source: trip-planner/src/main/java/finki/diplomska/tripplanner/security/JwtAuthenticationFilter.java

Last change on this file was 84d0fbb, checked in by Ema <ema_spirova@…>, 3 years ago

spring security 2.0
  • Property mode set to 100644
File size: 2.5 KB
Line 
1package finki.diplomska.tripplanner.security;
2
3import finki.diplomska.tripplanner.models.User;
4import finki.diplomska.tripplanner.service.impl.CustomUserDetailsServiceImpl;
5import org.springframework.beans.factory.annotation.Autowired;
6import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
7import org.springframework.security.core.context.SecurityContextHolder;
8import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
9import org.springframework.util.StringUtils;
10import org.springframework.web.filter.OncePerRequestFilter;
11
12import javax.servlet.FilterChain;
13import javax.servlet.ServletException;
14import javax.servlet.http.HttpServletRequest;
15import javax.servlet.http.HttpServletResponse;
16import java.io.IOException;
17import java.util.Collections;
18
19public class JwtAuthenticationFilter extends OncePerRequestFilter {
20 @Autowired
21 private JwtTokenProvider tokenProvider;
22
23 @Autowired
24 private CustomUserDetailsServiceImpl customUserDetailsService;
25
26 @Override
27 protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
28 FilterChain filterChain) throws ServletException, IOException {
29
30 try {
31
32 String jwt = getJWTFromRequest(httpServletRequest);
33
34 if(StringUtils.hasText(jwt)&& tokenProvider.validateToken(jwt)){
35 Long userId = tokenProvider.getUserIdFromJWT(jwt);
36 User userDetails = customUserDetailsService.loadUserById(userId);
37
38 UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
39 userDetails, null, Collections.emptyList());
40
41 authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
42 SecurityContextHolder.getContext().setAuthentication(authentication);
43
44 }
45
46 }catch (Exception ex){
47 logger.error("Could not set user authentication in security context", ex);
48 }
49
50
51 filterChain.doFilter(httpServletRequest, httpServletResponse);
52
53 }
54
55
56
57 private String getJWTFromRequest(HttpServletRequest request){
58 String bearerToken = request.getHeader(SecurityConstants.HEADER_STRING);
59
60 if(StringUtils.hasText(bearerToken)&&bearerToken.startsWith(SecurityConstants.TOKEN_PREFIX)){
61 return bearerToken.substring(7, bearerToken.length());
62 }
63
64 return null;
65 }
66}
Note: See TracBrowser for help on using the repository browser.