diff options
| author | Iván Ávalos <avalos@disroot.org> | 2021-12-27 18:22:07 -0600 |
|---|---|---|
| committer | Iván Ávalos <avalos@disroot.org> | 2021-12-27 18:22:07 -0600 |
| commit | f03b999d6d17e53c1c1e1aa2f9271d03f12f2264 (patch) | |
| tree | a16d409887e65e4211e0f8ea4fc73a86e637a032 /src/main/java/org/traccar/api/resource/SessionResource.java | |
| parent | 3a528ddc88f72f39ff9566cf5e0f54938b1584ef (diff) | |
| parent | 790db6295f130e64c8346f13985dd0c15f938b40 (diff) | |
| download | traccar-server-f03b999d6d17e53c1c1e1aa2f9271d03f12f2264.tar.gz traccar-server-f03b999d6d17e53c1c1e1aa2f9271d03f12f2264.tar.bz2 traccar-server-f03b999d6d17e53c1c1e1aa2f9271d03f12f2264.zip | |
Merge branch 'master' into suntech-fixes
Diffstat (limited to 'src/main/java/org/traccar/api/resource/SessionResource.java')
| -rw-r--r-- | src/main/java/org/traccar/api/resource/SessionResource.java | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index e3c5d457f..60ce5490a 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2021 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -57,8 +57,19 @@ public class SessionResource extends BaseResource { @PermitAll @GET public User get(@QueryParam("token") String token) throws SQLException, UnsupportedEncodingException { + + if (token != null) { + User user = Context.getUsersManager().getUserByToken(token); + if (user != null) { + Context.getPermissionsManager().checkUserEnabled(user.getId()); + request.getSession().setAttribute(USER_ID_KEY, user.getId()); + return user; + } + } + Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY); if (userId == null) { + Cookie[] cookies = request.getCookies(); String email = null, password = null; if (cookies != null) { @@ -77,24 +88,20 @@ public class SessionResource extends BaseResource { if (email != null && password != null) { User user = Context.getPermissionsManager().login(email, password); if (user != null) { - userId = user.getId(); - request.getSession().setAttribute(USER_ID_KEY, userId); - } - } else if (token != null) { - User user = Context.getUsersManager().getUserByToken(token); - if (user != null) { - userId = user.getId(); - request.getSession().setAttribute(USER_ID_KEY, userId); + Context.getPermissionsManager().checkUserEnabled(user.getId()); + request.getSession().setAttribute(USER_ID_KEY, user.getId()); + return user; } } - } - if (userId != null) { + } else { + Context.getPermissionsManager().checkUserEnabled(userId); return Context.getPermissionsManager().getUser(userId); - } else { - throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); + } + + throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); } @PermitAll |