├── .github
    ├── dependabot.yml
    └── workflows
    │   └── maven.yml
├── .gitignore
├── README.md
├── img
    ├── create.png
    ├── details.png
    ├── index.png
    ├── list.png
    ├── list2.png
    ├── login.png
    └── menu.png
├── pom.xml
└── src
    └── main
        ├── java
            └── com
            │   └── hendisantika
            │       └── example
            │           ├── Application.java
            │           ├── config
            │               └── SecurityConfig.java
            │           ├── controller
            │               ├── CurrentUserControllerAdvice.java
            │               ├── ExceptionHandlerControllerAdvice.java
            │               ├── HomeController.java
            │               ├── LoginController.java
            │               ├── UserController.java
            │               └── UsersController.java
            │           ├── domain
            │               ├── CurrentUser.java
            │               ├── Role.java
            │               ├── User.java
            │               ├── UserCreateForm.java
            │               └── validator
            │               │   └── UserCreateFormValidator.java
            │           ├── repository
            │               └── UserRepository.java
            │           └── service
            │               ├── currentuser
            │                   ├── CurrentUserDetailsService.java
            │                   ├── CurrentUserService.java
            │                   └── CurrentUserServiceImpl.java
            │               └── user
            │                   ├── UserService.java
            │                   └── UserServiceImpl.java
        └── resources
            ├── application.properties
            ├── data.sql
            └── templates
                ├── home.ftlh
                ├── login.ftlh
                ├── user.ftlh
                ├── user_create.ftlh
                └── users.ftlh


/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | updates:
 3 |   - package-ecosystem: maven
 4 |     directory: "/"
 5 |     schedule:
 6 |       interval: daily
 7 |       time: '21:00'
 8 |       timezone: Asia/Jakarta
 9 |     open-pull-requests-limit: 10
10 | 


--------------------------------------------------------------------------------
/.github/workflows/maven.yml:
--------------------------------------------------------------------------------
 1 | # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
 2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
 3 | 
 4 | # This workflow uses actions that are not certified by GitHub.
 5 | # They are provided by a third-party and are governed by
 6 | # separate terms of service, privacy policy, and support
 7 | # documentation.
 8 | 
 9 | name: Java CI with Maven
10 | 
11 | on:
12 |   push:
13 |     branches: [ "master" ]
14 |   pull_request:
15 |     branches: [ "master" ]
16 | 
17 | jobs:
18 |   build:
19 | 
20 |     runs-on: ubuntu-latest
21 | 
22 |     steps:
23 |     - uses: actions/checkout@v4
24 |     - name: Set up JDK 21
25 |       uses: actions/setup-java@v3
26 |       with:
27 |         java-version: '21'
28 |         distribution: 'temurin'
29 |         cache: maven
30 |     - name: Build with Maven
31 |       run: mvn -B package --file pom.xml
32 | 
33 |     # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
34 |     - name: Update dependency graph
35 |       uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
36 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea
2 | *.iml
3 | target
4 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | Example Spring Boot Security
 2 | ============================
 3 | 
 4 | The application showing how to use Spring Boot with Spring Security for common needs, such as:
 5 | 
 6 | * Customized login form
 7 | * DAO-based authentication
 8 | * Basic "remember me" authentication
 9 | * URL-based security
10 | * Method-level security
11 | 
12 | See the [Spring Boot Security Application](http://kielczewski.eu/2014/12/spring-boot-security-application/) article for
13 | commentary.
14 | 
15 | Requirements
16 | ------------
17 | * [Java Platform (JDK) 8](http://www.oracle.com/technetwork/java/javase/downloads/index.html)
18 | * [Apache Maven 3.x](http://maven.apache.org/)
19 | 
20 | Quick start
21 | -----------
22 | 1. `mvn clean spring-boot:run`
23 | 3. Point your browser to [http://localhost:8080/](http://localhost:8080/)
24 | 
25 | Screen shot
26 | -----------
27 | Index Page
28 | 
29 | ![Index Page](img/index.png "Index Page")
30 | 
31 | Login Page
32 | 
33 | ![Login Page](img/login.png "Login Page")
34 | 
35 | Menu Page
36 | 
37 | ![Menu Page](img/menu.png "Menu Page")
38 | 
39 | List Users Page
40 | 
41 | ![List Users Page](img/list.png "List Users Page")
42 | 
43 | Create New User Page
44 | 
45 | ![Create New User Page](img/create.png "Create New User Page")
46 | 
47 | List Users Page
48 | 
49 | ![List Users Page](img/list2.png "List Users Page")
50 | 
51 | User Details Page
52 | 
53 | ![User Details Page](img/details.png "User Details Page")
54 | 
55 | 


--------------------------------------------------------------------------------
/img/create.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/create.png


--------------------------------------------------------------------------------
/img/details.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/details.png


--------------------------------------------------------------------------------
/img/index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/index.png


--------------------------------------------------------------------------------
/img/list.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/list.png


--------------------------------------------------------------------------------
/img/list2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/list2.png


--------------------------------------------------------------------------------
/img/login.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/login.png


--------------------------------------------------------------------------------
/img/menu.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hendisantika/spring-boot-security-example/23f84ecfe9a999ae9ad87abe557cf0203f2a3605/img/menu.png


