From a1dfdabfa7a43b28d827458a0b4c5f6a2a1a9013 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Sun, 27 Nov 2016 17:13:27 +0300
Subject: juick-api: red tests for cors and hash authentication

---
 .../java/com/juick/api/configuration/ApiMvcConfiguration.java     | 3 ++-
 juick-api/src/main/java/com/juick/api/controllers/Messages.java   | 8 +++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

(limited to 'juick-api/src/main/java/com/juick/api')

diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java b/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
index 8e0087d7..e3a49c6c 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
@@ -42,6 +42,7 @@ public class ApiMvcConfiguration extends WebMvcConfigurationSupport {
 
     @Override
     protected void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**");
+        registry.addMapping("/**")
+                .allowedOrigins("*");
     }
 }
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Messages.java b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
index 78c8ecc6..f8e892e7 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Messages.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
@@ -17,10 +17,7 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.*;
 import rocks.xmpp.addr.Jid;
 import rocks.xmpp.core.stanza.model.Message;
 
@@ -34,6 +31,7 @@ import java.util.List;
  * @author ugnich
  */
 @Controller
+@CrossOrigin
 @RequestMapping(method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
 public class Messages {
     private static final Logger logger = LoggerFactory.getLogger(Messages.class);
@@ -78,6 +76,7 @@ public class Messages {
     @RequestMapping("/messages")
     public ResponseEntity<List<com.juick.Message>> getMessages(
             HttpServletRequest request,
+            @RequestParam(required = false) String hash,
             @RequestParam(required = false) String uname,
             @RequestParam(defaultValue = "0") int before_mid,
             @RequestParam(required = false) String popular,
@@ -90,7 +89,6 @@ public class Messages {
             return FORBIDDEN;
 
         if (vuid == 0) {
-            String hash = request.getParameter("hash");
             if (hash != null && hash.length() == 16)
                 vuid = userService.getUIDbyHash(hash);
         }
-- 
cgit v1.2.3