fixed a token encoding issue #70
@ -1,31 +1,25 @@
|
||||
package ovh.herisson.Clyde.EndPoints;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
||||
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin(origins = "http://localhost:5173")
|
||||
public class LoginController {
|
||||
private final AuthenticatorService authServ;
|
||||
|
||||
public LoginController(AuthenticatorService authServ) {
|
||||
this.authServ = authServ;
|
||||
}
|
||||
|
||||
@PostMapping("/login")
|
||||
public ResponseEntity<String> login(@RequestParam String identifier, String password, Date expirationDate) {
|
||||
|
||||
String sessionToken = authServ.login(identifier, password, expirationDate);
|
||||
if (sessionToken == null) {
|
||||
return new UnauthorizedResponse<>("Identifier or Password incorrect");
|
||||
}
|
||||
|
||||
HttpHeaders responseHeaders = new HttpHeaders();
|
||||
responseHeaders.set("Set-Cookie",String.format("session_token=%s",sessionToken));
|
||||
return ResponseEntity.ok().headers(responseHeaders).build();
|
||||
return ResponseEntity.ok().header("Set-Cookie", String.format("session_token=%s", sessionToken)).build();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
@ -1,10 +1,12 @@
|
||||
package ovh.herisson.Clyde.Services;
|
||||
|
||||
|
||||
import org.springframework.stereotype.Service;
|
||||
import ovh.herisson.Clyde.Repositories.TokenRepository;
|
||||
import ovh.herisson.Clyde.Tables.Token;
|
||||
import ovh.herisson.Clyde.Tables.User;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Date;
|
||||
@ -22,9 +24,12 @@ public class TokenService {
|
||||
public String generateNewToken(){
|
||||
byte[] bytes = new byte[64];
|
||||
new SecureRandom().nextBytes(bytes);
|
||||
Maxime marked this conversation as resolved
|
||||
String token = new String(bytes, StandardCharsets.US_ASCII);
|
||||
System.out.println(token);
|
||||
return token;
|
||||
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
|
||||
try {
|
||||
Maxime
commented
Permet d'avoir des caractères affichable Permet d'avoir des caractères affichable
|
||||
return new String(bytes,"ISO_8859_1");
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public User getUserFromToken(String token){
|
||||
|
Loading…
Reference in New Issue
Block a user
je suis un peu curieux de la différence avec Random()
random est moins random et plus prévisible donc plus de conflits (on m'a juste conseillé SecureRandom donc sur un site donc voila
)