From 6593a618e9ba4cbdbe86fcaefab2492917c2276f Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 11 Dec 2017 23:19:14 +0300
Subject: web: using preconfigured rememberme key in hash auth filter

---
 .../java/com/juick/service/security/HashParamAuthenticationFilter.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
index d4bd3ec6..ed24fc00 100644
--- a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
+++ b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -25,6 +25,7 @@ import org.springframework.security.authentication.RememberMeAuthenticationToken
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
 import org.springframework.util.Assert;
 import org.springframework.web.filter.OncePerRequestFilter;
 import org.springframework.web.util.WebUtils;
@@ -69,7 +70,7 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter {
 
             if (!user.isAnonymous()) {
                 Authentication authentication = new RememberMeAuthenticationToken(
-                        hash, new JuickUser(user), JuickUser.USER_AUTHORITY);
+                        ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(user), JuickUser.USER_AUTHORITY);
 
                 SecurityContextHolder.getContext().setAuthentication(authentication);
 
-- 
cgit v1.2.3