1
0
forked from PGL/Clyde

fixed a token encoding issue

This commit is contained in:
Bartha Maxime 2024-03-08 19:08:10 +01:00
parent acfd366fc8
commit fba30cff9e
2 changed files with 18 additions and 19 deletions

View File

@ -1,31 +1,25 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import java.util.Date;
@RestController
@CrossOrigin(origins = "http://localhost:5173")
public class LoginController {
private final AuthenticatorService authServ;
public LoginController(AuthenticatorService authServ){
this.authServ = authServ;
}
@PostMapping("/login")
public ResponseEntity<String> login(@RequestParam String identifier, String password, Date expirationDate){
String sessionToken = authServ.login(identifier,password,expirationDate);
if (sessionToken == null){
public LoginController(AuthenticatorService authServ) {
this.authServ = authServ;
}
@PostMapping("/login")
public ResponseEntity<String> login(@RequestParam String identifier, String password, Date expirationDate) {
String sessionToken = authServ.login(identifier, password, expirationDate);
if (sessionToken == null) {
return new UnauthorizedResponse<>("Identifier or Password incorrect");
}
HttpHeaders responseHeaders = new HttpHeaders();
responseHeaders.set("Set-Cookie",String.format("session_token=%s",sessionToken));
return ResponseEntity.ok().headers(responseHeaders).build();
return ResponseEntity.ok().header("Set-Cookie", String.format("session_token=%s", sessionToken)).build();
}
}

View File

@ -1,10 +1,12 @@
package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Date;
@ -22,9 +24,12 @@ public class TokenService {
public String generateNewToken(){
byte[] bytes = new byte[64];
new SecureRandom().nextBytes(bytes);
String token = new String(bytes, StandardCharsets.US_ASCII);
System.out.println(token);
return token;
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
try {
return new String(bytes,"ISO_8859_1");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
}
public User getUserFromToken(String token){