source: sources/app/src/main/java/parkup/configs/CustomAuthenticationFilter.java@ e8b1076

Last change on this file since e8b1076 was e8b1076, checked in by DavidTrajkovski <davidtrajkovski11@…>, 2 years ago

guest login

  • Property mode set to 100644
File size: 5.0 KB
Line 
1package parkup.configs;
2
3import com.auth0.jwt.JWT;
4import com.auth0.jwt.algorithms.Algorithm;
5
6import com.fasterxml.jackson.databind.ObjectMapper;
7
8import org.springframework.boot.autoconfigure.kafka.KafkaProperties;
9import org.springframework.security.authentication.AuthenticationManager;
10import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
11import org.springframework.security.core.Authentication;
12import org.springframework.security.core.AuthenticationException;
13import org.springframework.security.core.GrantedAuthority;
14import org.springframework.security.core.userdetails.User;
15import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
16import org.springframework.web.bind.annotation.CrossOrigin;
17import parkup.entities.Administrator;
18import parkup.entities.Guest;
19import parkup.entities.RegisteredUser;
20import parkup.entities.Worker;
21
22import javax.servlet.FilterChain;
23import javax.servlet.ServletException;
24import javax.servlet.http.HttpServletRequest;
25import javax.servlet.http.HttpServletResponse;
26import java.io.IOException;
27import java.util.*;
28import java.util.stream.Collectors;
29
30import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
31
32@CrossOrigin
33public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
34 private final AuthenticationManager authenticationManager;
35
36 public CustomAuthenticationFilter(AuthenticationManager authenticationManager) {
37 this.authenticationManager = authenticationManager;
38 }
39
40 @Override
41 public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
42 String username = request.getParameter("username");
43 String password = request.getParameter("password");
44 UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
45 return authenticationManager.authenticate(authenticationToken);
46 }
47
48 @Override
49 protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) throws IOException, ServletException {
50 Object principal = authentication.getPrincipal();
51 String className = principal.getClass().getName().split("\\.")[2];
52 String email=null;
53 String fullName=null;
54 Integer id =null;
55 Collection<? extends GrantedAuthority> roles= new ArrayList<>();
56 switch (className) {
57 case "RegisteredUser": {
58 RegisteredUser user = (RegisteredUser) authentication.getPrincipal();
59 fullName=user.getFirstName()+" "+user.getLastName();
60 email = user.getEmail();
61 roles = user.getAuthorities();
62 id=user.getRegParkId();
63 break;
64 }
65 case "Worker": {
66 Worker user = (Worker) authentication.getPrincipal();
67 email = user.getEmail();
68 fullName=user.getFirstName()+" "+user.getLastName();
69 roles = user.getAuthorities();
70 id=user.getWorkerId();
71 break;
72 }
73 case "Administrator": {
74 Administrator user = (Administrator) authentication.getPrincipal();
75 email = user.getEmail();
76 fullName=user.getFirstName()+" "+user.getLastName();
77 id=user.getAdministratorId();
78 roles = user.getAuthorities();
79 break;
80 }
81 case "Guest":{
82 Guest user = (Guest) authentication.getAuthorities();
83 email = user.getEmail();
84 fullName="GuestUser";
85 id=user.getGuestId();
86 roles = user.getAuthorities();
87 break;
88 }
89 }
90 //TODO see if guest needs to go through authentication
91 Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
92 String access_token = JWT.create()
93 .withSubject(email)
94 .withClaim("fullName",fullName)
95 .withClaim("id",id)
96 .withExpiresAt(new Date(System.currentTimeMillis() + 60 * 60 * 1000))
97 .withIssuer(request.getRequestURL().toString())
98 .withClaim("roles", roles.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()))
99 .sign(algorithm);
100// String refresh_token = JWT.create()
101// .withSubject(user.getUsername())
102// .withExpiresAt(new Date(System.currentTimeMillis() + 30 * 60 * 1000))
103// .withIssuer(request.getRequestURL().toString())
104// .sign(algorithm);
105 Map<String, String> tokens = new HashMap<>();
106 tokens.put("access_token", access_token);
107// tokens.put("refresh_token", refresh_token);
108 response.setContentType(APPLICATION_JSON_VALUE);
109 new ObjectMapper().writeValue(response.getOutputStream(), tokens);
110 }
111}
Note: See TracBrowser for help on using the repository browser.