| 1 | package edu.gjoko.schedlr.config;
|
|---|
| 2 |
|
|---|
| 3 | import org.springframework.security.core.GrantedAuthority;
|
|---|
| 4 | import org.springframework.security.core.context.SecurityContextImpl;
|
|---|
| 5 | import org.springframework.security.core.userdetails.UserDetails;
|
|---|
| 6 | import org.springframework.util.StringUtils;
|
|---|
| 7 | import org.springframework.web.filter.GenericFilterBean;
|
|---|
| 8 |
|
|---|
| 9 | import javax.servlet.FilterChain;
|
|---|
| 10 | import javax.servlet.ServletException;
|
|---|
| 11 | import javax.servlet.ServletRequest;
|
|---|
| 12 | import javax.servlet.ServletResponse;
|
|---|
| 13 | import javax.servlet.http.HttpServletRequest;
|
|---|
| 14 | import javax.servlet.http.HttpSession;
|
|---|
| 15 | import java.io.IOException;
|
|---|
| 16 | import java.util.Collection;
|
|---|
| 17 | import java.util.HashMap;
|
|---|
| 18 | import java.util.Map;
|
|---|
| 19 |
|
|---|
| 20 | public class AppFilter extends GenericFilterBean {
|
|---|
| 21 | @Override
|
|---|
| 22 | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
|---|
| 23 | HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
|
|---|
| 24 | HttpSession session = httpServletRequest.getSession(false);
|
|---|
| 25 |
|
|---|
| 26 | if(httpServletRequest.getRequestURI().endsWith(".js")
|
|---|
| 27 | || httpServletRequest.getRequestURI().endsWith(".css")
|
|---|
| 28 | || httpServletRequest.getRequestURI().startsWith("/api")) {
|
|---|
| 29 | filterChain.doFilter(servletRequest, servletResponse);
|
|---|
| 30 | return;
|
|---|
| 31 | }
|
|---|
| 32 | if(session != null) {
|
|---|
| 33 | Map<String, String> roleTargetUrlMap = new HashMap<>();
|
|---|
| 34 | roleTargetUrlMap.put("ADMIN", "/admin");
|
|---|
| 35 | roleTargetUrlMap.put("CUSTOMER", "/homepage");
|
|---|
| 36 | roleTargetUrlMap.put("BUSINESS_OWNER", "/business_homepage");
|
|---|
| 37 | SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT");
|
|---|
| 38 | if(sci != null) {
|
|---|
| 39 | UserDetails userDetails = (UserDetails) sci.getAuthentication().getPrincipal();
|
|---|
| 40 | final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
|
|---|
| 41 | for (final GrantedAuthority grantedAuthority : authorities) {
|
|---|
| 42 | String authorityName = grantedAuthority.getAuthority();
|
|---|
| 43 | String page = "";
|
|---|
| 44 | switch (authorityName) {
|
|---|
| 45 | case "ADMIN":
|
|---|
| 46 | page = "/admin";
|
|---|
| 47 | break;
|
|---|
| 48 | case "CUSTOMER":
|
|---|
| 49 | case "BUSINESS_OWNER":
|
|---|
| 50 | page = "/homepage";
|
|---|
| 51 | break;
|
|---|
| 52 | default:
|
|---|
| 53 | break;
|
|---|
| 54 | }
|
|---|
| 55 | if(page != null && !page.trim().isEmpty()) {
|
|---|
| 56 | servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse);
|
|---|
| 57 | return;
|
|---|
| 58 | }
|
|---|
| 59 | }
|
|---|
| 60 | }
|
|---|
| 61 | }
|
|---|
| 62 | filterChain.doFilter(servletRequest, servletResponse);
|
|---|
| 63 | }
|
|---|
| 64 | }
|
|---|
