source: src/main/java/edu/gjoko/schedlr/config/AppFilter.java@ 950fa0d

Last change on this file since 950fa0d was 950fa0d, checked in by Gjoko Kostadinov <gjoko.kostadinov@…>, 14 months ago

Periodic update
  • Property mode set to 100644
File size: 3.8 KB
Line 
1package edu.gjoko.schedlr.config;
2
3import edu.gjoko.schedlr.services.PostgresUserDetailsService;
4import lombok.RequiredArgsConstructor;
5import org.springframework.security.core.GrantedAuthority;
6import org.springframework.security.core.context.SecurityContextImpl;
7import org.springframework.security.core.userdetails.UserDetails;
8import org.springframework.util.StringUtils;
9import org.springframework.web.bind.annotation.RequestBody;
10import org.springframework.web.filter.GenericFilterBean;
11
12import javax.servlet.*;
13import javax.servlet.http.HttpServletRequest;
14import javax.servlet.http.HttpServletResponse;
15import javax.servlet.http.HttpSession;
16import java.io.IOException;
17import java.util.Collection;
18import java.util.HashMap;
19import java.util.Map;
20
21@RequiredArgsConstructor
22public class AppFilter extends GenericFilterBean {
23
24 private final PostgresUserDetailsService userDetailsService;
25 @Override
26 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
27 HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
28 HttpSession session = httpServletRequest.getSession(false);
29 HttpServletResponse response = (HttpServletResponse) servletResponse;
30
31 if(httpServletRequest.getRequestURI().endsWith(".js")
32 || httpServletRequest.getRequestURI().endsWith(".css")) {
33 filterChain.doFilter(servletRequest, servletResponse);
34 return;
35 }
36
37 if(httpServletRequest.getRequestURI().startsWith("/api")) {
38 session = ((HttpServletRequest) servletRequest).getSession(true);
39 SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
40
41 if(sci != null && session.getAttribute("stakeholderId") == null) {
42 UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
43 Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
44 session.setAttribute("stakeholderId", stakeholderId);
45 }
46 filterChain.doFilter(servletRequest, servletResponse);
47 return;
48 }
49
50 if(session != null) {
51 SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
52 if(sci != null) {
53 UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
54 Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
55 session.setAttribute("stakeholderId", stakeholderId);
56
57 final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
58 for (final GrantedAuthority grantedAuthority : authorities) {
59 String authorityName = grantedAuthority.getAuthority();
60 String page = "";
61 switch (authorityName) {
62 case "ADMIN":
63 page = "/admin";
64 break;
65 case "CUSTOMER":
66 page = "/homepage";
67 break;
68 case "BUSINESS_OWNER":
69 page = "/business_admin";
70 break;
71 default:
72 break;
73 }
74 if(page != null && !page.trim().isEmpty() && !DispatcherType.ERROR.equals(servletRequest.getDispatcherType())) {
75 servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse);
76 return;
77 }
78 }
79 }
80 }
81 filterChain.doFilter(servletRequest, servletResponse);
82 }
83}
Note: See TracBrowser for help on using the repository browser.