diff options
author | Vitaly Takmazov | 2016-11-27 19:57:28 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2016-11-27 19:57:28 +0300 |
commit | 9241901c9367259eebf1128c0693f9bc3f3597a5 (patch) | |
tree | 6a695b709db8fb834153be3f490c8b67540884c9 /juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java | |
parent | a1dfdabfa7a43b28d827458a0b4c5f6a2a1a9013 (diff) |
juick-api: add hash-based authentication filter
Diffstat (limited to 'juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java')
-rw-r--r-- | juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java b/juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java new file mode 100644 index 00000000..62e6f3d2 --- /dev/null +++ b/juick-api/src/main/java/com/juick/api/configuration/JuickHashFilter.java @@ -0,0 +1,44 @@ +package com.juick.api.configuration; + +import com.juick.User; +import com.juick.service.UserService; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.WebAuthenticationDetails; +import org.springframework.web.filter.GenericFilterBean; + +import javax.inject.Inject; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import java.io.IOException; +import java.util.Collections; +import java.util.List; + +/** + * Created by vitalyster on 27.11.2016. + */ +public class JuickHashFilter extends GenericFilterBean { + @Inject + UserService userService; + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + String hash = request.getParameter("hash"); + if (hash != null) { + User user = userService.getUserByHash(hash); + if (user.getUid() > 0) { + List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")); + UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getName(), null); + token.setDetails(new WebAuthenticationDetails((HttpServletRequest) request)); + SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user.getName(), null, authorities)); + } + } + chain.doFilter(request, response); + } + } |