diff options
author | Rafael Guterres <guterresrafael@gmail.com> | 2015-11-05 22:03:00 -0200 |
---|---|---|
committer | Rafael Guterres <guterresrafael@gmail.com> | 2015-11-05 22:03:00 -0200 |
commit | 2490884fd74e20b69e5913533be77fc057731a47 (patch) | |
tree | d38e20a284fe0cf3e9bd057e07679f7b15279b77 /src/org/traccar/web/BaseServlet.java | |
parent | b14974fec3c529e4cc29db6f86372efddc87b959 (diff) | |
download | trackermap-server-2490884fd74e20b69e5913533be77fc057731a47.tar.gz trackermap-server-2490884fd74e20b69e5913533be77fc057731a47.tar.bz2 trackermap-server-2490884fd74e20b69e5913533be77fc057731a47.zip |
Add support to authorization basic http header in alternative to cookie and java session.
Modification to allow traccar api stateless.
Diffstat (limited to 'src/org/traccar/web/BaseServlet.java')
-rw-r--r-- | src/org/traccar/web/BaseServlet.java | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/org/traccar/web/BaseServlet.java b/src/org/traccar/web/BaseServlet.java index cfdff40d3..a77ad0908 100644 --- a/src/org/traccar/web/BaseServlet.java +++ b/src/org/traccar/web/BaseServlet.java @@ -20,6 +20,7 @@ import org.traccar.helper.Log; import java.io.IOException; import java.io.Writer; import java.security.AccessControlException; +import java.util.Map; import javax.json.Json; import javax.json.JsonObjectBuilder; import javax.json.JsonStructure; @@ -27,6 +28,9 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.traccar.Context; +import org.traccar.helper.Authorization; +import org.traccar.model.User; public abstract class BaseServlet extends HttpServlet { @@ -57,7 +61,15 @@ public abstract class BaseServlet extends HttpServlet { protected abstract boolean handle( String command, HttpServletRequest req, HttpServletResponse resp) throws Exception; - public long getUserId(HttpServletRequest req) { + public long getUserId(HttpServletRequest req) throws Exception { + String authorization = req.getHeader(Authorization.HEADER); + if (authorization != null && !authorization.isEmpty()) { + Map<String, String> authMap = Authorization.parse(authorization); + User user = Context.getDataManager().login(authMap.get(Authorization.USERNAME), authMap.get(Authorization.PASSWORD)); + if (user != null) { + return user.getId(); + } + } Long userId = (Long) req.getSession().getAttribute(USER_KEY); if (userId == null) { throw new AccessControlException("User not logged in"); |