Update so there is an open landing page and a login page

- make / public
- add login on index.html
- add UserAttribute
- add hasRole to RemoteAuthentication
- update HomeController to give welcome instead of index if login.
- add welcome.html

src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt

@@ -40,5 +40,6 @@ class SecurityConfiguration {
         "/actuator/**",
         "/login",
         "/logout",
+        "/",
     )
 }

src/main/kotlin/ltd/hlaeja/controller/HomeController.kt

@@ -1,13 +1,24 @@
 package ltd.hlaeja.controller
 
+import ltd.hlaeja.security.RemoteUserDetail
+import org.springframework.security.core.context.ReactiveSecurityContextHolder
 import org.springframework.stereotype.Controller
 import org.springframework.ui.Model
 import org.springframework.web.bind.annotation.GetMapping
+import reactor.core.publisher.Mono
 
 @Controller
 class HomeController {
 
-    @Suppress("UnusedParameter", "FunctionOnlyReturningConstant")
     @GetMapping("/")
-    fun home(model: Model): String = "home/index"
+    fun home(model: Model): Mono<String> = ReactiveSecurityContextHolder.getContext()
+        .filter { it.authentication?.isAuthenticated == true }
+        .map {
+            (it.authentication.principal as RemoteUserDetail).let { user ->
+                model.addAttribute("id", user.id)
+                model.addAttribute("username", user.username)
+            }
+            "home/welcome"
+        }
+        .defaultIfEmpty("home/index")
 }

src/main/kotlin/ltd/hlaeja/controller/advice/UserAttribute.kt

@@ -0,0 +1,29 @@
+package ltd.hlaeja.controller.advice
+
+import java.util.UUID
+import kotlinx.coroutines.reactive.awaitFirstOrNull
+import ltd.hlaeja.security.RemoteAuthentication
+import ltd.hlaeja.security.RemoteUserDetail
+import org.springframework.security.core.context.ReactiveSecurityContextHolder
+import org.springframework.ui.Model
+import org.springframework.web.bind.annotation.ControllerAdvice
+import org.springframework.web.bind.annotation.ModelAttribute
+
+@ControllerAdvice
+class UserAttribute {
+
+    @ModelAttribute
+    suspend fun remoteUser(model: Model) {
+        val remoteAuthentication: RemoteAuthentication = ReactiveSecurityContextHolder.getContext()
+            .awaitFirstOrNull()
+            ?.let { it.authentication as RemoteAuthentication }
+            ?: RemoteAuthentication(
+                RemoteUserDetail(
+                    UUID.fromString("00000000-0000-0000-0000-000000000000"),
+                    "n/a",
+                ),
+                mutableListOf(),
+            )
+        model.addAttribute("remoteUser", remoteAuthentication)
+    }
+}

src/main/kotlin/ltd/hlaeja/security/RemoteAuthentication.kt

@@ -24,4 +24,13 @@ data class RemoteAuthentication(
     override fun setAuthenticated(isAuthenticated: Boolean) {
         authenticated = isAuthenticated
     }
+
+    fun hasRole(role: String): Boolean {
+        authorities.forEach {
+            if (it.authority.equals("role_$role", true)) {
+                return true
+            }
+        }
+        return false
+    }
 }

src/main/resources/templates/home/index.html

@@ -9,6 +9,7 @@
   <h1>Test</h1>
   <hr>
   <p>This is a index page!</p>
+  <a href="/login">login</a>
 </main>
 <!--/*/<th:block th:replace="~{layout.html :: script}"/>/*/-->
 </body>

src/main/resources/templates/home/welcome.html

@@ -0,0 +1,23 @@
+<!DOCTYPE HTML>
+<html lang="en" xmlns:th="http://www.thymeleaf.org">
+<head>
+  <title>Home Pages</title>
+  <!--/*/<th:block th:insert="~{layout.html :: documentHead}"/>/*/-->
+</head>
+<body>
+<main>
+  <h1>Welcome</h1>
+  <hr>
+  <!--/*@thymesVar id="remoteUser" type="ltd.hlaeja.security.RemoteAuthentication"*/-->
+  <div th:if="${remoteUser.hasRole('admin')}">
+    You are an admin!
+  </div>
+  <div th:if="${remoteUser.hasRole('user')}">
+    You are a user!
+  </div>
+  <p>This is welcome pages and you're a user!</p>
+  <a href="/logout">Logout</a>
+</main>
+<!--/*/<th:block th:replace="~{layout.html :: script}"/>/*/-->
+</body>
+</html>