testing messages
This commit is contained in:
Anthony Stirling
@@ -44,7 +44,7 @@ public class UserAuthenticationFilter extends OncePerRequestFilter {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
String requestURI = request.getRequestURI();
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
// Check for API key in the request headers if no authentication exists
|
||||
@@ -74,13 +74,14 @@ public class UserAuthenticationFilter extends OncePerRequestFilter {
|
||||
// If we still don't have any authentication, deny the request
|
||||
if (authentication == null || !authentication.isAuthenticated()) {
|
||||
String method = request.getMethod();
|
||||
if ("GET".equalsIgnoreCase(method)) {
|
||||
if ("GET".equalsIgnoreCase(method) && !"/login".equals(requestURI)) {
|
||||
response.sendRedirect("/login"); // redirect to the login page
|
||||
return;
|
||||
} else {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
response.getWriter().write("Authentication required. Please provide a X-API-KEY in request header.\nThis is found in Settings -> Account Settings -> API Key\nAlternativly you can disable authentication if this is unexpected");
|
||||
return;
|
||||
}
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
response.getWriter().write("Authentication required. Please provide a X-API-KEY in request header.\nThis is found in Settings -> Account Settings -> API Key\nAlternativly you can disable authentication if this is unexpected");
|
||||
return;
|
||||
}
|
||||
|
||||
filterChain.doFilter(request, response);
|
||||
|
||||
@@ -50,26 +50,26 @@ public class UserController {
|
||||
HttpServletResponse response,
|
||||
RedirectAttributes redirectAttributes) {
|
||||
if (principal == null) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not authenticated.");
|
||||
return new RedirectView("/error");
|
||||
redirectAttributes.addFlashAttribute("notAuthenticated", true);
|
||||
return new RedirectView("/change-creds");
|
||||
}
|
||||
|
||||
Optional<User> userOpt = userService.findByUsername(principal.getName());
|
||||
|
||||
if (userOpt == null || userOpt.isEmpty()) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not found.");
|
||||
return new RedirectView("/error");
|
||||
redirectAttributes.addFlashAttribute("userNotFound", true);
|
||||
return new RedirectView("/change-creds");
|
||||
}
|
||||
User user = userOpt.get();
|
||||
|
||||
if (!userService.isPasswordCorrect(user, currentPassword)) {
|
||||
redirectAttributes.addFlashAttribute("error", "Current password is incorrect.");
|
||||
return new RedirectView("/error");
|
||||
redirectAttributes.addFlashAttribute("incorrectPassword", true);
|
||||
return new RedirectView("/change-creds");
|
||||
}
|
||||
|
||||
if (!user.getUsername().equals(newUsername) && userService.usernameExists(newUsername)) {
|
||||
redirectAttributes.addFlashAttribute("error", "New username already exists.");
|
||||
return new RedirectView("/error");
|
||||
redirectAttributes.addFlashAttribute("usernameExists", true);
|
||||
return new RedirectView("/change-creds");
|
||||
}
|
||||
|
||||
userService.changePassword(user, newPassword);
|
||||
@@ -95,25 +95,25 @@ public class UserController {
|
||||
HttpServletResponse response,
|
||||
RedirectAttributes redirectAttributes) {
|
||||
if (principal == null) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not authenticated.");
|
||||
redirectAttributes.addFlashAttribute("notAuthenticated", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
|
||||
Optional<User> userOpt = userService.findByUsername(principal.getName());
|
||||
|
||||
if (userOpt == null || userOpt.isEmpty()) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not found.");
|
||||
redirectAttributes.addFlashAttribute("userNotFound", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
User user = userOpt.get();
|
||||
|
||||
if (!userService.isPasswordCorrect(user, currentPassword)) {
|
||||
redirectAttributes.addFlashAttribute("error", "Current password is incorrect.");
|
||||
redirectAttributes.addFlashAttribute("incorrectPassword", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
|
||||
if (userService.usernameExists(newUsername)) {
|
||||
redirectAttributes.addFlashAttribute("error", "New username already exists.");
|
||||
redirectAttributes.addFlashAttribute("usernameExists", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
|
||||
@@ -134,20 +134,20 @@ public class UserController {
|
||||
HttpServletResponse response,
|
||||
RedirectAttributes redirectAttributes) {
|
||||
if (principal == null) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not authenticated.");
|
||||
redirectAttributes.addFlashAttribute("notAuthenticated", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
|
||||
Optional<User> userOpt = userService.findByUsername(principal.getName());
|
||||
|
||||
if (userOpt == null || userOpt.isEmpty()) {
|
||||
redirectAttributes.addFlashAttribute("error", "User not found.");
|
||||
redirectAttributes.addFlashAttribute("userNotFound", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
User user = userOpt.get();
|
||||
|
||||
if (!userService.isPasswordCorrect(user, currentPassword)) {
|
||||
redirectAttributes.addFlashAttribute("error", "Current password is incorrect.");
|
||||
redirectAttributes.addFlashAttribute("incorrectPassword", true);
|
||||
return new RedirectView("/account");
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user