aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/api/resource/SessionResource.java
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2015-12-20 14:40:15 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2015-12-20 14:40:15 +1300
commit3eff91673944f202e0aebe20faa925011568b685 (patch)
tree8b3db829d90ca73faa132463eff8661a7335936f /src/org/traccar/api/resource/SessionResource.java
parent4d29679dec4508d28af7651cdfd130e5a218b387 (diff)
downloadtrackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.gz
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.bz2
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.zip
Check permissions for REST API calls
Diffstat (limited to 'src/org/traccar/api/resource/SessionResource.java')
-rw-r--r--src/org/traccar/api/resource/SessionResource.java35
1 files changed, 14 insertions, 21 deletions
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java
index 554b6760e..745088a4d 100644
--- a/src/org/traccar/api/resource/SessionResource.java
+++ b/src/org/traccar/api/resource/SessionResource.java
@@ -45,32 +45,25 @@ public class SessionResource extends BaseResource {
@PermitAll
@GET
- public User get() {
- try {
- Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
- if (userId != null) {
- return Context.getDataManager().getUser(userId);
- } else {
- throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
- }
- } catch (SQLException e) {
- throw new WebApplicationException(e);
+ public User get() throws SQLException {
+ Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
+ if (userId != null) {
+ return Context.getDataManager().getUser(userId);
+ } else {
+ throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
}
}
@PermitAll
@POST
- public User add(@FormParam("email") String email, @FormParam("password") String password) {
- try {
- User user = Context.getDataManager().login(email, password);
- if (user != null) {
- request.getSession().setAttribute(USER_ID_KEY, user.getId());
- return user;
- } else {
- throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build());
- }
- } catch (SQLException e) {
- throw new WebApplicationException(e);
+ public User add(
+ @FormParam("email") String email, @FormParam("password") String password) throws SQLException {
+ User user = Context.getDataManager().login(email, password);
+ if (user != null) {
+ request.getSession().setAttribute(USER_ID_KEY, user.getId());
+ return user;
+ } else {
+ throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build());
}
}