aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/com/juick/config/SecurityConfig.java3
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java11
2 files changed, 14 insertions, 0 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index 030cdcc2..a7007648 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -223,6 +223,9 @@ public class SecurityConfig {
.exceptionHandling(exceptionHandling -> exceptionHandling
.authenticationEntryPoint(apiAuthenticationEntryPoint()))
.csrf(AbstractHttpConfigurer::disable)
+ .rememberMe(rememberMe -> rememberMe
+ .rememberMeCookieDomain(webDomain).key(rememberMeKey)
+ .rememberMeServices(hashCookieServices()))
.headers(headers -> headers.defaultsDisabled().cacheControl(withDefaults()));
return http.build();
}
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 13f8b1f2..e74e8c6f 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -1771,6 +1771,17 @@ public class ServerTests {
}
@Test
+ public void apiRequestsShouldAuthorizeWithCookie() throws Exception {
+ String hash = userService.getHashByUID(ugnich.getUid());
+ MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk())
+ .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash))))
+ .andExpect(content().string(containsString(hash))).andReturn();
+ Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me");
+ mockMvc.perform(get("/api/me").cookie(rememberMeFromHash))
+ .andExpect(status().isOk());
+ }
+
+ @Test
public void nonExistentBlogShouldReturn404() throws Exception {
mockMvc.perform(get("/ololoe/")).andExpect(status().isNotFound());
}