devondragon
diff --git a/‎.vscode/settings.json‎
Lines changed: 4 additions & 1 deletion b/‎.vscode/settings.json‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎config/README.md‎ ‎CHANGELOG.md‎config/README.md renamed to CHANGELOG.md b/‎config/README.md‎ ‎CHANGELOG.md‎config/README.md renamed to CHANGELOG.md
diff --git a/‎CONFIG.md‎
Lines changed: 0 additions & 9 deletions b/‎CONFIG.md‎
Lines changed: 0 additions & 9 deletions
diff --git a/‎Dockerfile‎
Lines changed: 0 additions & 3 deletions b/‎Dockerfile‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎PUBLISH.md‎
Lines changed: 34 additions & 0 deletions b/‎PUBLISH.md‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎QUICKSTART.md‎
Lines changed: 0 additions & 33 deletions b/‎QUICKSTART.md‎
Lines changed: 0 additions & 33 deletions
diff --git a/‎README.md‎
Lines changed: 72 additions & 52 deletions b/‎README.md‎
Lines changed: 72 additions & 52 deletions
@@ -5,5 +5,8 @@
     "java.configuration.updateBuildConfiguration": "automatic",
     "java.compile.nullAnalysis.mode": "automatic",
     "java.transport": "stdio",
-    "java.jdt.ls.vmargs": "-XX:+UseParallelGC -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xmx2G -Xms100m -javaagent:\"/Users/devon/.vscode/extensions/gabrielbb.vscode-lombok-1.0.1/server/lombok.jar\""
+    "java.jdt.ls.vmargs": "-XX:+UseParallelGC -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xmx2G -Xms100m -javaagent:\"/Users/devon/.vscode/extensions/gabrielbb.vscode-lombok-1.0.1/server/lombok.jar\"",
+    "debug.javascript.defaultRuntimeExecutable": {
+        "pwa-node": "/Users/devon/.local/share/mise/shims/node"
+    }
 }
@@ -23,9 +23,6 @@ Welcome to the User Framework SpringBoot Configuration Guide! This document outl
 - **DDL Auto (`spring.jpa.hibernate.ddl-auto`)**: Hibernate schema generation strategy, defaults to `update`.
 - **Dialect (`spring.jpa.properties.hibernate.dialect`)**: Set this to the appropriate dialect for your database, defaults to `org.hibernate.dialect.MariaDBDialect`.
 
-### Application Properties
-
-- **Name (`spring.application.name`)**: Set your application's name, defaults to `User Framework`.
 
 ## User Settings
 
@@ -47,18 +44,12 @@ Welcome to the User Framework SpringBoot Configuration Guide! This document outl
 
 - **From Address (`spring.mail.fromAddress`)**: The email address used as the sender in outgoing emails.
 
-## Copyright
-
-- **First Year (`spring.copyrightFirstYear`)**: The starting year for the copyright notice.
 
 ## Role and Privileges
 
 - **Roles and Privileges (`spring.roles-and-privileges`)**: Map out roles to their respective privileges.
 - **Role Hierarchy (`spring.role-hierarchy`)**: Define the hierarchy and inheritance of roles.
 
-## New Relic Monitoring
-
-- **API Key and Account ID (`management.newrelic.metrics.export`)**: Required if you're integrating with New Relic for monitoring.
 
 ## Server and Session Settings
 
 
@@ -0,0 +1,34 @@
+# Maven Publishing Guide
+
+# Build and Publish Command Reference
+
+## Building the Project
+
+To build the project, run:
+
+```sh
+./gradlew build
+```
+
+
+## Publish to Local Maven
+
+```shell
+gradle publishLocal
+```
+
+## Publish to Private Maven repository
+
+```shell
+gradle publishReposilite
+```
+
+
+## Publish to Maven Central
+
+```shell
+gradle publishMavenCentral
+```
+
+
+
@@ -1,6 +1,22 @@
+## Table of Contents
+- [SpringUserFramework](#springuserframework)
+  - [Summary](#summary)
+  - [Features](#features)
+  - [How To Get Started](#how-to-get-started)
+    - [Refer to the Demo Project](#refer-to-the-demo-project)
+    - [Configuring Your Local Environment](#configuring-your-local-environment)
+    - [Database](#database)
+    - [Mail Sending (SMTP)](#mail-sending-smtp)
+    - [SSO OAuth2 with Google and Facebook](#sso-oauth2-with-google-and-facebook)
+  - [Overriding Spring Security Messages](#overriding-spring-security-messages)
+  - [Notes](#notes)
+
+
 # SpringUserFramework
 
-SpringUserFramework is a Java Spring Boot User Management Framework designed to simplify the implementation of user management features in your Spring-based web application. It is built on top of [Spring Security](https://spring.io/projects/spring-security) and provides out-of-the-box support for registration, login, logout, and forgot password flows. The framework includes basic example pages that are unstyled, allowing for seamless integration into your application.
+SpringUserFramework is a Java Spring Boot User Management Framework designed to simplify the implementation of user management features in your SpringBoot web application. It is built on top of [Spring Security](https://spring.io/projects/spring-security) and provides out-of-the-box support for registration, login, logout, and forgot password flows. It also supports SSO with Google and Facebook.
+
+The framework includes basic example pages that are unstyled, allowing for seamless integration into your application.
 