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 |          xmlns="http://maven.apache.org/POM/4.0.0"
 4 |          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 5 |     <modelVersion>4.0.0</modelVersion>
 6 | 
 7 |     <groupId>com.hendisantika.example</groupId>
 8 |     <artifactId>example-spring-boot-security</artifactId>
 9 |     <version>1.0-SNAPSHOT</version>
10 |     <packaging>war</packaging>
11 | 
12 |     <parent>
13 |         <groupId>org.springframework.boot</groupId>
14 |         <artifactId>spring-boot-starter-parent</artifactId>
15 |         <version>3.5.0</version>
16 |     </parent>
17 | 
18 |     <name>Spring Boot Security Example</name>
19 |     <url>http://kielczewski.eu/2014/12/spring-boot-security-application/</url>
20 | 
21 |     <properties>
22 |         <java.version>21</java.version>
23 |     </properties>
24 | 
25 |     <dependencies>
26 |         <!-- Spring Boot -->
27 |         <dependency>
28 |             <groupId>org.springframework.boot</groupId>
29 |             <artifactId>spring-boot-starter</artifactId>
30 |         </dependency>
31 |         <dependency>
32 |             <groupId>org.springframework.boot</groupId>
33 |             <artifactId>spring-boot-starter-web</artifactId>
34 |         </dependency>
35 |         <dependency>
36 |             <groupId>org.springframework.boot</groupId>
37 |             <artifactId>spring-boot-starter-validation</artifactId>
38 |         </dependency>
39 |         <dependency>
40 |             <groupId>org.springframework.boot</groupId>
41 |             <artifactId>spring-boot-starter-test</artifactId>
42 |             <scope>test</scope>
43 |             <exclusions>
44 |                 <exclusion>
45 |                     <groupId>org.springframework</groupId>
46 |                     <artifactId>spring-test</artifactId>
47 |                 </exclusion>
48 |             </exclusions>
49 |         </dependency>
50 | 
51 |         <dependency>
52 |             <groupId>org.springframework.boot</groupId>
53 |             <artifactId>spring-boot-starter-freemarker</artifactId>
54 |         </dependency>
55 | 
56 |         <dependency>
57 |             <groupId>org.springframework.boot</groupId>
58 |             <artifactId>spring-boot-starter-security</artifactId>
59 |         </dependency>
60 | 
61 |         <dependency>
62 |             <groupId>org.springframework.boot</groupId>
63 |             <artifactId>spring-boot-starter-data-jpa</artifactId>
64 |         </dependency>
65 | 
66 |         <!-- https://mvnrepository.com/artifact/com.h2database/h2 -->
67 |         <dependency>
68 |             <groupId>com.h2database</groupId>
69 |             <artifactId>h2</artifactId>
70 |             <scope>runtime</scope>
71 |         </dependency>
72 | 
73 |     </dependencies>
74 | 
75 | </project>
76 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/Application.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example;
 2 | 
 3 | import org.springframework.boot.SpringApplication;
 4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 | import org.springframework.boot.builder.SpringApplicationBuilder;
 6 | import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 7 | 
 8 | /**
 9 |  * Created by IntelliJ IDEA.
10 |  * Project : spring-boot-security-example
11 |  * User: hendisantika
12 |  * Email: hendisantika@gmail.com
13 |  * Telegram : @hendisantika34
14 |  * Date: 9/28/17
15 |  * Time: 5:51 AM
16 |  * To change this template use File | Settings | File Templates.
17 |  */
18 | 
19 | @SpringBootApplication
20 | public class Application extends SpringBootServletInitializer {
21 | 
22 |     public static void main(String[] args) {
23 |         SpringApplication.run(Application.class, args);
24 |     }
25 | 
26 |     @Override
27 |     protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
28 |         return application.sources(Application.class);
29 |     }
30 | 
31 | }


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/config/SecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.config;
 2 | 
 3 | import org.springframework.beans.factory.annotation.Autowired;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 6 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 8 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 9 | import org.springframework.security.core.userdetails.UserDetailsService;
10 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
11 | /**
12 |  * Created by IntelliJ IDEA.
13 |  * Project : spring-boot-security-example
14 |  * User: hendisantika
15 |  * Email: hendisantika@gmail.com
16 |  * Telegram : @hendisantika34
17 |  * Date: 9/29/17
18 |  * Time: 10:10 AM
19 |  * To change this template use File | Settings | File Templates.
20 |  */
21 | @Configuration
22 | @EnableGlobalMethodSecurity(prePostEnabled = true)
23 | //@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
24 | class SecurityConfig extends WebSecurityConfigurerAdapter {
25 | 
26 |     @Autowired
27 |     private UserDetailsService userDetailsService;
28 | 
29 |     @Override
30 |     protected void configure(HttpSecurity http) throws Exception {
31 |         http.authorizeRequests()
32 |                 .antMatchers("/", "/public/**").permitAll()
33 |                 .antMatchers("/users/**").hasAuthority("ADMIN")
34 |                 .anyRequest().fullyAuthenticated()
35 |                 .and()
36 |                 .formLogin()
37 |                 .loginPage("/login")
38 |                 .failureUrl("/login?error")
39 |                 .usernameParameter("email")
40 |                 .permitAll()
41 |                 .and()
42 |                 .logout()
43 |                 .logoutUrl("/logout")
44 |                 .deleteCookies("remember-me")
45 |                 .logoutSuccessUrl("/")
46 |                 .permitAll()
47 |                 .and()
48 |                 .rememberMe();
49 |     }
50 | 
51 |     @Override
52 |     public void configure(AuthenticationManagerBuilder auth) throws Exception {
53 |         auth
54 |                 .userDetailsService(userDetailsService)
55 |                 .passwordEncoder(new BCryptPasswordEncoder());
56 |     }
57 | 
58 | }


