backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java

@@ -49,10 +49,6 @@ public class MockController {
         mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
 
         userRepo.saveAll(mockUsers);
-
-        for (User user: mockUsers){
-            tokenRepo.save(new Token(user,user.getPassword()));
-        }
     }
 
     @DeleteMapping("/mock")

backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java

@@ -0,0 +1,27 @@
+package ovh.herisson.Clyde.EndPoints;
+
+
+
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import ovh.herisson.Clyde.Services.TokenService;
+import ovh.herisson.Clyde.Tables.Token;
+
+@RestController
+@CrossOrigin(origins = "http://localhost:5173")
+
+public class TokenController {
+
+    private final TokenService tokenServ;
+
+    public TokenController(TokenService tokenServ){
+        this.tokenServ = tokenServ;
+    }
+
+
+    @GetMapping("/tokens")
+    public Iterable<Token> getTokens(){
+        return tokenServ.getAllTokens();
+    }
+}

backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java

@@ -23,18 +23,22 @@ public class UserController {
     }
 
     @GetMapping("/user")
-    public ResponseEntity<User> getUser(@RequestHeader("Authorization") String token){
+    public ResponseEntity<User> getUser(@RequestHeader("Cookie") String cookie){
		'Authorization': session_token,
		'Authorization': session_token,
-        User user = authServ.getUserFromToken(token);
+        String[] tokens = cookie.split("=",2);
-        if (user == null) {
+        if (! tokens[0].equals("session_token") || tokens[1].length() != 64)
+        {
             return  new UnauthorizedResponse<>(null);
         }
+        System.out.println(tokens[1]);
+        User user = authServ.getUserFromToken(tokens[1]);
+        if (user == null) return new UnauthorizedResponse<>(null);
         return new ResponseEntity<>(user, HttpStatus.OK);
     }
 
     @PostMapping("/user")
     public ResponseEntity<String> postUser(@RequestBody User user){
         userService.save(user);
-        return new ResponseEntity<String>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
+        return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
     }
 
     @GetMapping("/users")

backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java

@@ -9,4 +9,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
     Token getByToken(String token);
 
     Iterable<Token> getByUser(User user);
+
 }

backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java

@@ -20,12 +20,19 @@ public class TokenService {
         this.tokenRepo = tokenRepo;
     }
 
+    public Iterable<Token> getAllTokens() {
+        return tokenRepo.findAll();
+    }
+
 
     public String generateNewToken(){
         byte[] bytes = new byte[64];
         new SecureRandom().nextBytes(bytes);
         for (int i = 0; i < bytes.length; i++) {
             bytes[i] = (byte) (((bytes[i]+256)%256  %95+ 32));
+            while ((char)bytes[i] == ';'){
+                bytes[i] = new SecureRandom().generateSeed(1)[0];
+            }
         }
         // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
         try {
@@ -35,8 +42,10 @@ public class TokenService {
         }
     }
 
-    public User getUserFromToken(String token){
+    public User getUserFromToken(String token) {
-        return tokenRepo.getByToken(token).getUser();
+        Token tokenRep = tokenRepo.getByToken(token);
+        if (tokenRep == null) return null;
+        return tokenRep.getUser();
     }
 
     public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate

backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java

@@ -8,7 +8,7 @@ public class Token {
     @Id
     private int id;
 
-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne(fetch = FetchType.EAGER)
     @JoinColumn(name ="Users")
     private User user;
     private String token;