fixed some issue for the token authorization #87
@ -49,10 +49,6 @@ public class MockController {
|
|||||||
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
||||||
|
|
||||||
userRepo.saveAll(mockUsers);
|
userRepo.saveAll(mockUsers);
|
||||||
|
|
||||||
for (User user: mockUsers){
|
|
||||||
tokenRepo.save(new Token(user,user.getPassword()));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@DeleteMapping("/mock")
|
@DeleteMapping("/mock")
|
||||||
|
@ -0,0 +1,27 @@
|
|||||||
|
package ovh.herisson.Clyde.EndPoints;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||||
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
import ovh.herisson.Clyde.Services.TokenService;
|
||||||
|
import ovh.herisson.Clyde.Tables.Token;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
|
|||||||
|
|
||||||
|
public class TokenController {
|
||||||
|
|
||||||
|
private final TokenService tokenServ;
|
||||||
|
|
||||||
|
public TokenController(TokenService tokenServ){
|
||||||
|
this.tokenServ = tokenServ;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@GetMapping("/tokens")
|
||||||
tonitch
commented
C'est pour le debug ? Faudrait mettre un TODO pour mettre ça que pour les admins C'est pour le debug ? Faudrait mettre un TODO pour mettre ça que pour les admins
|
|||||||
|
public Iterable<Token> getTokens(){
|
||||||
|
return tokenServ.getAllTokens();
|
||||||
|
}
|
||||||
|
}
|
@ -23,18 +23,22 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/user")
|
@GetMapping("/user")
|
||||||
public ResponseEntity<User> getUser(@RequestHeader("Authorization") String token){
|
public ResponseEntity<User> getUser(@RequestHeader("Cookie") String cookie){
|
||||||
User user = authServ.getUserFromToken(token);
|
String[] tokens = cookie.split("=",2);
|
||||||
if (user == null) {
|
if (! tokens[0].equals("session_token") || tokens[1].length() != 64)
|
||||||
return new UnauthorizedResponse<>(null);
|
{
|
||||||
|
return new UnauthorizedResponse<>(null);
|
||||||
}
|
}
|
||||||
|
System.out.println(tokens[1]);
|
||||||
|
User user = authServ.getUserFromToken(tokens[1]);
|
||||||
|
if (user == null) return new UnauthorizedResponse<>(null);
|
||||||
return new ResponseEntity<>(user, HttpStatus.OK);
|
return new ResponseEntity<>(user, HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/user")
|
@PostMapping("/user")
|
||||||
public ResponseEntity<String> postUser(@RequestBody User user){
|
public ResponseEntity<String> postUser(@RequestBody User user){
|
||||||
userService.save(user);
|
userService.save(user);
|
||||||
return new ResponseEntity<String>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/users")
|
@GetMapping("/users")
|
||||||
|
@ -9,4 +9,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
|
|||||||
Token getByToken(String token);
|
Token getByToken(String token);
|
||||||
|
|
||||||
Iterable<Token> getByUser(User user);
|
Iterable<Token> getByUser(User user);
|
||||||
|
|
||||||
Maxime marked this conversation as resolved
tonitch
commented
t'es sur ? t'es sur ?
|
|||||||
}
|
}
|
||||||
|
@ -20,12 +20,19 @@ public class TokenService {
|
|||||||
this.tokenRepo = tokenRepo;
|
this.tokenRepo = tokenRepo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Iterable<Token> getAllTokens() {
|
||||||
|
return tokenRepo.findAll();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public String generateNewToken(){
|
public String generateNewToken(){
|
||||||
byte[] bytes = new byte[64];
|
byte[] bytes = new byte[64];
|
||||||
new SecureRandom().nextBytes(bytes);
|
new SecureRandom().nextBytes(bytes);
|
||||||
for (int i = 0; i < bytes.length; i++) {
|
for (int i = 0; i < bytes.length; i++) {
|
||||||
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
|
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
|
||||||
|
while ((char)bytes[i] == ';'){
|
||||||
|
bytes[i] = new SecureRandom().generateSeed(1)[0];
|
||||||
|
}
|
||||||
Maxime marked this conversation as resolved
tonitch
commented
FAIT DU MD5 FAIT DU MD5
|
|||||||
}
|
}
|
||||||
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
|
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
|
||||||
try {
|
try {
|
||||||
@ -35,8 +42,10 @@ public class TokenService {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public User getUserFromToken(String token){
|
public User getUserFromToken(String token) {
|
||||||
return tokenRepo.getByToken(token).getUser();
|
Token tokenRep = tokenRepo.getByToken(token);
|
||||||
|
if (tokenRep == null) return null;
|
||||||
|
return tokenRep.getUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate
|
public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate
|
||||||
|
@ -8,7 +8,7 @@ public class Token {
|
|||||||
@Id
|
@Id
|
||||||
private int id;
|
private int id;
|
||||||
|
|
||||||
@ManyToOne(fetch = FetchType.LAZY)
|
@ManyToOne(fetch = FetchType.EAGER)
|
||||||
@JoinColumn(name ="Users")
|
@JoinColumn(name ="Users")
|
||||||
private User user;
|
private User user;
|
||||||
private String token;
|
private String token;
|
||||||
|
Loading…
Reference in New Issue
Block a user
Dans le dernier pr j'ai fait un petit changement au cross origin. Pour l'instant c'est bon mais c'est juste pour attirer l'attention sur ça !