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/CurrentUserControllerAdvice.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import com.hendisantika.example.domain.CurrentUser;
 4 | import org.slf4j.Logger;
 5 | import org.slf4j.LoggerFactory;
 6 | import org.springframework.security.core.Authentication;
 7 | import org.springframework.web.bind.annotation.ControllerAdvice;
 8 | import org.springframework.web.bind.annotation.ModelAttribute;
 9 | /**
10 |  * Created by IntelliJ IDEA.
11 |  * Project : spring-boot-security-example
12 |  * User: hendisantika
13 |  * Email: hendisantika@gmail.com
14 |  * Telegram : @hendisantika34
15 |  * Date: 9/29/17
16 |  * Time: 10:15 AM
17 |  * To change this template use File | Settings | File Templates.
18 |  */
19 | @ControllerAdvice
20 | public class CurrentUserControllerAdvice {
21 | 
22 |     private static final Logger LOGGER = LoggerFactory.getLogger(CurrentUserControllerAdvice.class);
23 | 
24 |     @ModelAttribute("currentUser")
25 |     public CurrentUser getCurrentUser(Authentication authentication) {
26 |         return (authentication == null) ? null : (CurrentUser) authentication.getPrincipal();
27 |     }
28 | 
29 | 
30 | }
31 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/ExceptionHandlerControllerAdvice.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import org.slf4j.Logger;
 4 | import org.slf4j.LoggerFactory;
 5 | import org.springframework.http.HttpStatus;
 6 | import org.springframework.web.bind.annotation.ControllerAdvice;
 7 | import org.springframework.web.bind.annotation.ExceptionHandler;
 8 | import org.springframework.web.bind.annotation.ResponseStatus;
 9 | 
10 | import java.util.NoSuchElementException;
11 | /**
12 |  * Created by IntelliJ IDEA.
13 |  * Project : spring-boot-security-example
14 |  * User: hendisantika
15 |  * Email: hendisantika@gmail.com
16 |  * Telegram : @hendisantika34
17 |  * Date: 9/29/17
18 |  * Time: 10:17 AM
19 |  * To change this template use File | Settings | File Templates.
20 |  */
21 | @ControllerAdvice
22 | public class ExceptionHandlerControllerAdvice {
23 | 
24 |     private static Logger LOGGER = LoggerFactory.getLogger(ExceptionHandlerControllerAdvice.class);
25 | 
26 |     @ExceptionHandler(NoSuchElementException.class)
27 |     @ResponseStatus(HttpStatus.NOT_FOUND)
28 |     public String handleNoSuchElementException(NoSuchElementException e) {
29 |         return e.getMessage();
30 |     }
31 | 
32 | }
33 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/HomeController.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import org.slf4j.Logger;
 4 | import org.slf4j.LoggerFactory;
 5 | import org.springframework.stereotype.Controller;
 6 | import org.springframework.web.bind.annotation.GetMapping;
 7 | /**
 8 |  * Created by IntelliJ IDEA.
 9 |  * Project : spring-boot-security-example
10 |  * User: hendisantika
11 |  * Email: hendisantika@gmail.com
12 |  * Telegram : @hendisantika34
13 |  * Date: 9/29/17
14 |  * Time: 10:18 AM
15 |  * To change this template use File | Settings | File Templates.
16 |  */
17 | @Controller
18 | public class HomeController {
19 | 
20 |     private static final Logger LOGGER = LoggerFactory.getLogger(HomeController.class);
21 | 
22 |     @GetMapping("/")
23 |     public String getHomePage() {
24 |         LOGGER.debug("Getting home page");
25 |         return "home";
26 |     }
27 | 
28 | }
29 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/LoginController.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import org.slf4j.Logger;
 4 | import org.slf4j.LoggerFactory;
 5 | import org.springframework.stereotype.Controller;
 6 | import org.springframework.web.bind.annotation.RequestMapping;
 7 | import org.springframework.web.bind.annotation.RequestMethod;
 8 | import org.springframework.web.bind.annotation.RequestParam;
 9 | import org.springframework.web.servlet.ModelAndView;
10 | 
11 | import java.util.Optional;
12 | /**
13 |  * Created by IntelliJ IDEA.
14 |  * Project : spring-boot-security-example
15 |  * User: hendisantika
16 |  * Email: hendisantika@gmail.com
17 |  * Telegram : @hendisantika34
18 |  * Date: 9/29/17
19 |  * Time: 10:20 AM
20 |  * To change this template use File | Settings | File Templates.
21 |  */
22 | @Controller
23 | public class LoginController {
24 | 
25 |     private static final Logger LOGGER = LoggerFactory.getLogger(LoginController.class);
26 | 
27 |     @RequestMapping(value = "/login", method = RequestMethod.GET)
28 |     public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
29 |         LOGGER.debug("Getting login page, error={}", error);
30 |         return new ModelAndView("login", "error", error);
31 |     }
32 | 
33 | }
34 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/UserController.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import com.hendisantika.example.domain.UserCreateForm;
 4 | import com.hendisantika.example.domain.validator.UserCreateFormValidator;
 5 | import com.hendisantika.example.service.user.UserService;
 6 | import org.slf4j.Logger;
 7 | import org.slf4j.LoggerFactory;
 8 | import org.springframework.beans.factory.annotation.Autowired;
 9 | import org.springframework.dao.DataIntegrityViolationException;
10 | import org.springframework.security.access.prepost.PreAuthorize;
11 | import org.springframework.stereotype.Controller;
12 | import org.springframework.validation.BindingResult;
13 | import org.springframework.web.bind.WebDataBinder;
14 | import org.springframework.web.bind.annotation.GetMapping;
15 | import org.springframework.web.bind.annotation.InitBinder;
16 | import org.springframework.web.bind.annotation.ModelAttribute;
17 | import org.springframework.web.bind.annotation.PathVariable;
18 | import org.springframework.web.bind.annotation.PostMapping;
19 | import org.springframework.web.bind.annotation.RequestMapping;
20 | import org.springframework.web.servlet.ModelAndView;
21 | 
22 | import javax.validation.Valid;
23 | import java.util.NoSuchElementException;
24 | /**
25 |  * Created by IntelliJ IDEA.
26 |  * Project : spring-boot-security-example
27 |  * User: hendisantika
28 |  * Email: hendisantika@gmail.com
29 |  * Telegram : @hendisantika34
30 |  * Date: 9/29/17
31 |  * Time: 10:22 AM
32 |  * To change this template use File | Settings | File Templates.
33 |  */
34 | @Controller
35 | @RequestMapping("user")
36 | public class UserController {
37 | 
38 |     private static final Logger LOGGER = LoggerFactory.getLogger(UserController.class);
39 |     private final UserService userService;
40 |     private final UserCreateFormValidator userCreateFormValidator;
41 | 
42 |     @Autowired
43 |     public UserController(UserService userService, UserCreateFormValidator userCreateFormValidator) {
44 |         this.userService = userService;
45 |         this.userCreateFormValidator = userCreateFormValidator;
46 |     }
47 | 
48 |     @InitBinder("form")
49 |     public void initBinder(WebDataBinder binder) {
50 |         binder.addValidators(userCreateFormValidator);
51 |     }
52 | 
53 |     @PreAuthorize("@currentUserServiceImpl.canAccessUser(principal, #id)")
54 |     @GetMapping("/{id}")
55 |     public ModelAndView getUserPage(@PathVariable Long id) {
56 |         LOGGER.debug("Getting user page for user={}", id);
57 |         return new ModelAndView("user", "user", userService.getUserById(id)
58 |                 .orElseThrow(() -> new NoSuchElementException(String.format("User=%s not found", id))));
59 |     }
60 | 
61 |     @PreAuthorize("hasAuthority('ADMIN')")
62 |     @GetMapping(value = "/create")
63 |     public ModelAndView getUserCreatePage() {
64 |         LOGGER.debug("Getting user create form");
65 |         return new ModelAndView("user_create", "form", new UserCreateForm());
66 |     }
67 | 
68 |     @PreAuthorize("hasAuthority('ADMIN')")
69 |     @PostMapping(value = "/create")
70 |     public String handleUserCreateForm(@Valid @ModelAttribute("form") UserCreateForm form, BindingResult bindingResult) {
71 |         LOGGER.debug("Processing user create form={}, bindingResult={}", form, bindingResult);
72 |         if (bindingResult.hasErrors()) {
73 |             // failed validation
74 |             return "user_create";
75 |         }
76 |         try {
77 |             userService.create(form);
78 |         } catch (DataIntegrityViolationException e) {
79 |             // probably email already exists - very rare case when multiple admins are adding same user
80 |             // at the same time and form validation has passed for more than one of them.
81 |             LOGGER.warn("Exception occurred when trying to save the user, assuming duplicate email", e);
82 |             bindingResult.reject("email.exists", "Email already exists");
83 |             return "user_create";
84 |         }
85 |         // ok, redirect
86 |         return "redirect:/users";
87 |     }
88 | 
89 | }
90 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/controller/UsersController.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.controller;
 2 | 
 3 | import com.hendisantika.example.service.user.UserService;
 4 | import org.slf4j.Logger;
 5 | import org.slf4j.LoggerFactory;
 6 | import org.springframework.beans.factory.annotation.Autowired;
 7 | import org.springframework.stereotype.Controller;
 8 | import org.springframework.web.bind.annotation.GetMapping;
 9 | import org.springframework.web.servlet.ModelAndView;
10 | 
11 | /**
12 |  * Created by IntelliJ IDEA.
13 |  * Project : spring-boot-security-example
14 |  * User: hendisantika
15 |  * Email: hendisantika@gmail.com
16 |  * Telegram : @hendisantika34
17 |  * Date: 9/29/17
18 |  * Time: 10:28 AM
19 |  * To change this template use File | Settings | File Templates.
20 |  */
21 | @Controller
22 | public class UsersController {
23 | 
24 |     private static final Logger LOGGER = LoggerFactory.getLogger(UsersController.class);
25 |     private final UserService userService;
26 | 
27 |     @Autowired
28 |     public UsersController(UserService userService) {
29 |         this.userService = userService;
30 |     }
31 | 
32 |     @GetMapping("/users")
33 |     public ModelAndView getUsersPage() {
34 |         LOGGER.debug("Getting users page");
35 |         return new ModelAndView("users", "users", userService.getAllUsers());
36 |     }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/domain/CurrentUser.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.domain;
 2 | 
 3 | import org.springframework.security.core.authority.AuthorityUtils;
 4 | /**
 5 |  * Created by IntelliJ IDEA.
 6 |  * Project : spring-boot-security-example
 7 |  * User: hendisantika
 8 |  * Email: hendisantika@gmail.com
 9 |  * Telegram : @hendisantika34
10 |  * Date: 9/28/17
11 |  * Time: 5:58 AM
12 |  * To change this template use File | Settings | File Templates.
13 |  */
14 | public class CurrentUser extends org.springframework.security.core.userdetails.User {
15 | 
16 |     private User user;
17 | 
18 |     public CurrentUser(User user) {
19 |         super(user.getEmail(), user.getPasswordHash(), AuthorityUtils.createAuthorityList(user.getRole().toString()));
20 |         this.user = user;
21 |     }
22 | 
23 |     public User getUser() {
24 |         return user;
25 |     }
26 | 
27 |     public Long getId() {
28 |         return user.getId();
29 |     }
30 | 
31 |     public Role getRole() {
32 |         return user.getRole();
33 |     }
34 | 
35 |     @Override
36 |     public String toString() {
37 |         return "CurrentUser{" +
38 |                 "user=" + user +
39 |                 "} " + super.toString();
40 |     }
41 | }
42 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/domain/Role.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.domain;
 2 | 
 3 | /**
 4 |  * Created by IntelliJ IDEA.
 5 |  * Project : spring-boot-security-example
 6 |  * User: hendisantika
 7 |  * Email: hendisantika@gmail.com
 8 |  * Telegram : @hendisantika34
 9 |  * Date: 9/28/17
