diff options
author | Anton Tananaev <anton@traccar.org> | 2024-02-27 18:44:07 -0800 |
---|---|---|
committer | Anton Tananaev <anton@traccar.org> | 2024-02-27 18:44:07 -0800 |
commit | cb20b6984f6cc75e161e37baa6ff8a56a2e246a7 (patch) | |
tree | 8ebc1bcd66298945380d89431da5e86c74a5d749 | |
parent | 89fba5afc13ab885554a8eaab41722f31f3642f4 (diff) | |
download | trackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.tar.gz trackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.tar.bz2 trackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.zip |
Fix failed login handling
-rw-r--r-- | src/main/java/org/traccar/api/resource/SessionResource.java | 11 | ||||
-rw-r--r-- | src/main/java/org/traccar/api/security/SecurityRequestFilter.java | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index dc517277e..2f357a309 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -79,8 +79,8 @@ public class SessionResource extends BaseResource { if (token != null) { LoginResult loginResult = loginService.login(token); - User user = loginResult.getUser(); - if (user != null) { + if (loginResult != null) { + User user = loginResult.getUser(); request.getSession().setAttribute(USER_ID_KEY, user.getId()); request.getSession().setAttribute(EXPIRATION_KEY, loginResult.getExpiration()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -116,9 +116,9 @@ public class SessionResource extends BaseResource { @FormParam("email") String email, @FormParam("password") String password, @FormParam("code") Integer code) throws StorageException { - User user; + LoginResult loginResult; try { - user = loginService.login(email, password, code).getUser(); + loginResult = loginService.login(email, password, code); } catch (CodeRequiredException e) { Response response = Response .status(Response.Status.UNAUTHORIZED) @@ -126,7 +126,8 @@ public class SessionResource extends BaseResource { .build(); throw new WebApplicationException(response); } - if (user != null) { + if (loginResult != null) { + User user = new User(); request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); return user; diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java index c33a80015..12a5dbecf 100644 --- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java +++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java @@ -90,8 +90,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter { String[] auth = decodeBasicAuth(authHeader); loginResult = loginService.login(auth[0], auth[1], null); } - User user = loginResult.getUser(); - if (user != null) { + if (loginResult != null) { + User user = loginResult.getUser(); statisticsManager.registerRequest(user.getId()); securityContext = new UserSecurityContext( new UserPrincipal(user.getId(), loginResult.getExpiration())); |