Development: Add credential-based login and refactor authentication flow#32
Merged
Development: Add credential-based login and refactor authentication flow#32
Development: Add credential-based login and refactor authentication flow#32Conversation
There was a problem hiding this comment.
Pull request overview
This PR implements credential-based authentication for Artemis, enabling dynamic login with JWT tokens and encrypted credential storage. The authentication flow is refactored to support user-provided credentials instead of relying on configuration files.
Key changes:
- New credential-based login endpoint with JWT authentication and encrypted password storage in cookies
- Refactored repository fetching to use dynamic credentials passed through the authentication flow
- Updated frontend to collect and submit user credentials (username, password, server URL)
Reviewed changes
Copilot reviewed 21 out of 22 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java | New authentication endpoint handling login and credential cookie creation |
| src/main/java/de/tum/cit/aet/core/security/CryptoService.java | New encryption service for securing passwords in cookies |
| src/main/java/de/tum/cit/aet/repositoryProcessing/service/ArtemisClientService.java | Added authentication method and updated to support dynamic server URLs |
| src/main/java/de/tum/cit/aet/repositoryProcessing/service/GitOperationsService.java | Refactored to accept credentials as parameters instead of using config |
| src/main/webapp/src/components/StartAnalysis.tsx | Added credential input fields and login flow |
| src/main/resources/config/application.yml | Removed static Artemis credentials from configuration |
| src/main/java/de/tum/cit/aet/core/config/ArtemisConfig.java | Removed static credential fields from configuration class |
| src/test/java/de/tum/cit/aet/DynamicAuthTest.java | New test for dynamic authentication flow |
| .gitignore | Added application.yml to prevent committing secrets |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/repositoryProcessing/service/ArtemisClientService.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/core/config/SpringAIConfiguration.java
Outdated
Show resolved
Hide resolved
Contributor
|
🤖 OpenAPI spec and client code auto-updated and committed. |
…e AuthController interactions
… application settings
JanaNF
force-pushed
the
feature/credential-login
branch
from
a4d7230 to
1078750
Compare
Contributor
|
🤖 OpenAPI spec and client code auto-updated and committed. |
Contributor
|
🤖 No OpenAPI or client changes needed. |
…ove unused parameters
…m/Harmonia into feature/credential-login
Contributor
|
🤖 No OpenAPI or client changes needed. |
Contributor
|
🤖 OpenAPI spec and client code auto-updated and committed. |
Contributor
|
🤖 No OpenAPI or client changes needed. |
az108
requested changes
Nov 28, 2025
Collaborator
az108
left a comment
az108
left a comment
There was a problem hiding this comment.
some important points and questions
src/main/java/de/tum/cit/aet/dataProcessing/service/RequestService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/usermanagement/web/AuthController.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/repositoryProcessing/service/GitOperationsService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/repositoryProcessing/service/GitOperationsService.java
Outdated
Show resolved
Hide resolved
…Git operations refactor: replace RuntimeExceptions with GitOperationException in GitOperationsService refactor: remove unnecessary logging in ArtemisClientService
…for improved clarity and maintainability
… test credentials
Contributor
|
🤖 OpenAPI spec and client code auto-updated and committed. |
…m/Harmonia into feature/credential-login
Contributor
|
🤖 No OpenAPI or client changes needed. |
1 similar comment
Contributor
|
🤖 No OpenAPI or client changes needed. |
az108
approved these changes
Nov 30, 2025
Collaborator
az108
left a comment
az108
left a comment
There was a problem hiding this comment.
thanks for applying the changes, looks great now 👍
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implement credential-based login functionality with JWT authentication and dynamic repository fetching using encrypted credentials. Refactor the StartAnalysis component to include username and password fields, and update the authentication flow diagram to reflect changes in the AuthController interactions. Remove unnecessary configurations and streamline the authentication process.