10 |  * Time: 7:01 AM
11 |  * To change this template use File | Settings | File Templates.
12 |  */
13 | 
14 | public enum Role {
15 | 
16 |     USER, ADMIN
17 | 
18 | }
19 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/domain/User.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.domain;
 2 | 
 3 | import javax.persistence.*;
 4 | /**
 5 |  * Created by IntelliJ IDEA.
 6 |  * Project : spring-boot-security-example
 7 |  * User: hendisantika
 8 |  * Email: hendisantika@gmail.com
 9 |  * Telegram : @hendisantika34
10 |  * Date: 9/28/17
11 |  * Time: 7:10 AM
12 |  * To change this template use File | Settings | File Templates.
13 |  */
14 | 
15 | @Entity
16 | @Table(name = "user")
17 | public class User {
18 | 
19 |     @Id
20 |     @GeneratedValue(strategy = GenerationType.IDENTITY)
21 |     @Column(name = "id", nullable = false, updatable = false)
22 |     private Long id;
23 | 
24 |     @Column(name = "email", nullable = false, unique = true)
25 |     private String email;
26 | 
27 |     @Column(name = "password_hash", nullable = false)
28 |     private String passwordHash;
29 | 
30 |     @Column(name = "role", nullable = false)
31 |     @Enumerated(EnumType.STRING)
32 |     private Role role;
33 | 
34 |     public Long getId() {
35 |         return id;
36 |     }
37 | 
38 |     public String getEmail() {
39 |         return email;
40 |     }
41 | 
42 |     public void setEmail(String email) {
43 |         this.email = email;
44 |     }
45 | 
46 |     public String getPasswordHash() {
47 |         return passwordHash;
48 |     }
49 | 
50 |     public void setPasswordHash(String passwordHash) {
51 |         this.passwordHash = passwordHash;
52 |     }
53 | 
54 |     public Role getRole() {
55 |         return role;
56 |     }
57 | 
58 |     public void setRole(Role role) {
59 |         this.role = role;
60 |     }
61 | 
62 |     @Override
63 |     public String toString() {
64 |         return "User{" +
65 |                 "id=" + id +
66 |                 ", email='" + email.replaceFirst("@.*", "@***") +
67 |                 ", passwordHash='" + passwordHash.substring(0, 10) +
68 |                 ", role=" + role +
69 |                 '}';
70 |     }
71 | }
72 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/domain/UserCreateForm.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.domain;
 2 | 
 3 | import javax.validation.constraints.NotEmpty;
 4 | import javax.validation.constraints.NotNull;
 5 | 
 6 | /**
 7 |  * Created by IntelliJ IDEA.
 8 |  * Project : spring-boot-security-example
 9 |  * User: hendisantika
10 |  * Email: hendisantika@gmail.com
11 |  * Telegram : @hendisantika34
12 |  * Date: 9/28/17
13 |  * Time: 7:21 AM
14 |  * To change this template use File | Settings | File Templates.
15 |  */
16 | 
17 | public class UserCreateForm {
18 | 
19 |     @NotEmpty
20 |     private String email = "";
21 | 
22 |     @NotEmpty
23 |     private String password = "";
24 | 
25 |     @NotEmpty
26 |     private String passwordRepeated = "";
27 | 
28 |     @NotNull
29 |     private Role role = Role.USER;
30 | 
31 |     public String getEmail() {
32 |         return email;
33 |     }
34 | 
35 |     public void setEmail(String email) {
36 |         this.email = email;
37 |     }
38 | 
39 |     public String getPassword() {
40 |         return password;
41 |     }
42 | 
43 |     public void setPassword(String password) {
44 |         this.password = password;
45 |     }
46 | 
47 |     public String getPasswordRepeated() {
48 |         return passwordRepeated;
49 |     }
50 | 
51 |     public void setPasswordRepeated(String passwordRepeated) {
52 |         this.passwordRepeated = passwordRepeated;
53 |     }
54 | 
55 |     public Role getRole() {
56 |         return role;
57 |     }
58 | 
59 |     public void setRole(Role role) {
60 |         this.role = role;
61 |     }
62 | 
63 |     @Override
64 |     public String toString() {
65 |         return "UserCreateForm{" +
66 |                 "email='" + email.replaceFirst("@.+", "@***") + '\'' +
67 |                 ", password=***" + '\'' +
68 |                 ", passwordRepeated=***" + '\'' +
69 |                 ", role=" + role +
70 |                 '}';
71 |     }
72 | 
73 | }
74 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/domain/validator/UserCreateFormValidator.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.domain.validator;
 2 | 
 3 | import com.hendisantika.example.domain.UserCreateForm;
 4 | import com.hendisantika.example.service.user.UserService;
 5 | import org.slf4j.Logger;
 6 | import org.slf4j.LoggerFactory;
 7 | import org.springframework.beans.factory.annotation.Autowired;
 8 | import org.springframework.stereotype.Component;
 9 | import org.springframework.validation.Errors;
10 | import org.springframework.validation.Validator;
11 | /**
12 |  * Created by IntelliJ IDEA.
13 |  * Project : spring-boot-security-example
14 |  * User: hendisantika
15 |  * Email: hendisantika@gmail.com
16 |  * Telegram : @hendisantika34
17 |  * Date: 9/29/17
18 |  * Time: 9:51 AM
19 |  * To change this template use File | Settings | File Templates.
20 |  */
21 | @Component
22 | public class UserCreateFormValidator implements Validator {
23 | 
24 |     private static final Logger LOGGER = LoggerFactory.getLogger(UserCreateFormValidator.class);
25 |     private final UserService userService;
26 | 
27 |     @Autowired
28 |     public UserCreateFormValidator(UserService userService) {
29 |         this.userService = userService;
30 |     }
31 | 
32 |     @Override
33 |     public boolean supports(Class<?> clazz) {
34 |         return clazz.equals(UserCreateForm.class);
35 |     }
36 | 
37 |     @Override
38 |     public void validate(Object target, Errors errors) {
39 |         LOGGER.debug("Validating {}", target);
40 |         UserCreateForm form = (UserCreateForm) target;
41 |         validatePasswords(errors, form);
42 |         validateEmail(errors, form);
43 |     }
44 | 
45 |     private void validatePasswords(Errors errors, UserCreateForm form) {
46 |         if (!form.getPassword().equals(form.getPasswordRepeated())) {
47 |             errors.reject("password.no_match", "Passwords do not match");
48 |         }
49 |     }
50 | 
51 |     private void validateEmail(Errors errors, UserCreateForm form) {
52 |         if (userService.getUserByEmail(form.getEmail()).isPresent()) {
53 |             errors.reject("email.exists", "User with this email already exists");
54 |         }
55 |     }
56 | }
57 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/repository/UserRepository.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.repository;
 2 | 
 3 | import com.hendisantika.example.domain.User;
 4 | import org.springframework.data.jpa.repository.JpaRepository;
 5 | 
 6 | import java.util.Optional;
 7 | /**
 8 |  * Created by IntelliJ IDEA.
 9 |  * Project : spring-boot-security-example
10 |  * User: hendisantika
11 |  * Email: hendisantika@gmail.com
12 |  * Telegram : @hendisantika34
13 |  * Date: 9/28/17
14 |  * Time: 7:31 AM
15 |  * To change this template use File | Settings | File Templates.
16 |  */
17 | public interface UserRepository extends JpaRepository<User, Long> {
18 | 
19 |     Optional<User> findOneByEmail(String email);
20 | }
21 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/service/currentuser/CurrentUserDetailsService.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.service.currentuser;
 2 | 
 3 | import com.hendisantika.example.domain.CurrentUser;
 4 | import com.hendisantika.example.domain.User;
 5 | import com.hendisantika.example.service.user.UserService;
 6 | import org.slf4j.Logger;
 7 | import org.slf4j.LoggerFactory;
 8 | import org.springframework.beans.factory.annotation.Autowired;
 9 | import org.springframework.security.core.userdetails.UserDetailsService;
10 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
11 | import org.springframework.stereotype.Service;
12 | /**
13 |  * Created by IntelliJ IDEA.
14 |  * Project : spring-boot-security-example
15 |  * User: hendisantika
16 |  * Email: hendisantika@gmail.com
17 |  * Telegram : @hendisantika34
18 |  * Date: 9/29/17
19 |  * Time: 7:21 AM
20 |  * To change this template use File | Settings | File Templates.
21 |  */
22 | 
23 | @Service
24 | public class CurrentUserDetailsService implements UserDetailsService {
25 | 
26 |     private static final Logger LOGGER = LoggerFactory.getLogger(CurrentUserDetailsService.class);
27 |     private final UserService userService;
28 | 
29 |     @Autowired
30 |     public CurrentUserDetailsService(UserService userService) {
31 |         this.userService = userService;
32 |     }
33 | 
34 |     @Override
35 |     public CurrentUser loadUserByUsername(String email) throws UsernameNotFoundException {
36 |         LOGGER.debug("Authenticating user with email={}", email.replaceFirst("@.*", "@***"));
37 |         User user = userService.getUserByEmail(email)
38 |                 .orElseThrow(() -> new UsernameNotFoundException(String.format("User with email=%s was not found", email)));
39 |         return new CurrentUser(user);
40 |     }
41 | 
42 | }
43 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/service/currentuser/CurrentUserService.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.service.currentuser;
 2 | 
 3 | import com.hendisantika.example.domain.CurrentUser;
 4 | /**
 5 |  * Created by IntelliJ IDEA.
 6 |  * Project : spring-boot-security-example
 7 |  * User: hendisantika
 8 |  * Email: hendisantika@gmail.com
 9 |  * Telegram : @hendisantika34
10 |  * Date: 9/29/17
11 |  * Time: 7:31 AM
12 |  * To change this template use File | Settings | File Templates.
13 |  */
14 | public interface CurrentUserService {
15 | 
16 |     boolean canAccessUser(CurrentUser currentUser, Long userId);
17 | 
18 | }
19 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/service/currentuser/CurrentUserServiceImpl.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.service.currentuser;
 2 | 
 3 | import com.hendisantika.example.domain.CurrentUser;
 4 | import com.hendisantika.example.domain.Role;
 5 | import org.slf4j.Logger;
 6 | import org.slf4j.LoggerFactory;
 7 | import org.springframework.stereotype.Service;
 8 | /**
 9 |  * Created by IntelliJ IDEA.
10 |  * Project : spring-boot-security-example
11 |  * User: hendisantika
12 |  * Email: hendisantika@gmail.com
13 |  * Telegram : @hendisantika34
14 |  * Date: 9/29/17
15 |  * Time: 7:41 AM
16 |  * To change this template use File | Settings | File Templates.
17 |  */
18 | @Service
19 | public class CurrentUserServiceImpl implements CurrentUserService {
20 | 
21 |     private static final Logger LOGGER = LoggerFactory.getLogger(CurrentUserDetailsService.class);
22 | 
23 |     @Override
24 |     public boolean canAccessUser(CurrentUser currentUser, Long userId) {
25 |         LOGGER.debug("Checking if user={} has access to user={}", currentUser, userId);
26 |         return currentUser != null
27 |                 && (currentUser.getRole() == Role.ADMIN || currentUser.getId().equals(userId));
28 |     }
29 | 
30 | }
31 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/service/user/UserService.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.service.user;
 2 | 
 3 | import com.hendisantika.example.domain.User;
 4 | import com.hendisantika.example.domain.UserCreateForm;
 5 | 
 6 | import java.util.Collection;
 7 | import java.util.Optional;
 8 | /**
 9 |  * Created by IntelliJ IDEA.
10 |  * Project : spring-boot-security-example
11 |  * User: hendisantika
12 |  * Email: hendisantika@gmail.com
13 |  * Telegram : @hendisantika34
14 |  * Date: 9/29/17
15 |  * Time: 7:51 AM
16 |  * To change this template use File | Settings | File Templates.
17 |  */
18 | 
19 | public interface UserService {
20 | 
21 |     Optional<User> getUserById(long id);
22 | 
23 |     Optional<User> getUserByEmail(String email);
24 | 
25 |     Collection<User> getAllUsers();
26 | 
27 |     User create(UserCreateForm form);
28 | 
29 | }
30 | 


