From ce2efb61c851589bb555e0a8aa8ab6ecebdf8c4d Mon Sep 17 00:00:00 2001 From: Bartha Maxime <231026@umons.ac.be> Date: Sun, 10 Mar 2024 23:28:13 +0100 Subject: [PATCH] fixed some issue for the token authorization (#87) Reviewed-on: https://git.herisson.ovh/PGL/Clyde/pulls/87 Reviewed-by: Debucquoy Anthony Co-authored-by: Bartha Maxime <231026@umons.ac.be> Co-committed-by: Bartha Maxime <231026@umons.ac.be> --- .../Clyde/EndPoints/MockController.java | 4 --- .../Clyde/EndPoints/TokenController.java | 26 +++++++++++++++++++ .../Clyde/EndPoints/UserController.java | 12 ++++----- .../Clyde/Repositories/TokenRepository.java | 1 + .../herisson/Clyde/Services/TokenService.java | 13 ++++++++-- .../java/ovh/herisson/Clyde/Tables/Token.java | 2 +- 6 files changed, 45 insertions(+), 13 deletions(-) create mode 100644 backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java index f7825f6..18fea23 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java @@ -49,10 +49,6 @@ public class MockController { mockUsers = new ArrayList(Arrays.asList(herobrine,joe,meh,joke)); userRepo.saveAll(mockUsers); - - for (User user: mockUsers){ - tokenRepo.save(new Token(user,user.getPassword())); - } } @DeleteMapping("/mock") diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java new file mode 100644 index 0000000..793e61b --- /dev/null +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java @@ -0,0 +1,26 @@ +package ovh.herisson.Clyde.EndPoints; + + + +import org.springframework.web.bind.annotation.CrossOrigin; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; +import ovh.herisson.Clyde.Services.TokenService; +import ovh.herisson.Clyde.Tables.Token; + +@RestController +@CrossOrigin(origins = "http://localhost:5173") +public class TokenController { + + private final TokenService tokenServ; + + public TokenController(TokenService tokenServ){ + this.tokenServ = tokenServ; + } + + + @GetMapping("/tokens") + public Iterable getTokens(){ + return tokenServ.getAllTokens(); + } +} diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java index ba54926..8de166e 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java @@ -23,18 +23,18 @@ public class UserController { } @GetMapping("/user") - public ResponseEntity getUser(@RequestHeader("Authorization") String token){ - User user = authServ.getUserFromToken(token); - if (user == null) { - return new UnauthorizedResponse<>(null); - } + public ResponseEntity getUser(@RequestHeader("Cookie") String authorization){ + + if (authorization == null) return new UnauthorizedResponse<>(null); + User user = authServ.getUserFromToken(authorization); + if (user == null) return new UnauthorizedResponse<>(null); return new ResponseEntity<>(user, HttpStatus.OK); } @PostMapping("/user") public ResponseEntity postUser(@RequestBody User user){ userService.save(user); - return new ResponseEntity(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED); + return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED); } @GetMapping("/users") diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java index d375e7a..6a4e47a 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java @@ -9,4 +9,5 @@ public interface TokenRepository extends CrudRepository { Token getByToken(String token); Iterable getByUser(User user); + } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java index a82951d..125dbde 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java @@ -20,12 +20,19 @@ public class TokenService { this.tokenRepo = tokenRepo; } + public Iterable getAllTokens() { + return tokenRepo.findAll(); + } + public String generateNewToken(){ byte[] bytes = new byte[64]; new SecureRandom().nextBytes(bytes); for (int i = 0; i < bytes.length; i++) { bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32)); + while ((char)bytes[i] == ';'){ + bytes[i] = new SecureRandom().generateSeed(1)[0]; + } } // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented try { @@ -35,8 +42,10 @@ public class TokenService { } } - public User getUserFromToken(String token){ - return tokenRepo.getByToken(token).getUser(); + public User getUserFromToken(String token) { + Token tokenRep = tokenRepo.getByToken(token); + if (tokenRep == null) return null; + return tokenRep.getUser(); } public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java index 5b61cb9..848f836 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java @@ -8,7 +8,7 @@ public class Token { @Id private int id; - @ManyToOne(fetch = FetchType.LAZY) + @ManyToOne(fetch = FetchType.EAGER) @JoinColumn(name ="Users") private User user; private String token;