aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnton Tananaev <anton@traccar.org>2024-02-27 18:44:07 -0800
committerAnton Tananaev <anton@traccar.org>2024-02-27 18:44:07 -0800
commitcb20b6984f6cc75e161e37baa6ff8a56a2e246a7 (patch)
tree8ebc1bcd66298945380d89431da5e86c74a5d749
parent89fba5afc13ab885554a8eaab41722f31f3642f4 (diff)
downloadtrackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.tar.gz
trackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.tar.bz2
trackermap-server-cb20b6984f6cc75e161e37baa6ff8a56a2e246a7.zip
Fix failed login handling
-rw-r--r--src/main/java/org/traccar/api/resource/SessionResource.java11
-rw-r--r--src/main/java/org/traccar/api/security/SecurityRequestFilter.java4
2 files changed, 8 insertions, 7 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java
index dc517277e..2f357a309 100644
--- a/src/main/java/org/traccar/api/resource/SessionResource.java
+++ b/src/main/java/org/traccar/api/resource/SessionResource.java
@@ -79,8 +79,8 @@ public class SessionResource extends BaseResource {
if (token != null) {
LoginResult loginResult = loginService.login(token);
- User user = loginResult.getUser();
- if (user != null) {
+ if (loginResult != null) {
+ User user = loginResult.getUser();
request.getSession().setAttribute(USER_ID_KEY, user.getId());
request.getSession().setAttribute(EXPIRATION_KEY, loginResult.getExpiration());
LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request));
@@ -116,9 +116,9 @@ public class SessionResource extends BaseResource {
@FormParam("email") String email,
@FormParam("password") String password,
@FormParam("code") Integer code) throws StorageException {
- User user;
+ LoginResult loginResult;
try {
- user = loginService.login(email, password, code).getUser();
+ loginResult = loginService.login(email, password, code);
} catch (CodeRequiredException e) {
Response response = Response
.status(Response.Status.UNAUTHORIZED)
@@ -126,7 +126,8 @@ public class SessionResource extends BaseResource {
.build();
throw new WebApplicationException(response);
}
- if (user != null) {
+ if (loginResult != null) {
+ User user = new User();
request.getSession().setAttribute(USER_ID_KEY, user.getId());
LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request));
return user;
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index c33a80015..12a5dbecf 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -90,8 +90,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
String[] auth = decodeBasicAuth(authHeader);
loginResult = loginService.login(auth[0], auth[1], null);
}
- User user = loginResult.getUser();
- if (user != null) {
+ if (loginResult != null) {
+ User user = loginResult.getUser();
statisticsManager.registerRequest(user.getId());
securityContext = new UserSecurityContext(
new UserPrincipal(user.getId(), loginResult.getExpiration()));