Add 'Remember Me' feature and corresponding tests

Author: tsviz

build_and_run_app.sh

@@ -19,9 +19,9 @@ cleanup() {
 }
 
 # Trap the EXIT signal to perform cleanup
-trap cleanup EXIT
+# trap cleanup EXIT
 
 set -e # Exit immediately if a command exits with a non-zero status.
 mvn clean package -Dmaven.test.skip=true
-docker run -d -p 6379:6379 --name redis_container redis
+docker run -d -p 6379:6379 --name redis_container redis | exit 0
 java $SEARCH_FEATURE -jar target/salesmanager-*-SNAPSHOT.jar --spring.redis.host=localhost --spring.redis.port=6379 --spring.redis.mode=standalone --server.port=8086 --spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect

src/main/java/net/codejava/AppController.java

@@ -49,6 +49,7 @@
 import java.time.format.DateTimeFormatter;
 import java.time.LocalDateTime;
 import java.time.ZoneId;
+import javax.servlet.http.Cookie;
 
 @EnableJpaRepositories(basePackages = "net.codejava")
 @Controller
@@ -165,21 +166,27 @@ public String loginGet(Model model) {
 	}
 
 	@RequestMapping(value = "/login", method = RequestMethod.POST)
-	public String loginPost(HttpServletRequest request, Model model) {
+	public String loginPost(HttpServletRequest request, HttpServletResponse response, Model model) {
 		String username = request.getParameter("username");
 		String password = request.getParameter("password");
+		boolean rememberMe = "on".equals(request.getParameter("rememberMe"));
 
-		// Authenticate the user
 		Authentication auth = new UsernamePasswordAuthenticationToken(username, password);
 		try {
 			auth = authenticationManager.authenticate(auth);
 			SecurityContextHolder.getContext().setAuthentication(auth);
+
+			if (rememberMe) {
+				Cookie rememberMeCookie = new Cookie("rememberMe", "true");
+				rememberMeCookie.setMaxAge(7 * 24 * 60 * 60); // 7 days
+				rememberMeCookie.setHttpOnly(true);
+				response.addCookie(rememberMeCookie);
+			}
 		} catch (BadCredentialsException e) {
 			model.addAttribute("error", "Invalid username or password.");
 			return "login";
 		}
 
-		// User is authenticated, redirect to landing page
 		return "redirect:/";
 	}
 

src/main/java/net/codejava/SalesDAO.java

@@ -30,6 +30,11 @@ public List<Sale> list(int limit, int offset) {
 		return listSale;
 	}
 
+	public List<Sale> listAll() {
+		String sql = "SELECT * FROM sales ORDER BY serial_number ASC";
+		return jdbcTemplate.query(sql, new BeanPropertyRowMapper<>(Sale.class));
+	}
+
 	public void save(Sale sale) throws DuplicateKeyException {
 		try {
 			System.out.println(sale); // log the Sale object

src/main/java/net/codejava/SecurityConfig.java

@@ -44,7 +44,11 @@ protected void configure(HttpSecurity http) throws Exception {
             .logout()
                 .logoutUrl("/logout") // This is the URL to send the user to once they have logged out
                 .invalidateHttpSession(true)
-                .permitAll();
+                .permitAll()
+                .and()
+            .rememberMe()
+                .key("uniqueAndSecret")
+                .tokenValiditySeconds(7 * 24 * 60 * 60); // 7 days
     }
 
     @Bean

src/test/java/net/codejava/AppControllerTest.java

@@ -0,0 +1,48 @@
+package net.codejava;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
+
+import javax.servlet.http.Cookie;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+@SpringBootTest
+public class AppControllerTest {
+
+    @Autowired
+    private AppController appController;
+
+    @Autowired
+    private PersistentTokenBasedRememberMeServices rememberMeServices;
+
+    @Test
+    public void testRememberMeFunctionality() throws Exception {
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        MockHttpServletResponse response = new MockHttpServletResponse();
+
+        // Simulate login request with 'Remember Me' checked
+        request.setParameter("username", "testuser");
+        request.setParameter("password", "testpassword");
+        request.setParameter("rememberMe", "on");
+
+        String view = appController.loginPost(request, response, null);
+
+        // Assert that the user is redirected to the home page
+        assertEquals("redirect:/", view);
+
+        // Assert that the 'Remember Me' cookie is set
+        Cookie rememberMeCookie = response.getCookie("rememberMe");
+        assertNotNull(rememberMeCookie);
+        assertEquals("true", rememberMeCookie.getValue());
+        assertTrue(rememberMeCookie.getMaxAge() > 0);
+
+        // Assert that the security context is populated
+        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
+    }
+}