 ## Summary
 
@@ -21,6 +37,8 @@ The framework provides support for the following features:
 - Login and logout functionality.
 - Forgot password flow.
 - Database-backed user store using Spring JPA.
+- SSO support for Google
+- SSO support for Facebook
 - Configuration options to control anonymous access, whitelist URIs, and protect specific URIs requiring a logged-in user session.
 - CSRF protection enabled by default, with example jQuery AJAX calls passing the CSRF token from the Thymeleaf page context.
 - Audit event framework for recording and logging security events, customizable to store audit events in a database or publish them via a REST API.
@@ -31,85 +49,87 @@ The framework provides support for the following features:
 
 ## How To Get Started
 
-### Quickstart Guide
-You can jump right in and get started by following the [Quickstart Guide](QUICKSTART.md).
-
-For more information, read on.
-
-### Configuring Your Local Environment
-There is an example configuration file in /src/main/resources called application-local.yml-example.  By default this project's gradle bootRun command runs Spring using the "local" profile.  So you can just copy that file to application-local.yml and replace the values (keys, URLs, etc..) with your values.  If you are using a different profile to run (such as default) you will just need to ensure the same configs are in place in your active configuration file(s).
-
-You can read more about the required configuration values in the [Configuration Guide](CONFIG.md).
-
-Missing or incorrect configuration values will make this framework not work correctly.
+This Framework is now available as a library on Maven Central.  You can add it to your Gradle project by adding the following dependency to your `build.gradle` file:
 
-### Database
-This framework uses a database as a user store. By buildling on top of Spring JPA it is easy to use which ever datastore you like. The example configuration in application.yml is for a [MariaDB](https://mariadb.com) 10.5 database. You will need to create a user and a database and configure the database name, username, and password.
+```groovy
+implementation 'com.digitalsanctuary:ds-spring-user-framework:3.0.0'
+```
 
-You can do this using docker with a command like this:
+Or to your Maven project by adding it to your `pom.xml` file:
 
