Add LoginUser to successfully parse the request and create a token

This commit is contained in:
Marcel Schwarz 2020-05-11 21:15:25 +02:00
parent 7cd4d52138
commit d4f39f27ae
3 changed files with 24 additions and 4 deletions

View File

@ -2,7 +2,6 @@ package de.hft.geotime.security;
import com.auth0.jwt.JWT; import com.auth0.jwt.JWT;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import de.hft.geotime.user.TimetrackUser;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -32,7 +31,7 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
HttpServletRequest req, HttpServletRequest req,
HttpServletResponse res) throws AuthenticationException { HttpServletResponse res) throws AuthenticationException {
try { try {
TimetrackUser creds = new ObjectMapper().readValue(req.getInputStream(), TimetrackUser.class); LoginUser creds = new ObjectMapper().readValue(req.getInputStream(), LoginUser.class);
return authenticationManager.authenticate( return authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken( new UsernamePasswordAuthenticationToken(
creds.getUsername(), creds.getUsername(),
@ -41,7 +40,9 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte
) )
); );
} catch (IOException e) { } catch (IOException e) {
throw new RuntimeException(e); logger.info("Unsuccessful login attempt: " + e.getMessage());
res.setStatus(HttpServletResponse.SC_FORBIDDEN);
return null;
} }
} }

View File

@ -0,0 +1,16 @@
package de.hft.geotime.security;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@AllArgsConstructor
@NoArgsConstructor
public class LoginUser {
private String password;
private String username;
}

View File

@ -4,7 +4,10 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@RestController @RestController
public class UserController { public class UserController {