bfwg / angular-spring-starter Goto Github PK

http://localhost:4200/auth/refresh 404 (Not Found)

Summary

The unit tests are broken in the frontend app folder.
If you run npm run test in the frontend folder, you can see the errors.

Requirement

Resolve all unit test errors.

Hi,
i'm new to nginx, could you please give out the nginx conf for windows? your given one seems for linux. Thanks.

您好，我在PublicController中新增了一个方法如下：

@PostMapping("/hello")
public ResponseEntity<Map<String, String>> a() {
    Map<String, String> result = new HashMap<>();
    result.put("result", "success");
    return ResponseEntity.accepted().body(result);
}

即使用admin登录后去发post请求到"/api/hello"会得到“401 unauthorized”，我把WebSecurityConfig中的exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint)注释掉后再次请求发现请求的地址是“api/login”，并得到404，现在不知道怎么解决，小白虚心求教，希望您能解答。

Hi, i just create a method with @PostMapping annotated in PublicController like this:

@PostMapping("/hello")
public ResponseEntity<Map<String, String>> a() {
    Map<String, String> result = new HashMap<>();
    result.put("result", "success");
    return ResponseEntity.accepted().body(result);
}

and i got 401 unauthorized even when i logged as admin and send post request to "/api/hello". i comment exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint) in WebSecurityConfig and request again, i got "404, path: 'api/login' " i am new to spring security, it will be glad that you can help.

Just checkout the master code, and realize MockUserService is not under app/shared/mocks. Is it deleted?

When will you update spring boot to version 2.1.0?
Will this code work correctly with version 2.1.0?

when I clone this repository,It is so slowly.
I found his .git directory very large,As shown in the picture below

use this command can list large file
git rev-list --objects --all | grep "$(git verify-pack -v .git/objects/pack/*.idx | sort -k 3 -n | tail -5 | awk '{print$1}')"

so I refer to github's official advice https://help.github.com/articles/removing-sensitive-data-from-a-repository/ clean this repository.

finish

But I don't know how to push it to the main branch,It looks like this pull request is invalid.

Therefore, it is recommended that you clean up the wrong submission if you can

2018-01-25 11:26:02.015 INFO 13064 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/css/'], Ant [pattern='/js/'], Ant [pattern='/images/'], Ant [pattern='/webjars/'], Ant [pattern='/**/favicon.ico'], Ant [pattern='/error']]], []
2018-01-25 11:26:02.171 INFO 13064 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1d8ba08, org.springframework.security.web.context.SecurityContextPersistenceFilter@b927fb, org.springframework.security.web.header.HeaderWriterFilter@1a268de, org.springframework.security.web.csrf.CsrfFilter@14abbdc, org.springframework.security.web.authentication.logout.LogoutFilter@6379eb, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1763516, com.bfwg.security.auth.TokenAuthenticationFilter@7ed8b1, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@1b61f4a, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@19a4292, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@5b4bdc, org.springframework.security.web.session.SessionManagementFilter@66af20, org.springframework.security.web.access.ExceptionTranslationFilter@156695f, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@1239d7d]
2018-01-25 11:26:02.183 INFO 13064 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$ApplicationNoWebSecurityConfigurerAdapter$1@18190fc, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1e2c065, org.springframework.security.web.context.SecurityContextPersistenceFilter@d1ad2e, org.springframework.security.web.header.HeaderWriterFilter@158b42f, org.springframework.security.web.csrf.CsrfFilter@5eefef, org.springframework.security.web.authentication.logout.LogoutFilter@c6f217, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@17275fc, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@19f45b1, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@93b025, org.springframework.security.web.session.SessionManagementFilter@15b007d, org.springframework.security.web.access.ExceptionTranslationFilter@293aa2]

Currently there are no handler for a random path.
For example if you go to http://localhost:4201/asd, this error will show up.

Implement a fallback handler for no path match event, possibly a 404 page.

Hi, and thanks for you project ! It's a good base for beginners.

I have a question: Is it possible to have an example with POST method ?
Because I try to use a POST request, but I have a 403 error "Invalid CSRF Token '9d9f[...]9c0' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'.", and I don't know what can I do to solve this issue.
In your code, you declare a string variable "csrfToken" (file : api.service.ts) you don't use. Is it normal ?

Thanks !

Summary

The functionality introduced in #20 is leading a issue where the password can only change once in the production server. Later visitor has no idea what the current password is.

Requirement

Add a way to display the password for both users in the login page.

Hi there, this one should be enhancement. Currently I try to make an admin page, and only allow admin to view this page. But I don't know how can I make the change on service code to check does the current login user is admin or not. Can you help me on this one?

I try to use ng build, no dist folder created

If I try to using ng build --prod --bh /dist, I got following error

Tests for:

• AuthenticationController
• FooController
• UserController

Let said one of my API address is http://localhost:8080/api/search?city=Toronto, then in the front end code I use following:

        const body=`city=${city}`;
       return this.apiService.get(this.configService.search_url, body);
}

But I got bad request, and I debug the serialize code and I realize it becomes this

Moreover, the link become

Which is incorrect. The correct link should be http://localhost:4200/api/search?city=Toronto

Hi, there's a typo in:
frontend/src/app/signup/signup.component.ts
Where is:
import { Subject } from 'rxjs/SUbject';
Should be:
import { Subject } from 'rxjs/Subject';

I want to know why we need following field in user and authority table
created_at, updated_at, and deleted_at

Since I didn't see any data that come into those fields...

