How to login with @RestController and send the object to angularjs

Question

I have some trouble figuring out how to create a login form in angularjs using springboot.

I can register a user and send the data to the database but the problems begin when i want to login.

in angularjs i have a function like this

  function Login(username, password, callback) {


        $http.post('/api/authenticate', { username: username, password: password })
           .success(function (response) {
              callback(response);
           });

    }

What i managed to do but probably is't right:

@RequestMapping(value = "/authenticate/{id}",method = RequestMethod.GET)
public  User getUser(@PathVariable Integer id) {

    return repo.findOne(id);
}

This gives me following json

{"id":2,"username":"jdoe","password":"$2a$10$5hgIyQr.K9wb8cXEyWGbROAU.rkYzd19vP7ajHpwp1KUYdShfcPn.","lastname":"doe","firstname":"john","customfield":"Hello there"}

But now i have following problems and questions :

How can i check if the username and password is equal to the username and password of json by going to api/authenticate ? (without {id})

can i hide this json from the users ?

Is this safe ?

how will angular now all the users propertys ? (i suggest i can retrieve this from the json)

any pro tips on how to solve this?

Do consider using spring security, that will be a wise choice. Else sent the username/password to the Controller validate and return the UserId and authstatus in response and manage it in session , Here you have to handle everything yourself including Logoit, Authorization etc. — M4ver1k, Sep 22 '15 at 09:30
I know how i can create a custom login with jsp with spring security. But how do i manage this with angularjs. ? This would indeed be a perfect solution. But how should i start on this. ? — Greg, Sep 22 '15 at 09:38
Have a look at [this](https://spring.io/guides/tutorials/spring-security-and-angular-js/) . — M4ver1k, Sep 22 '15 at 09:41

score 1 · Accepted Answer · edited May 23 '17 at 11:52

1

From AngularJS you are calling HTTP POST method and at Spring side you have declared as HTTP GET, which is wrong.

Correct request mapping is

 @RequestMapping(value = "/api/authenticate",method = RequestMethod.POST, consumes = "application/json")
 @ResponseBody
 public User getUser(@RequestBody User user) {
 //here request body contains User POJO object's payload (JSON object)

   //You are getting username from JSON, 
   //so you need to update your call to findOne method
   return repo.findOne(user.getUserName());
}

Please refer

edited May 23 '17 at 11:52

Community

1
1

answered Sep 22 '15 at 09:33

Aniket Kulkarni

12,825
9
67
90

I will look first at what @M4ver1k said and look into Spring Security and Angular JS first. But mark your question as solve because this was a solution to this problem. Thanks for the information. – Greg Sep 22 '15 at 09:45

How to login with @RestController and send the object to angularjs

1 Answers1