Untitled

HTML :

<form role="form" ng-submit="controller.login()">

    <div class="form-group">
        <label for="username">Username:</label>
        <input type="text" class="form-control" id="username" name="username" ng-model="controller.credentials.username"/>
    </div>

    <div class="form-group">
        <label for="password">Password:</label>
        <input type="password" class="form-control" id="password" name="password" ng-model="controller.credentials.password"/>
    </div>

    <button type="submit" class="btn btn-primary">Submit</button>

</form>

--------------------------------------------------
JS :

myModule.controller('NavCtrl',function($rootScope, $location, $http){

    var self = this

    var authenticate = function(credentials, callback) {

        var formulaireLoginDto = credentials ? {'login':credentials.username,'password':credentials.password} : {};

        $http.post('check-login', formulaireLoginDto).then(
            function(response) {
                if (response.data.name) {
                    $rootScope.authenticated = true;
                } else {
                    $rootScope.authenticated = false;
                }
                callback && callback();
            },
            function() {
                $rootScope.authenticated = false;
                callback && callback();
            }
        );

    }

    authenticate();
    self.credentials = {};

    self.login = function() {
        authenticate(self.credentials, function() {
            if ($rootScope.authenticated) {
                $location.path("/");
                self.error = false;
            } else {
                $location.path("/login");
                self.error = true;
            }
        });
    };


});

-------------------------- JAVA SPRING SECURITY + SPRING BOOT

@SpringBootApplication
public class BusinessBootApplication {

    public static void main(String[] args) {
        SpringApplication.run(BusinessBootApplication.class, args);
    }

    @Configuration
    @Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
    protected static class SecurityConfiguration extends WebSecurityConfigurerAdapter{
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http
            .httpBasic()
            .and()
            .authorizeRequests()
            .antMatchers("/index.html","/home.html","/login.html","/").permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class)
            .csrf()
            .csrfTokenRepository(csrfTokenRepository());
        }

        private CsrfTokenRepository csrfTokenRepository() {
            HttpSessionCsrfTokenRepository repo = new HttpSessionCsrfTokenRepository();
            repo.setHeaderName("X-XSRF-TOKEN");
            return repo;
        }
    }
}

-------------------------------- JAVA My REST Webservice

@RestController
public class LoginRest {

    @Autowired
    private UserDao userDao;

    @RequestMapping("/check-login")
    public User login(FormulaireLoginDto formulaireLoginDto){
        User user = null;

        try {
            user = userDao.findByLogin(formulaireLoginDto.getLogin());
        } catch (Exception e) {
            return null;
        }

        return user;
    }

}