From a53c318aaeb214cc8d3d7066c82b35f719b64326 Mon Sep 17 00:00:00 2001
From: esensar <es.ensar@gmail.com>
Date: Wed, 17 Jan 2018 21:37:05 +0100
Subject: [PATCH] Returns roles on login

---
 .../src/main/java/ba/steles/security/SecurityConfig.java      | 1 +
 .../java/ba/steleks/controller/AuthenticationController.java  | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/steleks-proxy/src/main/java/ba/steles/security/SecurityConfig.java b/steleks-proxy/src/main/java/ba/steles/security/SecurityConfig.java
index 2fdbeab..7f9f858 100644
--- a/steleks-proxy/src/main/java/ba/steles/security/SecurityConfig.java
+++ b/steleks-proxy/src/main/java/ba/steles/security/SecurityConfig.java
@@ -33,6 +33,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
         http.csrf().disable().authorizeRequests()
                 .antMatchers(HttpMethod.OPTIONS).permitAll()
                 .antMatchers("/users/**", "/users", "/").permitAll()
+                .antMatchers("/users/users", "/users/users/**").hasRole("ADMIN")
                 .anyRequest().authenticated()
                 .and()
                 .addFilterBefore(new AuthenticationFilter(restTemplateBuilder.build(), discoveryClient), UsernamePasswordAuthenticationFilter.class);
diff --git a/users/src/main/java/ba/steleks/controller/AuthenticationController.java b/users/src/main/java/ba/steleks/controller/AuthenticationController.java
index caea988..29ed28d 100644
--- a/users/src/main/java/ba/steleks/controller/AuthenticationController.java
+++ b/users/src/main/java/ba/steleks/controller/AuthenticationController.java
@@ -3,6 +3,7 @@ package ba.steleks.controller;
 import ba.steleks.error.exception.CustomHttpStatusException;
 import ba.steleks.model.AuthRequest;
 import ba.steleks.model.User;
+import ba.steleks.model.UserRole;
 import ba.steleks.repository.UsersJpaRepository;
 import ba.steleks.security.SessionIdentifierGenerator;
 import ba.steleks.security.UserRoleFactory;
@@ -51,9 +52,10 @@ public class AuthenticationController {
         if (passwordEncoder.matches(body.getPassword(), user.getPasswordHash())) {
             String token = new SessionIdentifierGenerator().nextSessionId();
             tokenStore.saveToken(user.getId(), token);
-            Map<String, String> response = new HashMap<>();
+            Map<String, Object> response = new HashMap<>();
             response.put("token", token);
             response.put("userId", String.valueOf(user.getId()));
+            response.put("roles", UserRoleFactory.toStringSet(user.getUserRoles()));
             return ResponseEntity
                     .ok()
                     .body(response);