Feature: Implement secure public pre-registration flow with CAPTCHA and HTMX dashboard
AS Talange CI/CD Pipeline / Build & Run Unit Tests (push) Successful in 3m12s
AS Talange CI/CD Pipeline / Build & Run in Docker Container (push) Successful in 3m4s

- Created V16 Flyway migration for pre_inscription and token_pre_inscription tables.
- Added PreInscription and TokenPreInscription entities with respective repositories.
- Updated SecurityConfig to allow public access to /inscription-public/**.
- Implemented CaptchaValidationService to interact with Cloudflare Turnstile API.
- Created PublicInscriptionController for managing the QR code entry, CAPTCHA validation, ephemeral tokens, and public form submission.
- Added public Thymeleaf views (demarrer, formulaire, succes, lien-expire) with TailwindCSS.
- Developed AdminPreInscriptionController and PreInscriptionService to handle back-office validation and rejection workflows.
- Built the admin pre-inscriptions dashboard list view.
- Added a dynamic, polling notification badge in the sidebar using HTMX, auto-updating on validation/rejection events.
This commit is contained in:
2026-06-11 23:11:34 +02:00
parent bca84be16a
commit 2e8298b3b6
16 changed files with 669 additions and 1 deletions
@@ -0,0 +1,79 @@
package com.astalange.core.entity;
import jakarta.persistence.*;
import java.time.LocalDate;
import java.time.LocalDateTime;
@Entity
@Table(name = "pre_inscription")
public class PreInscription {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
@Column(nullable = false, length = 100)
private String nom;
@Column(nullable = false, length = 100)
private String prenom;
@Column(name = "date_naissance", nullable = false)
private LocalDate dateNaissance;
@Column(length = 20)
private String telephone;
@Column(length = 150)
private String email;
@Column(columnDefinition = "TEXT")
private String adresse;
@Column(name = "representant_legal", length = 150)
private String representantLegal;
@Column(name = "statut_traite", nullable = false)
private Boolean statutTraite = false;
@Column(name = "date_creation", nullable = false)
private LocalDateTime dateCreation = LocalDateTime.now();
@ManyToOne(optional = false, fetch = FetchType.LAZY)
@JoinColumn(name = "saison_id", nullable = false)
private Saison saison;
// Getters and Setters
public Long getId() { return id; }
public void setId(Long id) { this.id = id; }
public String getNom() { return nom; }
public void setNom(String nom) { this.nom = nom; }
public String getPrenom() { return prenom; }
public void setPrenom(String prenom) { this.prenom = prenom; }
public LocalDate getDateNaissance() { return dateNaissance; }
public void setDateNaissance(LocalDate dateNaissance) { this.dateNaissance = dateNaissance; }
public String getTelephone() { return telephone; }
public void setTelephone(String telephone) { this.telephone = telephone; }
public String getEmail() { return email; }
public void setEmail(String email) { this.email = email; }
public String getAdresse() { return adresse; }
public void setAdresse(String adresse) { this.adresse = adresse; }
public String getRepresentantLegal() { return representantLegal; }
public void setRepresentantLegal(String representantLegal) { this.representantLegal = representantLegal; }
public Boolean getStatutTraite() { return statutTraite; }
public void setStatutTraite(Boolean statutTraite) { this.statutTraite = statutTraite; }
public LocalDateTime getDateCreation() { return dateCreation; }
public void setDateCreation(LocalDateTime dateCreation) { this.dateCreation = dateCreation; }
public Saison getSaison() { return saison; }
public void setSaison(Saison saison) { this.saison = saison; }
}
@@ -0,0 +1,40 @@
package com.astalange.core.entity;
import jakarta.persistence.*;
import java.time.LocalDateTime;
@Entity
@Table(name = "token_pre_inscription")
public class TokenPreInscription {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
@Column(name = "valeur_uuid", nullable = false, unique = true, length = 36)
private String valeurUuid;
@Column(name = "date_expiration", nullable = false)
private LocalDateTime dateExpiration;
@Column(name = "est_utilise", nullable = false)
private Boolean estUtilise = false;
// Getters and Setters
public Long getId() { return id; }
public void setId(Long id) { this.id = id; }
public String getValeurUuid() { return valeurUuid; }
public void setValeurUuid(String valeurUuid) { this.valeurUuid = valeurUuid; }
public LocalDateTime getDateExpiration() { return dateExpiration; }
public void setDateExpiration(LocalDateTime dateExpiration) { this.dateExpiration = dateExpiration; }
public Boolean getEstUtilise() { return estUtilise; }
public void setEstUtilise(Boolean estUtilise) { this.estUtilise = estUtilise; }