--------------------------------------------------------------------------------
/src/main/java/com/hendisantika/example/service/user/UserServiceImpl.java:
--------------------------------------------------------------------------------
 1 | package com.hendisantika.example.service.user;
 2 | 
 3 | import com.hendisantika.example.domain.User;
 4 | import com.hendisantika.example.domain.UserCreateForm;
 5 | import com.hendisantika.example.repository.UserRepository;
 6 | import org.slf4j.Logger;
 7 | import org.slf4j.LoggerFactory;
 8 | import org.springframework.beans.factory.annotation.Autowired;
 9 | import org.springframework.data.domain.Sort;
10 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
11 | import org.springframework.stereotype.Service;
12 | 
13 | import java.util.Collection;
14 | import java.util.Optional;
15 | /**
16 |  * Created by IntelliJ IDEA.
17 |  * Project : spring-boot-security-example
18 |  * User: hendisantika
19 |  * Email: hendisantika@gmail.com
20 |  * Telegram : @hendisantika34
21 |  * Date: 9/29/17
22 |  * Time: 7:51 AM
23 |  * To change this template use File | Settings | File Templates.
24 |  */
25 | @Service
26 | public class UserServiceImpl implements UserService {
27 | 
28 |     private static final Logger LOGGER = LoggerFactory.getLogger(UserServiceImpl.class);
29 |     private final UserRepository userRepository;
30 | 
31 |     @Autowired
32 |     public UserServiceImpl(UserRepository userRepository) {
33 |         this.userRepository = userRepository;
34 |     }
35 | 
36 |     @Override
37 |     public Optional<User> getUserById(long id) {
38 |         LOGGER.debug("Getting user={}", id);
39 |         return Optional.ofNullable(userRepository.findById(id).get());
40 |     }
41 | 
42 |     @Override
43 |     public Optional<User> getUserByEmail(String email) {
44 |         LOGGER.debug("Getting user by email={}", email.replaceFirst("@.*", "@***"));
45 |         return userRepository.findOneByEmail(email);
46 |     }
47 | 
48 |     @Override
49 |     public Collection<User> getAllUsers() {
50 |         LOGGER.debug("Getting all users");
51 |         return userRepository.findAll(Sort.by("email"));
52 |     }
53 | 
54 |     @Override
55 |     public User create(UserCreateForm form) {
56 |         User user = new User();
57 |         user.setEmail(form.getEmail());
58 |         user.setPasswordHash(new BCryptPasswordEncoder().encode(form.getPassword()));
59 |         user.setRole(form.getRole());
60 |         return userRepository.save(user);
61 |     }
62 | 
63 | }
64 | 


