aboutsummaryrefslogtreecommitdiff
path: root/juick-common
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-07-31 11:42:14 +0300
committerGravatar Vitaly Takmazov2018-07-31 11:42:14 +0300
commitd5df105e320be676bfedb61ab1cc6d15dcafd433 (patch)
treec8da42ff88269c8a556ed0cfebc94cff4450d941 /juick-common
parent12ae70b2659772a591000c378802e94e19f48829 (diff)
accounts without password are locked
Diffstat (limited to 'juick-common')
-rw-r--r--juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java2
-rw-r--r--juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java2
-rw-r--r--juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java7
3 files changed, 6 insertions, 5 deletions
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
index b658e16f..bda5e902 100644
--- a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
+++ b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
@@ -115,7 +115,7 @@ public class CookieSimpleHashRememberMeServices extends AbstractRememberMeServic
Assert.isTrue(userOptional.isPresent());
- return new JuickUser(userOptional.get());
+ return new JuickUser(userService.getFullyUserByName(userOptional.get().getName()));
}
@Override
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
index 3a1d129d..71159e17 100644
--- a/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
+++ b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
@@ -81,7 +81,7 @@ public class RequestParamHashRememberMeServices extends AbstractRememberMeServic
if (StringUtils.isNotBlank(hash)) {
User user = userService.getUserByHash(hash);
if (!user.isAnonymous())
- return new JuickUser(user);
+ return new JuickUser(userService.getFullyUserByName(user.getName()));
}
throw new UsernameNotFoundException("User not found by hash " + hash);
}
diff --git a/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
index 6e72117e..606a5688 100644
--- a/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
+++ b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
@@ -19,6 +19,7 @@ package com.juick.service.security.entities;
import com.juick.User;
import com.juick.server.helpers.AnonymousUser;
+import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
@@ -73,17 +74,17 @@ public class JuickUser implements UserDetails {
@Override
public boolean isAccountNonLocked() {
- return true;
+ return StringUtils.isNotBlank(user.getCredentials());
}
@Override
public boolean isCredentialsNonExpired() {
- return true;
+ return isAccountNonLocked();
}
@Override
public boolean isEnabled() {
- return !user.isBanned();
+ return !user.isBanned() && isCredentialsNonExpired();
}
public User getUser() {