diff options
| author |  Vitaly Takmazov | 2024-02-09 17:12:21 +0300 |
|---|---|---|
| committer | Vitaly Takmazov | 2024-02-09 17:12:21 +0300 |
| commit | ab87188de28ae266aebf03fb429880cf293c6ee9 (patch) | |
| tree | ce0ab0357b3c03bee69c93545babea21956689cd /src | |
| parent | 8289a0b1097f02a99d62f4f7750e6b46a54a54fc (diff) | |
API: accept authorization cookie
Diffstat (limited to 'src')
| -rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 3 | ||||
| -rw-r--r-- | src/test/java/com/juick/server/tests/ServerTests.java | 11 |
2 files changed, 14 insertions, 0 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index 030cdcc2..a7007648 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -223,6 +223,9 @@ public class SecurityConfig { .exceptionHandling(exceptionHandling -> exceptionHandling .authenticationEntryPoint(apiAuthenticationEntryPoint())) .csrf(AbstractHttpConfigurer::disable) + .rememberMe(rememberMe -> rememberMe + .rememberMeCookieDomain(webDomain).key(rememberMeKey) + .rememberMeServices(hashCookieServices())) .headers(headers -> headers.defaultsDisabled().cacheControl(withDefaults())); return http.build(); } diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index 13f8b1f2..e74e8c6f 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -1771,6 +1771,17 @@ public class ServerTests { } @Test + public void apiRequestsShouldAuthorizeWithCookie() throws Exception { + String hash = userService.getHashByUID(ugnich.getUid()); + MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk()) + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) + .andExpect(content().string(containsString(hash))).andReturn(); + Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me"); + mockMvc.perform(get("/api/me").cookie(rememberMeFromHash)) + .andExpect(status().isOk()); + } + + @Test public void nonExistentBlogShouldReturn404() throws Exception { mockMvc.perform(get("/ololoe/")).andExpect(status().isNotFound()); } |