Hi,

Can we make our API such that they can be accessed via any front end. This project is integrated that is front end and back end. I want to make both different so that mobile also able to pull the APIs and we different users can work on front end and back end.

Moreover in future we can change front end if we want to.
It is also cookie based. Can we make is purely JWT based so that we can use on mobile as well

Thanks,
Vinod

Always get this
Version of @angular/compiler-cli needs to be 2.3.1 or greater. Current version is "5.0.2".
Error: Version of @angular/compiler-cli needs to be 2.3.1 or greater. Current version is "5.0.2".
at Object. (/Users/avenuezhang/ngproject/angular-spring-starter/frontend/node_modules/@ngtools/webpack/src/index.js:27:11)
at Module._compile (module.js:570:32)
at Object.Module._extensions..js (module.js:579:10)
at Module.load (module.js:487:32)
at tryModuleLoad (module.js:446:12)
at Function.Module._load (module.js:438:3)
at Module.require (module.js:497:17)
at require (internal/module.js:20:19)
at Object. (/Users/avenuezhang/ngproject/angular-spring-starter/frontend/node_modules/@angular/cli/tasks/eject.js:10:19)
at Module._compile (module.js:570:32)
at Object.Module._extensions..js (module.js:579:10)
at Module.load (module.js:487:32)
at tryModuleLoad (module.js:446:12)
at Function.Module._load (module.js:438:3)
at Module.require (module.js:497:17)
at require (internal/module.js:20:19)

npm ERR! Darwin 17.3.0
npm ERR! argv "/usr/local/bin/node" "/usr/local/bin/npm" "start"
npm ERR! node v6.9.5
npm ERR! npm v3.10.10
npm ERR! code ELIFECYCLE
npm ERR! [email protected] start: ng serve --proxy-config proxy.conf.json
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] start script 'ng serve --proxy-config proxy.conf.json'.
npm ERR! Make sure you have the latest version of node.js and npm installed.
npm ERR! If you do, this is most likely a problem with the angular-spring-starter-ui package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! ng serve --proxy-config proxy.conf.json
npm ERR! You can get information on how to open an issue for this project with:
npm ERR! npm bugs angular-spring-starter-ui
npm ERR! Or if that isn't available, you can get their info via:
npm ERR! npm owner ls angular-spring-starter-ui
npm ERR! There is likely additional logging output above.

npm ERR! Please include the following file with any support request:
npm ERR! /Users/avenuezhang/ngproject/angular-spring-starter/frontend/npm-debug.log

/api/login endpoint is not reachable when running the angular app in ng serve but ng start works.

Getting HTTP-404 on this endpoint http://localhost:4200/api/login

Hi, I have created a similar configuration of your app in an other one (Back and Front), after a successfully login, a service with POST method and @PreAuthorize("hasRole('SPECIFICUSER')") annotation is generating a 401 HTTP error.

Note that the SPECIFICUSER is the name of an authority, because I have 4 different authorities, and the consumer of the service that generate this problem is a user (Object implementing UserDetails interface) that has a list of authorities, one of them is an authority with name ROLE_SPECIFICUSER

Any ideas? Thank you !

Hi, this project is incredible.

Thanks so much for help the new developers off angular and spring boot with this starter kit.

Only one question, I don't locate in source code of frontend how to send the token jwt in header off all requests to api rest of backend.

I don't have found the word "Bearer" in angular code. I have not seen either how you save the token in first call to login for use it too late.

but it's works...😜

Can you explain me how do you send in angular the token to api rest?

thanks so much!

xavier.

This should be a feature, and I am half way on implementation.
I am thinking which one is better for following two:

• Once user sign up successfully, login user automatically
  Or
• once user sign up successfully, route the user to login page and let user to login manually

What is your suggestion?

This is weird behavior, and I don't know any idea why this issue occur.

In one of my laptop, after I login, and try to logout, I got following error message

