diff options
author | Vitaly Takmazov | 2018-07-31 11:42:14 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-07-31 11:42:14 +0300 |
commit | d5df105e320be676bfedb61ab1cc6d15dcafd433 (patch) | |
tree | c8da42ff88269c8a556ed0cfebc94cff4450d941 /juick-common | |
parent | 12ae70b2659772a591000c378802e94e19f48829 (diff) |
accounts without password are locked
Diffstat (limited to 'juick-common')
3 files changed, 6 insertions, 5 deletions
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java index b658e16f..bda5e902 100644 --- a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java +++ b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java @@ -115,7 +115,7 @@ public class CookieSimpleHashRememberMeServices extends AbstractRememberMeServic Assert.isTrue(userOptional.isPresent()); - return new JuickUser(userOptional.get()); + return new JuickUser(userService.getFullyUserByName(userOptional.get().getName())); } @Override diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java index 3a1d129d..71159e17 100644 --- a/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java +++ b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java @@ -81,7 +81,7 @@ public class RequestParamHashRememberMeServices extends AbstractRememberMeServic if (StringUtils.isNotBlank(hash)) { User user = userService.getUserByHash(hash); if (!user.isAnonymous()) - return new JuickUser(user); + return new JuickUser(userService.getFullyUserByName(user.getName())); } throw new UsernameNotFoundException("User not found by hash " + hash); } diff --git a/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java index 6e72117e..606a5688 100644 --- a/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java +++ b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java @@ -19,6 +19,7 @@ package com.juick.service.security.entities; import com.juick.User; import com.juick.server.helpers.AnonymousUser; +import org.apache.commons.lang3.StringUtils; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @@ -73,17 +74,17 @@ public class JuickUser implements UserDetails { @Override public boolean isAccountNonLocked() { - return true; + return StringUtils.isNotBlank(user.getCredentials()); } @Override public boolean isCredentialsNonExpired() { - return true; + return isAccountNonLocked(); } @Override public boolean isEnabled() { - return !user.isBanned(); + return !user.isBanned() && isCredentialsNonExpired(); } public User getUser() { |