--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
 1 | # suppress inspection "UnusedProperty" for whole file
 2 | # the application itself
 3 | server.port=8080
 4 | spring.datasource.platform=h2
 5 | spring.datasource.url=jdbc:h2:mem:test;DB_CLOSE_ON_EXIT=FALSE
 6 | spring.datasource.username=sasuke
 7 | spring.datasource.password=sasuke
 8 | spring.datasource.driver-class-name=org.h2.Driver
 9 | ## Hibernate configuration
10 | spring.jpa.database=H2
11 | spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
12 | spring.jpa.hibernate.ddl-auto=create-drop
13 | spring.jpa.hibernate.naming-strategy=org.hibernate.cfg.ImprovedNamingStrategy
14 | spring.jpa.show-sql=true
15 | logging.level.org.springframework=WARN
16 | logging.level.org.hibernate=WARN
17 | logging.level.com.hendisantika=DEBUG
18 | spring.freemarker.template-loader-path=classpath:/templates/
19 | spring.freemarker.suffix=.ftlh
20 | spring.freemarker.expose-request-attributes=true
21 | spring.freemarker.expose-spring-macro-helpers=true


--------------------------------------------------------------------------------
/src/main/resources/data.sql:
--------------------------------------------------------------------------------
1 | INSERT INTO user (email, password_hash, role)
2 | VALUES ('demo@localhost', '$2a$10$ebyC4Z5WtCXXc.HGDc1Yoe6CLFzcntFmfse6/pTj7CeDY5I05w16C', 'ADMIN');


