutSuccessUrl("/");
+	}
+
+}

src/main/resources/SQLServer.sql

@@ -89,4 +89,3 @@ insert into dbo.Ingredient (id, name, type)
 insert into dbo.Ingredient (id, name, type)
 				values ('SRCR', 'Sour Cream', 'SAUCE'); 
 go
-

src/main/resources/static/styles.css

@@ -1,3 +1,12 @@
 .validationError {
     color: red;
+}
+.header-container {
+    text-align: left;
+    position: relative;
+    color: white;
+}
+.header-container .header-bar  {
+    position: absolute;
+    right: 10px;
 }

src/main/resources/templates/_header.html

@@ -0,0 +1,18 @@
+<div class="header-container"
+        xmlns="http://www.w3.org/1999/xhtml"
+        xmlns:th="http://www.thymeleaf.org"
+        xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
+    <div class="header-bar">
+        <th:block sec:authorize="isAuthenticated()">
+            <form method="POST" th:action="@{/logout}">
+                <input type="submit" value="Logout"/>
+            </form>
+        </th:block>
+
+        <th:block sec:authorize="!isAuthenticated()">
+            <form method="GET" th:action="@{/login}">
+                <input type="submit" value="Login"/>
+            </form>
+        </th:block>
+    </div>
+</div>

src/main/resources/templates/design.html

@@ -7,6 +7,7 @@
     </head>
 
     <body>
+        <th:block th:include="/_header"></th:block>
         <h1>Design your Taco!</h1>
         <img th:src="@{/images/TacoCloud.png}"/>
 

src/main/resources/templates/home.html

@@ -3,8 +3,10 @@
         xmlns:th="http://www.thymeleaf.org">
     <head>
         <title>Taco Cloud</title>
+        <link rel="stylesheet" th:href="@{/styles.css}" />
     </head>
     <body>
+        <th:block th:include="/_header"></th:block>
         <h1>Welcome to...</h1>
         <img th:src="@{/images/TacoCloud.png}"/>
     </body>

src/main/resources/templates/login.html

@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml"
+        xmlns:th="http://www.thymeleaf.org">
+    <head>
+        <title>Taco Cloud</title>
+        <link rel="stylesheet" th:href="@{/styles.css?version=1}" />
+    </head>
+
+    <body>
+        <h1>Login</h1>
+        <img th:src="@{/images/TacoCloud.png}"/>
+
+        <div class="validationError" th:if="${error}">
+            Unable to login. Check your username and password.
+        </div>
+
+        <p>New here? Click
+            <a th:href="@{/register}">here</a>
+             to register.
+        </p>
+
+        <form method="POST" th:action="@{/login}" id="loginForm">
+            <label for="username">Username: </label>
+            <input type="text" name="username" id="username"/><br/>
+
+            <label for="password">Password: </label>
+            <input type="password" name="password" id="password"/><br/>
+
+            <input type="submit" value="Login">
+        </form>
+    </body>
+</html>

src/main/resources/templates/orderForm.html

@@ -7,6 +7,7 @@
     </head>
 
     <body>
+        <th:block th:include="/_header"></th:block>
         <form method="POST" th:action="@{/orders}" th:object="${order}">
             <h1>Order your Taco creation!</h1>