aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java')
-rw-r--r--juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java83
1 files changed, 0 insertions, 83 deletions
diff --git a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
deleted file mode 100644
index b384a8c8..00000000
--- a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package com.juick.server.security;
-
-import com.juick.User;
-import com.juick.server.security.entities.JuickUser;
-import com.juick.service.UserService;
-import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.authentication.RememberMeAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.web.authentication.RememberMeServices;
-import org.springframework.util.Assert;
-import org.springframework.web.filter.OncePerRequestFilter;
-import org.springframework.web.util.WebUtils;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * Created by aalexeev on 4/5/17.
- */
-public class HashParamAuthenticationFilter extends OncePerRequestFilter {
- public static final String PARAM_NAME = "hash";
-
- private final UserService userService;
- private final RememberMeServices rememberMeServices;
-
-
- public HashParamAuthenticationFilter(
- final UserService userService,
- final RememberMeServices rememberMeServices) {
- Assert.notNull(userService, "userService should not be null");
- Assert.notNull(rememberMeServices, "rememberMeServices should not be null");
-
- this.userService = userService;
- this.rememberMeServices = rememberMeServices;
- }
-
- @Override
- protected void doFilterInternal(
- HttpServletRequest request,
- HttpServletResponse response,
- FilterChain filterChain) throws ServletException, IOException {
-
- String hash = getHashFromRequest(request);
-
- if (hash != null && authenticationIsRequired()) {
- User user = userService.getUserByHash(hash);
-
- if (!user.isAnonymous()) {
- Authentication authentication = new RememberMeAuthenticationToken(
- hash, new JuickUser(user), JuickUser.USER_AUTHORITY);
-
- SecurityContextHolder.getContext().setAuthentication(authentication);
-
- rememberMeServices.loginSuccess(request, response, authentication);
- }
- }
-
- filterChain.doFilter(request, response);
- }
-
- private boolean authenticationIsRequired() {
- Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
-
- return existingAuth == null ||
- !existingAuth.isAuthenticated() ||
- existingAuth instanceof AnonymousAuthenticationToken;
- }
-
- private String getHashFromRequest(HttpServletRequest request) {
- String paramHash = request.getParameter(PARAM_NAME);
- Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME);
-
- if (paramHash == null && cookieHash != null) {
- return cookieHash.getValue();
- }
- return paramHash;
- }
-}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-03 05:08:48 +0000