--------------------------------------------------------------------------------
/src/main/resources/templates/home.ftlh:
--------------------------------------------------------------------------------
 1 | <#-- @ftlvariable name="_csrf" type="org.springframework.security.web.csrf.CsrfToken" -->
 2 | <#-- @ftlvariable name="currentUser" type="com.hendisantika.example.domain.CurrentUser" -->
 3 | <!DOCTYPE html>
 4 | <html lang="en">
 5 | <head>
 6 |     <meta charset="utf-8">
 7 |     <title>Home page</title>
 8 | </head>
 9 | <body>
10 | <nav role="navigation">
11 |     <ul>
12 |     <#if !currentUser??>
13 |         <li><a href="/login">Log in</a></li>
14 |     </#if>
15 |     <#if currentUser??>
16 |         <li>
17 |             <form action="/logout" method="post">
18 |                 <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
19 |                 <button type="submit">Log out</button>
20 |             </form>
21 |         </li>
22 |         <li><a href="/user/${currentUser.id}">View myself</a></li>
23 |     </#if>
24 |     <#if currentUser?? && currentUser.role == "ADMIN">
25 |         <li><a href="/user/create">Create a new user</a></li>
26 |         <li><a href="/users">View all users</a></li>
27 |     </#if>
28 |     </ul>
29 | </nav>
30 | </body>
31 | </html>