@Transient
public boolean isValide() {
return !estUtilise && dateExpiration.isAfter(LocalDateTime.now());
}
}
@@ -0,0 +1,13 @@
package com.astalange.core.repository;
import com.astalange.core.entity.PreInscription;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface PreInscriptionRepository extends JpaRepository<PreInscription, Long> {
List<PreInscription> findByStatutTraiteFalseOrderByDateCreationDesc();
long countByStatutTraiteFalse();
}
@@ -0,0 +1,12 @@
package com.astalange.core.repository;
import com.astalange.core.entity.TokenPreInscription;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import java.util.Optional;
@Repository
public interface TokenPreInscriptionRepository extends JpaRepository<TokenPreInscription, Long> {
Optional<TokenPreInscription> findByValeurUuid(String valeurUuid);
}
@@ -0,0 +1,50 @@
package com.astalange.core.service;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
import org.springframework.http.ResponseEntity;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import java.util.Map;
@Service
public class CaptchaValidationService {
@Value("${captcha.secret:dummy-secret}")
private String captchaSecret;
@Value("${captcha.url:https://challenges.cloudflare.com/turnstile/v0/siteverify}")
private String captchaUrl;
public boolean validateCaptcha(String token) {
if (token == null || token.isEmpty()) {
return false;
}
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("secret", captchaSecret);
map.add("response", token);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
try {
ResponseEntity<Map> response = restTemplate.postForEntity(captchaUrl, request, Map.class);
if (response.getBody() != null && Boolean.TRUE.equals(response.getBody().get("success"))) {
return true;
}
} catch (Exception e) {
// Log error
return false;
}
return false;
}
}
@@ -0,0 +1,66 @@
package com.astalange.core.service;
import com.astalange.core.entity.Adherent;
import com.astalange.core.entity.Licence;
import com.astalange.core.entity.PreInscription;
import com.astalange.core.repository.AdherentRepository;
import com.astalange.core.repository.LicenceRepository;
import com.astalange.core.repository.PreInscriptionRepository;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@Service
public class PreInscriptionService {
private final PreInscriptionRepository preInscriptionRepository;
private final AdherentRepository adherentRepository;
private final LicenceRepository licenceRepository;
public PreInscriptionService(PreInscriptionRepository preInscriptionRepository,
AdherentRepository adherentRepository,
LicenceRepository licenceRepository) {
this.preInscriptionRepository = preInscriptionRepository;
this.adherentRepository = adherentRepository;
this.licenceRepository = licenceRepository;
}
@Transactional
public Adherent validerPreInscription(Long preInscriptionId, Long categorieId) {
PreInscription pre = preInscriptionRepository.findById(preInscriptionId)
.orElseThrow(() -> new IllegalArgumentException("Pré-inscription introuvable"));
if (pre.getStatutTraite()) {
throw new IllegalStateException("Cette pré-inscription a déjà été traitée");
}
// Créer l'adhérent
Adherent adherent = new Adherent();
adherent.setNom(pre.getNom().toUpperCase());
adherent.setPrenom(pre.getPrenom());
adherent.setDateNaissance(pre.getDateNaissance());
adherent.setTelephone(pre.getTelephone());
adherent.setEmail(pre.getEmail());
adherent.setAdresse(pre.getAdresse());
adherent.setRepresentantLegal(pre.getRepresentantLegal());
// Par défaut
adherent.setSexe("MASCULIN");
adherent.setTypeMaillot("JOUEUR");
adherent.setResidentTalange(false);
adherent = adherentRepository.save(adherent);
pre.setStatutTraite(true);
preInscriptionRepository.save(pre);
return adherent;
}
@Transactional
public void rejeterPreInscription(Long preInscriptionId) {
PreInscription pre = preInscriptionRepository.findById(preInscriptionId)
.orElseThrow(() -> new IllegalArgumentException("Pré-inscription introuvable"));
pre.setStatutTraite(true);
preInscriptionRepository.save(pre);
}
}
@@ -0,0 +1,21 @@
CREATE TABLE token_pre_inscription (
id BIGSERIAL PRIMARY KEY,
valeur_uuid VARCHAR(36) NOT NULL UNIQUE,
date_expiration TIMESTAMP NOT NULL,
est_utilise BOOLEAN NOT NULL DEFAULT FALSE
);
CREATE TABLE pre_inscription (
id BIGSERIAL PRIMARY KEY,
nom VARCHAR(100) NOT NULL,
prenom VARCHAR(100) NOT NULL,
date_naissance DATE NOT NULL,
telephone VARCHAR(20),
email VARCHAR(150),
adresse TEXT,
representant_legal VARCHAR(150),
statut_traite BOOLEAN NOT NULL DEFAULT FALSE,
date_creation TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
saison_id BIGINT NOT NULL,
CONSTRAINT fk_pre_inscription_saison FOREIGN KEY (saison_id) REFERENCES saison (id)
);