[cf9cdbf] | 1 | package edu.gjoko.schedlr.config;
|
---|
| 2 |
|
---|
[8bcd64c] | 3 | import edu.gjoko.schedlr.services.PostgresUserDetailsService;
|
---|
| 4 | import lombok.RequiredArgsConstructor;
|
---|
[cf9cdbf] | 5 | import org.springframework.security.core.GrantedAuthority;
|
---|
| 6 | import org.springframework.security.core.context.SecurityContextImpl;
|
---|
| 7 | import org.springframework.security.core.userdetails.UserDetails;
|
---|
[46fd0c7] | 8 | import org.springframework.util.StringUtils;
|
---|
[8bcd64c] | 9 | import org.springframework.web.bind.annotation.RequestBody;
|
---|
[cf9cdbf] | 10 | import org.springframework.web.filter.GenericFilterBean;
|
---|
| 11 |
|
---|
[950fa0d] | 12 | import javax.servlet.*;
|
---|
[cf9cdbf] | 13 | import javax.servlet.http.HttpServletRequest;
|
---|
[8bcd64c] | 14 | import javax.servlet.http.HttpServletResponse;
|
---|
[cf9cdbf] | 15 | import javax.servlet.http.HttpSession;
|
---|
| 16 | import java.io.IOException;
|
---|
| 17 | import java.util.Collection;
|
---|
| 18 | import java.util.HashMap;
|
---|
| 19 | import java.util.Map;
|
---|
| 20 |
|
---|
[8bcd64c] | 21 | @RequiredArgsConstructor
|
---|
[cf9cdbf] | 22 | public class AppFilter extends GenericFilterBean {
|
---|
[8bcd64c] | 23 |
|
---|
| 24 | private final PostgresUserDetailsService userDetailsService;
|
---|
[cf9cdbf] | 25 | @Override
|
---|
| 26 | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
---|
| 27 | HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
|
---|
| 28 | HttpSession session = httpServletRequest.getSession(false);
|
---|
[8bcd64c] | 29 | HttpServletResponse response = (HttpServletResponse) servletResponse;
|
---|
[cf9cdbf] | 30 |
|
---|
[9050790] | 31 | if(httpServletRequest.getRequestURI().endsWith(".js")
|
---|
[8bcd64c] | 32 | || httpServletRequest.getRequestURI().endsWith(".css")) {
|
---|
| 33 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
| 34 | return;
|
---|
| 35 | }
|
---|
| 36 |
|
---|
| 37 | if(httpServletRequest.getRequestURI().startsWith("/api")) {
|
---|
| 38 | session = ((HttpServletRequest) servletRequest).getSession(true);
|
---|
| 39 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
---|
| 40 |
|
---|
| 41 | if(sci != null && session.getAttribute("stakeholderId") == null) {
|
---|
| 42 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
---|
| 43 | Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
|
---|
| 44 | session.setAttribute("stakeholderId", stakeholderId);
|
---|
| 45 | }
|
---|
[46fd0c7] | 46 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
| 47 | return;
|
---|
| 48 | }
|
---|
[8bcd64c] | 49 |
|
---|
[cf9cdbf] | 50 | if(session != null) {
|
---|
| 51 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
---|
| 52 | if(sci != null) {
|
---|
| 53 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
---|
[8bcd64c] | 54 | Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
|
---|
| 55 | session.setAttribute("stakeholderId", stakeholderId);
|
---|
| 56 |
|
---|
[cf9cdbf] | 57 | final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
|
---|
| 58 | for (final GrantedAuthority grantedAuthority : authorities) {
|
---|
| 59 | String authorityName = grantedAuthority.getAuthority();
|
---|
[46fd0c7] | 60 | String page = "";
|
---|
| 61 | switch (authorityName) {
|
---|
| 62 | case "ADMIN":
|
---|
| 63 | page = "/admin";
|
---|
| 64 | break;
|
---|
| 65 | case "CUSTOMER":
|
---|
[77205be] | 66 | if ("/customer_admin".equals(httpServletRequest.getRequestURI())) {
|
---|
| 67 | page = "/customer_admin";
|
---|
| 68 | } else {
|
---|
| 69 | page = "/homepage";
|
---|
| 70 | }
|
---|
[46fd0c7] | 71 | break;
|
---|
[8bcd64c] | 72 | case "BUSINESS_OWNER":
|
---|
| 73 | page = "/business_admin";
|
---|
| 74 | break;
|
---|
[46fd0c7] | 75 | default:
|
---|
| 76 | break;
|
---|
| 77 | }
|
---|
[950fa0d] | 78 | if(page != null && !page.trim().isEmpty() && !DispatcherType.ERROR.equals(servletRequest.getDispatcherType())) {
|
---|
[46fd0c7] | 79 | servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse);
|
---|
[cf9cdbf] | 80 | return;
|
---|
| 81 | }
|
---|
| 82 | }
|
---|
| 83 | }
|
---|
| 84 | }
|
---|
| 85 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
| 86 | }
|
---|
| 87 | }
|
---|