--------------------------------------------------------------------------------
/src/main/resources/templates/login.ftlh:
--------------------------------------------------------------------------------
 1 | <#-- @ftlvariable name="_csrf" type="org.springframework.security.web.csrf.CsrfToken" -->
 2 | <#-- @ftlvariable name="error" type="java.util.Optional<String>" -->
 3 | <!DOCTYPE html>
 4 | <html lang="en">
 5 | <head>
 6 |     <meta charset="utf-8">
 7 |     <title>Log in</title>
 8 | </head>
 9 | <body>
10 | <nav role="navigation">
11 |     <ul>
12 |         <li><a href="/">Home</a></li>
13 |     </ul>
14 | </nav>
15 | 
16 | <h1>Log in</h1>
17 | 
18 | <p>You can use: demo@localhost / demo</p>
19 | 
20 | <form role="form" action="/login" method="post">
21 |     <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
22 | 
23 |     <div>
24 |         <label for="email">Email address</label>
25 |         <input type="email" name="email" id="email" required autofocus/>
26 |     </div>
27 |     <div>
28 |         <label for="password">Password</label>
29 |         <input type="password" name="password" id="password" required/>
30 |     </div>
31 |     <div>
32 |         <label for="remember-me">Remember me</label>
33 |         <input type="checkbox" name="remember-me" id="remember-me"/>
34 |     </div>
35 |     <button type="submit">Sign in</button>
36 | </form>
37 | 
38 | <#if error.isPresent()>
39 | <p>The email or password you have entered is invalid, try again.</p>
40 | </#if>
41 | </body>
42 | </html>


--------------------------------------------------------------------------------
/src/main/resources/templates/user.ftlh:
--------------------------------------------------------------------------------
 1 | <#-- @ftlvariable name="user" type="com.hendisantika.example.domain.User" -->
 2 | <!DOCTYPE html>
 3 | <html lang="en">
 4 | <head>
 5 |     <meta charset="utf-8">
 6 |     <title>User details</title>
 7 | </head>
 8 | <body>
 9 | <nav role="navigation">
10 |     <ul>
11 |         <li><a href="/">Home</a></li>
12 |     </ul>
13 | </nav>
14 | 
15 | <h1>User details</h1>
16 | 
17 | <p>E-mail: ${user.email}</p>
18 | 
19 | <p>Role: ${user.role}</p>
20 | </body>
21 | </html>


--------------------------------------------------------------------------------
/src/main/resources/templates/user_create.ftlh:
--------------------------------------------------------------------------------
 1 | <#-- @ftlvariable name="_csrf" type="org.springframework.security.web.csrf.CsrfToken" -->
 2 | <#-- @ftlvariable name="form" type="com.hendisantika.example.domain.UserCreateForm" -->
 3 | <#import "/spring.ftl" as spring>
 4 | <!DOCTYPE html>
 5 | <html lang="en">
 6 | <head>
 7 |     <meta charset="utf-8">
 8 |     <title>Create a new user</title>
 9 | </head>
10 | <body>
11 | <nav role="navigation">
12 |     <ul>
13 |         <li><a href="/">Home</a></li>
14 |     </ul>
15 | </nav>
16 | 
17 | <h1>Create a new user</h1>
18 | 
19 | <form role="form" name="form" action="" method="post">
20 |     <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
21 | 
22 |     <div>
23 |         <label for="email">Email address</label>
24 |         <input type="email" name="email" id="email" value="${form.email}" required autofocus/>
25 |     </div>
26 |     <div>
27 |         <label for="password">Password</label>
28 |         <input type="password" name="password" id="password" required/>
29 |     </div>
30 |     <div>
31 |         <label for="passwordRepeated">Repeat</label>
32 |         <input type="password" name="passwordRepeated" id="passwordRepeated" required/>
33 |     </div>
34 |     <div>
35 |         <label for="role">Role</label>
36 |         <select name="role" id="role" required>
37 |             <option <#if form.role == 'USER'>selected</#if>>USER</option>
38 |             <option <#if form.role == 'ADMIN'>selected</#if>>ADMIN</option>
39 |         </select>
40 |     </div>
41 |     <button type="submit">Save</button>
42 | </form>
43 | 
44 | <@spring.bind "form" />
45 | <#if spring.status.error>
46 | <ul>
47 |     <#list spring.status.errorMessages as error>
48 |         <li>${error}</li>
49 |     </#list>
50 | </ul>
51 | </#if>
52 | 
53 | </body>
54 | </html>


--------------------------------------------------------------------------------
/src/main/resources/templates/users.ftlh:
--------------------------------------------------------------------------------
 1 | <#-- @ftlvariable name="users" type="java.util.List<com.hendisantika.example.domain.User>" -->
 2 | <!DOCTYPE html>
 3 | <html lang="en">
 4 | <head>
 5 |     <meta charset="utf-8">
 6 |     <title>List of Users</title>
 7 | </head>
 8 | <body>
 9 | <nav role="navigation">
10 |     <ul>
11 |         <li><a href="/">Home</a></li>
12 |         <li><a href="/user/create">Create a new user</a></li>
13 |     </ul>
14 | </nav>
15 | 
16 | <h1>List of Users</h1>
17 | 
18 | <table>
19 |     <thead>
20 |     <tr>
21 |         <th>E-mail</th>
22 |         <th>Role</th>
23 |     </tr>
24 |     </thead>
25 |     <tbody>
26 |     <#list users as user>
27 |     <tr>
28 |         <td><a href="/user/${user.id}">${user.email}</a></td>
29 |         <td>${user.role}</td>
30 |     </tr>
31 |     </#list>
32 |     </tbody>
33 | </table>
34 | </body>
35 | </html>


--------------------------------------------------------------------------------