From e372eea0cf03a01d5c1ac3ae230406d7d9de6fd0 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Mon, 5 Feb 2018 15:04:08 +0300 Subject: web: setAuthHash for hash login --- .../com/juick/service/security/HashParamAuthenticationFilter.java | 1 + juick-www/src/test/java/com/juick/www/WebAppTests.java | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java index e8ea0492..b56b98c8 100644 --- a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java +++ b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java @@ -70,6 +70,7 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter { if (!user.isAnonymous()) { User userWithPassword = userService.getFullyUserByName(user.getName()); + userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid())); Authentication authentication = new RememberMeAuthenticationToken( ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY); diff --git a/juick-www/src/test/java/com/juick/www/WebAppTests.java b/juick-www/src/test/java/com/juick/www/WebAppTests.java index ef33506c..dcbcb66c 100644 --- a/juick-www/src/test/java/com/juick/www/WebAppTests.java +++ b/juick-www/src/test/java/com/juick/www/WebAppTests.java @@ -308,7 +308,11 @@ public class WebAppTests { @Test public void hashLoginShouldNotUseSession() throws Exception { String hash = userService.getHashByUID(ugnich.getUid()); - MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk()).andReturn(); + MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)) + .andExpect(status().isOk()) + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) + .andExpect(content().string(containsString(hash))) + .andReturn(); Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me"); MvcResult formLoginResult = mockMvc.perform(post("/login") .param("username", ugnichName) -- cgit v1.2.3