From e372eea0cf03a01d5c1ac3ae230406d7d9de6fd0 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 5 Feb 2018 15:04:08 +0300
Subject: web: setAuthHash for hash login

---
 .../com/juick/service/security/HashParamAuthenticationFilter.java   | 1 +
 juick-www/src/test/java/com/juick/www/WebAppTests.java              | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
index e8ea0492..b56b98c8 100644
--- a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
+++ b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -70,6 +70,7 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter {
 
             if (!user.isAnonymous()) {
                 User userWithPassword = userService.getFullyUserByName(user.getName());
+                userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
                 Authentication authentication = new RememberMeAuthenticationToken(
                         ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY);
 
diff --git a/juick-www/src/test/java/com/juick/www/WebAppTests.java b/juick-www/src/test/java/com/juick/www/WebAppTests.java
index ef33506c..dcbcb66c 100644
--- a/juick-www/src/test/java/com/juick/www/WebAppTests.java
+++ b/juick-www/src/test/java/com/juick/www/WebAppTests.java
@@ -308,7 +308,11 @@ public class WebAppTests {
     @Test
     public void hashLoginShouldNotUseSession() throws Exception {
         String hash = userService.getHashByUID(ugnich.getUid());
-        MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk()).andReturn();
+        MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash))
+                .andExpect(status().isOk())
+                .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash))))
+                .andExpect(content().string(containsString(hash)))
+                .andReturn();
         Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me");
         MvcResult formLoginResult = mockMvc.perform(post("/login")
                 .param("username", ugnichName)
-- 
cgit v1.2.3