1 | package mk.ukim.finki.predmeti.internettehnologii.jobvistabackend.config;
|
---|
2 |
|
---|
3 | import jakarta.servlet.FilterChain;
|
---|
4 | import jakarta.servlet.ServletException;
|
---|
5 | import jakarta.servlet.http.HttpServletRequest;
|
---|
6 | import jakarta.servlet.http.HttpServletResponse;
|
---|
7 | import lombok.NonNull;
|
---|
8 | import lombok.RequiredArgsConstructor;
|
---|
9 | import mk.ukim.finki.predmeti.internettehnologii.jobvistabackend.service.intef.JwtService;
|
---|
10 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
---|
11 | import org.springframework.security.core.context.SecurityContextHolder;
|
---|
12 | import org.springframework.security.core.userdetails.UserDetails;
|
---|
13 | import org.springframework.security.core.userdetails.UserDetailsService;
|
---|
14 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
---|
15 | import org.springframework.stereotype.Component;
|
---|
16 | import org.springframework.web.filter.OncePerRequestFilter;
|
---|
17 |
|
---|
18 | import java.io.IOException;
|
---|
19 |
|
---|
20 | @Component
|
---|
21 | @RequiredArgsConstructor
|
---|
22 | public class JwtAuthFilter extends OncePerRequestFilter {
|
---|
23 |
|
---|
24 | private final JwtService jwtService;
|
---|
25 | private final UserDetailsService userDetailsService;
|
---|
26 |
|
---|
27 | @Override
|
---|
28 | protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull FilterChain filterChain) throws ServletException, IOException {
|
---|
29 | final String authHeader = request.getHeader("Authorization");
|
---|
30 |
|
---|
31 | if (authHeader == null ||!authHeader.startsWith("Bearer ")) {
|
---|
32 | filterChain.doFilter(request, response);
|
---|
33 | return;
|
---|
34 | }
|
---|
35 |
|
---|
36 | final String jwt = authHeader.substring(7);
|
---|
37 | final String userEmail = jwtService.extractUsername(jwt);
|
---|
38 |
|
---|
39 | if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
---|
40 | UserDetails userDetails = userDetailsService.loadUserByUsername(userEmail);
|
---|
41 |
|
---|
42 | if(jwtService.isTokenValid(jwt, userDetails)) {
|
---|
43 | UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
|
---|
44 | token.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
---|
45 |
|
---|
46 | SecurityContextHolder.getContext().setAuthentication(token);
|
---|
47 | }
|
---|
48 | }
|
---|
49 | filterChain.doFilter(request, response);
|
---|
50 | }
|
---|
51 | }
|
---|