Response {_body: "{"timestamp":1508432852549,"status":403,"error":"F…our session was not found.","path":"/api/logout"}", status: 403, ok: false, statusText: "Forbidden", headers: Headers, …}headers: Headers {_headers: Map(12), _normalizedNames: Map(12)}ok: falsestatus: 403statusText: "Forbidden"type: 2url: "http://localhost:4200/api/logout"_body: "{"timestamp":1508432852549,"status":403,"error":"Forbidden","message":"Could not verify the provided CSRF token because your session was not found.","path":"/api/logout"}"__proto__: Body
defaultErrorLogger @ core.es5.js:1020
webpackJsonp.../../../core/@angular/core.es5.js.ErrorHandler.handleError @ core.es5.js:1080
next @ core.es5.js:4562
schedulerFn @ core.es5.js:3635
webpackJsonp.../../../../rxjs/Subscriber.js.SafeSubscriber.__tryOrUnsub @ Subscriber.js:238
webpackJsonp.../../../../rxjs/Subscriber.js.SafeSubscriber.next @ Subscriber.js:185
webpackJsonp.../../../../rxjs/Subscriber.js.Subscriber._next @ Subscriber.js:125
webpackJsonp.../../../../rxjs/Subscriber.js.Subscriber.next @ Subscriber.js:89
webpackJsonp.../../../../rxjs/Subject.js.Subject.next @ Subject.js:55
webpackJsonp.../../../core/@angular/core.es5.js.EventEmitter.emit @ core.es5.js:3621
webpackJsonp.../../../core/@angular/core.es5.js.NgZone.triggerError @ core.es5.js:3993
onHandleError @ core.es5.js:3954
webpackJsonp.../../../../zone.js/dist/zone.js.ZoneDelegate.handleError @ zone.js:395
webpackJsonp.../../../../zone.js/dist/zone.js.Zone.runTask @ zone.js:194
ZoneTask.invoke @ zone.js:486
XMLHttpRequest.send (async)
scheduleTask @ zone.js:2263
webpackJsonp.../../../../zone.js/dist/zone.js.ZoneDelegate.scheduleTask @ zone.js:410
onScheduleTask @ zone.js:300
webpackJsonp.../../../../zone.js/dist/zone.js.ZoneDelegate.scheduleTask @ zone.js:404
webpackJsonp.../../../../zone.js/dist/zone.js.Zone.scheduleTask @ zone.js:235
webpackJsonp.../../../../zone.js/dist/zone.js.Zone.scheduleMacroTask @ zone.js:258
(anonymous) @ zone.js:2287
proto.(anonymous function) @ zone.js:1426
(anonymous) @ http.es5.js:1275
webpackJsonp.../../../../rxjs/Observable.js.Observable._trySubscribe @ Observable.js:171
webpackJsonp.../../../../rxjs/Observable.js.Observable.subscribe @ Observable.js:159
webpackJsonp.../../../../rxjs/operator/map.js.MapOperator.call @ map.js:54
webpackJsonp.../../../../rxjs/Observable.js.Observable.subscribe @ Observable.js:156
webpackJsonp.../../../../rxjs/operator/catch.js.CatchOperator.call @ catch.js:79
webpackJsonp.../../../../rxjs/Observable.js.Observable.subscribe @ Observable.js:156
webpackJsonp.../../../../rxjs/operator/map.js.MapOperator.call @ map.js:54
webpackJsonp.../../../../rxjs/Observable.js.Observable.subscribe @ Observable.js:156
webpackJsonp.../../../../../src/app/component/header/account-menu/account-menu.component.ts.AccountMenuComponent.logout @ account-menu.component.ts:31
(anonymous) @ AccountMenuComponent.html:2
handleEvent @ core.es5.js:12076
callWithDebugContext @ core.es5.js:13535
debugHandleEvent @ core.es5.js:13123
dispatchEvent @ core.es5.js:8688
(anonymous) @ core.es5.js:9299
(anonymous) @ platform-browser.es5.js:2668
webpackJsonp.../../../../zone.js/dist/zone.js.ZoneDelegate.invokeTask @ zone.js:424
onInvokeTask @ core.es5.js:3924
webpackJsonp.../../../../zone.js/dist/zone.js.ZoneDelegate.invokeTask @ zone.js:423
webpackJsonp.../../../../zone.js/dist/zone.js.Zone.runTask @ zone.js:191
ZoneTask.invoke @ zone.js:486

But on my other laptop it is working fine with same code... both front end console, and back end console didn't have any error display. Why this issue happen?

Hello fan.
How i hit this method in post men
https://github.com/bfwg/angular-spring-starter/blob/master/server/src/main/java/com/bfwg/rest/AuthenticationController.java#L65

When i hit postman button it show 403 error like below
{
"timestamp": 1508769665744,
"status": 403,
"error": "Forbidden",
"exception": "org.springframework.security.access.AccessDeniedException",
"message": "Access is denied",
"path": "/api/changePassword"
}

Summary

/api and /auth was removed in #20 , but later on discover that it will cause the demo app in the production server not working properly.

Requirement

Add /api and /auth route back and fix the production nginx config.

Hi, I am new to Angular and Spring boot applications, and actually I am studying your project which helped me in learning a lot of things about the two technologies, so first of all I want to say thank you.

I have created a new project that has almost the same configuration of yours, but I noticed that the AUTH-TOKEN is not stored automatically in my browser, so I have decided to use ngx-cookie-service in order to store it manually, this method solve my problem for now, but I need this token to be stored automatically.

Another thing is that when I try to build your app with ng-build, I can't find the dist folder generated.

I could not find any method in the rest controllers that has a /api/login mapping. Am I missing something ?
Nor the /api/logout mapping indeed.
@bfwg

Grate Work..... kindly add the PasswordEncoder I try to added but there are some issue/error show. may be due to the your default user name and passward store in the database.
I also try to PasswordEncoder in side the your test service from where you put the data to the database
but it still show the same error (PasswordEncoder Bean) and (Authentication size 0)