diff --git a/chatto/src/main/java/org/ros/chatto/security/CustomBasicAuthenticationFilter.java b/chatto/src/main/java/org/ros/chatto/security/CustomBasicAuthenticationFilter.java index 92bd61f..b016726 100644 --- a/chatto/src/main/java/org/ros/chatto/security/CustomBasicAuthenticationFilter.java +++ b/chatto/src/main/java/org/ros/chatto/security/CustomBasicAuthenticationFilter.java @@ -35,30 +35,18 @@ public class CustomBasicAuthenticationFilter extends BasicAuthenticationFilter { // Generate Token // Save the token for the logged in user // send token in the response -// String tokenString = UUID.randomUUID().toString(); - -// System.out.println("Role = " + authResult.getAuthorities().iterator().next().getAuthority()); - UserToken userToken = userTokenService.getToken(authResult.getName()); Token token; if (userToken == null) { token = tokenService.allocateToken(""); userToken = new UserToken(); - System.out.println("srwrrrrrrrrrrrr = " + authResult.getName()); -// ChatUser user = userService.findByUserName(authResult.getName()); -// ChatUser user = userRepository.findByUserName("hmm"); userToken.setTokenContent(token.getKey()); -// userToken.setTokenContent(tokenString); userToken.setUserName(authResult.getName()); userToken.setRole(authResult.getAuthorities().iterator().next().getAuthority()); userTokenService.saveToken(userToken); response.setHeader("X-AUTH-TOKEN", token.getKey()); - } - else { - token = tokenService.verifyToken(userToken.getTokenContent()); - if(token!=null) { - response.setHeader("X-AUTH-TOKEN", token.getKey()); - } + } else { + response.setHeader("X-AUTH-TOKEN", userToken.getTokenContent()); } } diff --git a/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java b/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java index 6c5b4f3..13b2477 100644 --- a/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java +++ b/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java @@ -46,31 +46,22 @@ public class TokenAuthenticationFilter extends GenericFilterBean { if (null != accessToken) { // get and check whether token is valid ( from DB or file wherever you are // storing the token) + Token token = tokenService.verifyToken(accessToken); + + if (token == null) { + throw new UsernameNotFoundException("Token not issued by us"); + } UserToken userToken = tokenRepository.findByToken(accessToken); if (userToken == null) { throw new UsernameNotFoundException("Token not associated with any user"); } - Token token = tokenService.verifyToken(userToken.getTokenContent()); - - if (token == null) { - throw new UsernameNotFoundException("Token not issued by us"); - } String userName = userToken.getUserName(); if (userName == null) { throw new UsernameNotFoundException("User not found"); } -// List userRoles = userRoleRepository.findByUser(chatUser.getUserName()); -// // Populate SecurityContextHolder by fetching relevant information using token -// final UserDetails userPrincipal = User.withUsername(chatUser.getUserName()).password(chatUser.getPassword()) -// .roles(userRoles.stream().map(userRole -> { -//// System.out.println("role = " + userRole.getRole().getName()); -// return userRole.getRole().getName(); -// }).toArray(size -> new String[size])).build(); -// final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( -// userPrincipal, null, userPrincipal.getAuthorities()); SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(userToken.getRole()); List updatedAuthorities = new ArrayList(); updatedAuthorities.add(simpleGrantedAuthority);