1 | package edu.gjoko.schedlr.config;
|
---|
2 |
|
---|
3 | import edu.gjoko.schedlr.services.PostgresUserDetailsService;
|
---|
4 | import lombok.RequiredArgsConstructor;
|
---|
5 | import org.springframework.security.core.GrantedAuthority;
|
---|
6 | import org.springframework.security.core.context.SecurityContextImpl;
|
---|
7 | import org.springframework.security.core.userdetails.UserDetails;
|
---|
8 | import org.springframework.util.StringUtils;
|
---|
9 | import org.springframework.web.bind.annotation.RequestBody;
|
---|
10 | import org.springframework.web.filter.GenericFilterBean;
|
---|
11 |
|
---|
12 | import javax.servlet.FilterChain;
|
---|
13 | import javax.servlet.ServletException;
|
---|
14 | import javax.servlet.ServletRequest;
|
---|
15 | import javax.servlet.ServletResponse;
|
---|
16 | import javax.servlet.http.HttpServletRequest;
|
---|
17 | import javax.servlet.http.HttpServletResponse;
|
---|
18 | import javax.servlet.http.HttpSession;
|
---|
19 | import java.io.IOException;
|
---|
20 | import java.util.Collection;
|
---|
21 | import java.util.HashMap;
|
---|
22 | import java.util.Map;
|
---|
23 |
|
---|
24 | @RequiredArgsConstructor
|
---|
25 | public class AppFilter extends GenericFilterBean {
|
---|
26 |
|
---|
27 | private final PostgresUserDetailsService userDetailsService;
|
---|
28 | @Override
|
---|
29 | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
---|
30 | HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
|
---|
31 | HttpSession session = httpServletRequest.getSession(false);
|
---|
32 | HttpServletResponse response = (HttpServletResponse) servletResponse;
|
---|
33 |
|
---|
34 | if(httpServletRequest.getRequestURI().endsWith(".js")
|
---|
35 | || httpServletRequest.getRequestURI().endsWith(".css")) {
|
---|
36 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
37 | return;
|
---|
38 | }
|
---|
39 |
|
---|
40 | if(httpServletRequest.getRequestURI().startsWith("/api")) {
|
---|
41 | session = ((HttpServletRequest) servletRequest).getSession(true);
|
---|
42 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
---|
43 |
|
---|
44 | if(sci != null && session.getAttribute("stakeholderId") == null) {
|
---|
45 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
---|
46 | Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
|
---|
47 | session.setAttribute("stakeholderId", stakeholderId);
|
---|
48 | }
|
---|
49 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
50 | return;
|
---|
51 | }
|
---|
52 |
|
---|
53 | if(session != null) {
|
---|
54 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
---|
55 | if(sci != null) {
|
---|
56 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
---|
57 | Long stakeholderId = userDetailsService.loadStakeholderId(userDetails.getUsername());
|
---|
58 | session.setAttribute("stakeholderId", stakeholderId);
|
---|
59 |
|
---|
60 | final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
|
---|
61 | for (final GrantedAuthority grantedAuthority : authorities) {
|
---|
62 | String authorityName = grantedAuthority.getAuthority();
|
---|
63 | String page = "";
|
---|
64 | switch (authorityName) {
|
---|
65 | case "ADMIN":
|
---|
66 | page = "/admin";
|
---|
67 | break;
|
---|
68 | case "CUSTOMER":
|
---|
69 | page = "/homepage";
|
---|
70 | break;
|
---|
71 | case "BUSINESS_OWNER":
|
---|
72 | page = "/business_admin";
|
---|
73 | break;
|
---|
74 | default:
|
---|
75 | break;
|
---|
76 | }
|
---|
77 | if(page != null && !page.trim().isEmpty()) {
|
---|
78 | servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse);
|
---|
79 | return;
|
---|
80 | }
|
---|
81 | }
|
---|
82 | }
|
---|
83 | }
|
---|
84 | filterChain.doFilter(servletRequest, servletResponse);
|
---|
85 | }
|
---|
86 | }
|
---|