Add security for admin console to review current registered users.

[varunmehta]

Integrate spring-security to enable admin user registration and administer the application.

We will bootstrap a few users, who then will confirm any one new registered to the application mark them as admin as needed. The default status is regular user.

Edit: Adding Scope - Spawn to a new ticket if needed.
With spring-rest-repositories we expose the repos via HAL browser, which means the CRUD of event exposed to end user.

• Option 1: Create a controller to handle CRUD for events (trying to avoid for duplication purpose)
• Option 2: Add security on all POST/PUT/PATCH methods and leave GET open for anyone to use.

[kunalkhosla]

Would this also mean registration page for the user? Do users create logins?

[kunalkhosla]

Self note : admins will be able to create events. The POST for event creation will be authorized by spring security

[varunmehta]

Would this also mean registration page for the user? Do users create logins?

No only Admins, users will come and go per event. They have no logins for now.

[kunalkhosla]

So im guessing there is an "Admin Login" button somewhere, which admins will use to login. To its success, they can manage events. Let me know if im misunderstanding.

[varunmehta]

Nope, you got it perfectly correct, for now we can secure the REST call, and then make a simple page to handle it. Do you know any good ui tech which is quick & easy to use (unlike angular) and can be used to make this UI ?

[kunalkhosla]

Simple http and jquery. Rest all are learning curve for me