From 78ddbffb7b7ee3116ccad9e9422b8f3ede434eee Mon Sep 17 00:00:00 2001
From: Dmitry Isaenko <developer.su@gmail.com>
Date: Sat, 30 Dec 2023 15:01:19 +0300
Subject: [PATCH] auto-login after registration

---
 .../security/RegistrationController.java          | 15 ++++++++++++---
 .../marinesco/security/RegistrationForm.java      | 12 ++++++++++++
 .../marinesco/security/SecurityConfig.java        |  2 +-
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/src/main/java/ru/redrise/marinesco/security/RegistrationController.java b/src/main/java/ru/redrise/marinesco/security/RegistrationController.java
index 9bd2899..cefd8c7 100644
--- a/src/main/java/ru/redrise/marinesco/security/RegistrationController.java
+++ b/src/main/java/ru/redrise/marinesco/security/RegistrationController.java
@@ -9,11 +9,12 @@ import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
+import ru.redrise.marinesco.User;
 import ru.redrise.marinesco.data.RolesRepository;
 import ru.redrise.marinesco.data.UserRepository;
-import ru.redrise.marinesco.User;
 
 @Slf4j
 @Controller
@@ -22,11 +23,16 @@ public class RegistrationController {
     private UserRepository userRepo;
     private RolesRepository rolesRepo;
     private PasswordEncoder passwordEncoder;
+    private HttpServletRequest request;
 
-    public RegistrationController(UserRepository userRepo, RolesRepository rolesRepo, PasswordEncoder passwordEncoder) {
+    public RegistrationController(UserRepository userRepo,
+            RolesRepository rolesRepo,
+            PasswordEncoder passwordEncoder,
+            HttpServletRequest request) {
         this.userRepo = userRepo;
         this.rolesRepo = rolesRepo;
         this.passwordEncoder = passwordEncoder;
+        this.request = request;
     }
 
     @ModelAttribute(name = "registrationForm")
@@ -41,7 +47,7 @@ public class RegistrationController {
 
     @PostMapping
     public String postMethodName(@Valid RegistrationForm registerForm, Errors errors, Model model) {
-        if (registerForm.isPasswordsNotEqual()){
+        if (registerForm.isPasswordsNotEqual()) {
             model.addAttribute("passwordsMismatch", "Passwords must be the same.");
             return "registration";
         }
@@ -51,6 +57,9 @@ public class RegistrationController {
 
         User user = userRepo.save(registerForm.toUser(passwordEncoder, rolesRepo));
         log.info("Added user {} {} {}", user.getId(), user.getUsername(), user.getDisplayname());
+
+        if (registerForm.auth(request))
+            return "redirect:/";
         return "redirect:/login";
     }
 }
diff --git a/src/main/java/ru/redrise/marinesco/security/RegistrationForm.java b/src/main/java/ru/redrise/marinesco/security/RegistrationForm.java
index bfc6b8f..10990cd 100644
--- a/src/main/java/ru/redrise/marinesco/security/RegistrationForm.java
+++ b/src/main/java/ru/redrise/marinesco/security/RegistrationForm.java
@@ -2,6 +2,8 @@ package ru.redrise.marinesco.security;
 
 import org.springframework.security.crypto.password.PasswordEncoder;
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.constraints.NotEmpty;
 import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.Size;
@@ -36,4 +38,14 @@ public class RegistrationForm {
     public boolean isPasswordsNotEqual(){
         return ! password.equals(passwordConfirm);
     }
+
+    public boolean auth(HttpServletRequest request) {
+        try{
+            request.login(username, password);
+            return true;
+        }
+        catch(Exception e){
+            return false;
+        }
+    }
 }
diff --git a/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java b/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java
index 0445960..da114d4 100644
--- a/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java
+++ b/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java
@@ -49,7 +49,7 @@ public class SecurityConfig {
                         .requestMatchers(mvc.pattern("/jquery.js")).permitAll()
                         .requestMatchers(mvc.pattern("/styles/**")).permitAll()
                         .requestMatchers(mvc.pattern("/images/*")).permitAll()
-                        .requestMatchers(mvc.pattern("/register")).permitAll()
+                        .requestMatchers(mvc.pattern("/register")).anonymous()
                         .requestMatchers(mvc.pattern("/login")).anonymous()
                         .requestMatchers(mvc.pattern("/error")).permitAll()
                         .requestMatchers(PathRequest.toH2Console()).permitAll()