diff options
author | Anton Tananaev <anton@traccar.org> | 2022-08-02 19:16:11 -0700 |
---|---|---|
committer | Anton Tananaev <anton@traccar.org> | 2022-08-02 19:16:11 -0700 |
commit | ab6970135850655313e257cf44fb68c67e9f1e80 (patch) | |
tree | 2327f3d05816fd7431b7a08aad4830041f2e3131 /src/main/java/org/traccar/api/security | |
parent | 057262001dd933738fc070a57d51dc57518aa57b (diff) | |
download | trackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.tar.gz trackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.tar.bz2 trackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.zip |
New API token system
Diffstat (limited to 'src/main/java/org/traccar/api/security')
-rw-r--r-- | src/main/java/org/traccar/api/security/LoginService.java | 13 | ||||
-rw-r--r-- | src/main/java/org/traccar/api/security/SecurityRequestFilter.java | 4 |
2 files changed, 13 insertions, 4 deletions
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java index 104a6fac3..1e82a4cf2 100644 --- a/src/main/java/org/traccar/api/security/LoginService.java +++ b/src/main/java/org/traccar/api/security/LoginService.java @@ -15,6 +15,7 @@ */ package org.traccar.api.security; +import org.traccar.api.signature.TokenManager; import org.traccar.config.Config; import org.traccar.config.Keys; import org.traccar.database.LdapProvider; @@ -27,29 +28,35 @@ import org.traccar.storage.query.Request; import javax.annotation.Nullable; import javax.inject.Inject; +import java.io.IOException; +import java.security.GeneralSecurityException; public class LoginService { private final Storage storage; + private final TokenManager tokenManager; private final LdapProvider ldapProvider; private final String serviceAccountToken; private final boolean forceLdap; @Inject - public LoginService(Config config, Storage storage, @Nullable LdapProvider ldapProvider) { + public LoginService( + Config config, Storage storage, TokenManager tokenManager, @Nullable LdapProvider ldapProvider) { this.storage = storage; + this.tokenManager = tokenManager; this.ldapProvider = ldapProvider; serviceAccountToken = config.getString(Keys.WEB_SERVICE_ACCOUNT_TOKEN); forceLdap = config.getBoolean(Keys.LDAP_FORCE); } - public User login(String token) throws StorageException { + public User login(String token) throws StorageException, GeneralSecurityException, IOException { if (serviceAccountToken != null && serviceAccountToken.equals(token)) { return new ServiceAccountUser(); } + long userId = tokenManager.verifyToken(token); User user = storage.getObject(User.class, new Request( - new Columns.All(), new Condition.Equals("token", "token", token))); + new Columns.All(), new Condition.Equals("id", "id", userId))); if (user != null) { checkUserEnabled(user); } diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java index ada7bf997..94b6bbf05 100644 --- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java +++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java @@ -33,8 +33,10 @@ import javax.ws.rs.container.ResourceInfo; import javax.ws.rs.core.Context; import javax.ws.rs.core.Response; import javax.ws.rs.core.SecurityContext; +import java.io.IOException; import java.lang.reflect.Method; import java.nio.charset.StandardCharsets; +import java.security.GeneralSecurityException; public class SecurityRequestFilter implements ContainerRequestFilter { @@ -94,7 +96,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { statisticsManager.registerRequest(user.getId()); securityContext = new UserSecurityContext(new UserPrincipal(user.getId())); } - } catch (StorageException e) { + } catch (StorageException | GeneralSecurityException | IOException e) { throw new WebApplicationException(e); } |