-```
-docker run -p 127.0.0.1:3306:3306 --name springuserframework -e MARIADB_ROOT_PASSWORD=springuserroot -e MARIADB_DATABASE=springuser -e MARIADB_USER=springuser -e MARIADB_PASSWORD=springuser -d mariadb:latest
+```xml
+<dependency>
+    <groupId>com.digitalsanctuary</groupId>
+    <artifactId>ds-spring-user-framework</artifactId>
+    <version>3.0.0</version>
+</dependency>
 ```
 
-Or on Apple Silicon:
+Please check for the latest version on [Maven Central](https://central.sonatype.com/artifact/com.digitalsanctuary/ds-spring-user-framework) (this README may not always be up to date).
+When upgrading to a new version, please check the [CHANGELOG](CHANGELOG.md) for any breaking changes or new features.
 
-```
-docker run -p 127.0.0.1:3306:3306 --name springuserframework -e MARIADB_ROOT_PASSWORD=springuserroot -e MARIADB_DATABASE=springuser -e MARIADB_USER=springuser -e MARIADB_PASSWORD=springuser -d arm64v8/mariadb:latest
-```
 
-### Mail Sending (SMTP)
-The framework sends emails for verficiation links, forgot password flow, etc... so you need to configure the outbound SMTP server and authentication information.
+### Refer to the Demo Project
+I have created a demo project that uses this framework.  You can find it here: [SpringUserFrameworkDemo](https://github.com/devondragon/SpringUserFrameworkDemoApp). This demo project is a full SpringBoot application that uses this framework as a library.  You can use it as a reference for how to use this framework in your own project. It demonstrates all of the configuration values and how to override them in your own `application.yml` file. It also has functioning examples for all front end pages, javascript, etc...
 
-### SSO OAuth2 with Google and Facebook
-The framework supports SSO OAuth2 with Google and Facebook.  To enable this you need to configure the client id and secret for each provider.
+In addition to being a fully functional reference, you can also use the demo project as a starting point for your own project.  Just clone the repo and start building your own application on top of it.
 
-For public OAuth you will need a public hostname and HTTPS enabled.  You can use ngrok to create a public hostname and tunnel to your local machine.  You can then use the ngrok hostname in your Google and Facebook developer console configuration.
 
+### Configuring Your Local Environment
 
-### New Relic
-Out of the box the project includes the New Relic Telemetry module, and as such requires a New Relic account id, and associated API key.  If you don't use New Relic you can remove the dependancy from the build.gradle file and ignore the configuration values.
+You can read more about the required configuration values in the [Configuration Guide](CONFIG.md).
 
-Beyond that the default configurations should be all you need, although of course you can customize things however you like.
+Missing or incorrect configuration values will make this framework not work correctly.
 
-## Docker
+### Database
+This framework uses a database as a user store. By building on top of Spring JPA it is easy to use whichever database you like.
 
-After running gradle build, you can build a simple Docker image of the application using the provided Dockerfile. Please note that this Dockerfile is basic and does not incorporate advanced features such as layering or buildpacks that you may require for production applications.
+If you set your JPA Hibernate ddl-auto property to "create" it will create the tables for you.  If you set it to "update" it will update the tables for you.  If you set it to "none" you will need to create the tables yourself.
 
-Additionally, a docker-compose file is included, which launches a stack with the Spring Boot Application, MariaDB Database, and Postfix Mail Server. The configurations in the docker-compose file are set to make everything work smoothly. However, please be aware that sending emails from your computer (via the docker Postfix Mail Server) may be blocked by email providers due to spam checks. You can use temporary email addresses from [10MinuteMail.com](https://10minutemail.com) for testing purposes, but for real use, it is recommended to configure the Spring Boot application to use a real mail server for outbound transactional emails.
+If you are not using automatic schema updates or Flyway, you can set up your database manually using the provided `schema.sql` file:
 
+```bash
+mysql -u username -p database_name < src/main/resources/schema.sql
+```
 
+Flyway support will be coming soon. This will allow you to automatically update your database schema as you deploy new versions of your application.
 
-## Overriding Spring Security Messages
 
-You may want to override the default Spring Security user facing messages.  You can do this in your messages.properties file, by adding any of the message keys from Spring Security (found here: [Spring Security Messages](https://github.com/spring-projects/spring-security/blob/main/core/src/main/resources/org/springframework/security/messages.properties)) and providing your own values.
+### Mail Sending (SMTP)
+The framework sends emails for verification links, forgot password flow, etc... so you need to configure the outbound SMTP server and authentication information.  This is done in the `application.yml` file.  You can see the example configuration in the Demo Project's `application.yml` file. Please also refer to the [Spring Boot Mail Properties](https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#mail-properties) for more information on the available properties.
 
 
-## Dev Tools
+### SSO OAuth2 with Google and Facebook
+The framework supports SSO OAuth2 with Google and Facebook.  To enable this you need to configure the client id and secret for each provider.  This is done in the application.yml (or application.properties) file using the [Spring Security OAuth2 properties](https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html). You can see the example configuration in the Demo Project's `application.yml` file.
+
+Here is a quick example for your reference:
+
+```yaml
+spring:
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: YOUR_GOOGLE_CLIENT_ID
+            client-secret: YOUR_GOOGLE_CLIENT_SECRET
+            redirect-uri: "{baseUrl}/login/oauth2/code/google"
+          facebook:
+            client-id: YOUR_FACEBOOK_CLIENT_ID
+            client-secret: YOUR_FACEBOOK_CLIENT_SECRET
+            redirect-uri: "{baseUrl}/login/oauth2/code/facebook"
+```
 
-### SpringBoot DevTools Auto Restart and Live Reload
-Read the following articles:
- - https://www.digitalsanctuary.com/java/springboot-devtools-auto-restart-and-live-reload.html
- - https://www.digitalsanctuary.com/java/how-to-get-springboot-livereload-working-over-https.html
+For public OAuth you will need a public hostname and HTTPS enabled.  You can use ngrok or Cloudflare tunnels to create a public hostname and tunnel to your local machine during development.  You can then use the ngrok hostname in your Google and Facebook developer console configuration.
 
-### Live Reload over HTTPS Setup
-If you are running your local dev env using HTTPS or referencing it from a ngrok tunnel using HTTPS, you will need to make a few changes to get Live Reload to work. First you need to tell the application to use HTTPS by setting the following properties in your application.yml file:
 
-```
-spring.devtools.livereload.https=true
-```
 
-You then need to install mitmproxy and configure it to intercept the HTTPS traffic.  You can do this by running the following command:
 
-```
-mitmproxy --mode reverse:http://localhost:35729 -p 35739
-```
+## Overriding Spring Security Messages
+
+You may want to override the default Spring Security user facing messages.  You can do this in your messages.properties file, by adding any of the message keys from Spring Security (found here: [Spring Security Messages](https://github.com/spring-projects/spring-security/blob/main/core/src/main/resources/org/springframework/security/messages.properties)) and providing your own values.
 
-By default, mitmproxy uses self-signed SSL certificates, so you need to tell your browser to trust them before this will work. You can do this by opening https://localhost:35739/livereload.js in your browser and going through the steps to trust the server and certificate.
 
-Alternatively, you can configure mitmproxy to use real certificates and avoid this step. Follow these directions: https://docs.mitmproxy.org/stable/concepts-certificates/
 
 ## Notes
-Much of this is based on the [Baeldung course on Spring Security](https://www.baeldung.com/learn-spring-security-course).  If you want to learn more about Spring Security or would like to add SSO integration or 2FA to your application, that guide is a great place to start.
-
 Please note that there is no warranty or guarantee of functionality, quality, performance, or security made by the author. The code is available freely, but you assume all responsibility and liability for its usage in your application.