aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/web
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2015-11-14 10:08:35 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2015-11-14 10:08:35 +1300
commite62d408f73d34a7f0ed5a43fd8b517f9667dbb5e (patch)
treed914cde090b2b36cfed604969b1816c0320738c2 /src/org/traccar/web
parentc9d9ef9f2fef278455b37e64f83b8e0851c908d0 (diff)
parentd7d53864f610211a1591d056ccf8e7295438e4a6 (diff)
downloadtrackermap-server-e62d408f73d34a7f0ed5a43fd8b517f9667dbb5e.tar.gz
trackermap-server-e62d408f73d34a7f0ed5a43fd8b517f9667dbb5e.tar.bz2
trackermap-server-e62d408f73d34a7f0ed5a43fd8b517f9667dbb5e.zip
Merge pull request #1510 from guterresrafael/master
Add support for basic authorization
Diffstat (limited to 'src/org/traccar/web')
-rw-r--r--src/org/traccar/web/BaseServlet.java16
1 files changed, 15 insertions, 1 deletions
diff --git a/src/org/traccar/web/BaseServlet.java b/src/org/traccar/web/BaseServlet.java
index cfdff40d3..039e3a1f4 100644
--- a/src/org/traccar/web/BaseServlet.java
+++ b/src/org/traccar/web/BaseServlet.java
@@ -20,6 +20,7 @@ import org.traccar.helper.Log;
import java.io.IOException;
import java.io.Writer;
import java.security.AccessControlException;
+import java.util.Map;
import javax.json.Json;
import javax.json.JsonObjectBuilder;
import javax.json.JsonStructure;
@@ -27,6 +28,9 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.traccar.Context;
+import org.traccar.helper.Authorization;
+import org.traccar.model.User;
public abstract class BaseServlet extends HttpServlet {
@@ -57,7 +61,17 @@ public abstract class BaseServlet extends HttpServlet {
protected abstract boolean handle(
String command, HttpServletRequest req, HttpServletResponse resp) throws Exception;
- public long getUserId(HttpServletRequest req) {
+ public long getUserId(HttpServletRequest req) throws Exception {
+ String authorization = req.getHeader(Authorization.HEADER);
+ if (authorization != null && !authorization.isEmpty()) {
+ Map<String, String> authMap = Authorization.parse(authorization);
+ String username = authMap.get(Authorization.USERNAME);
+ String password = authMap.get(Authorization.PASSWORD);
+ User user = Context.getDataManager().login(username, password);
+ if (user != null) {
+ return user.getId();
+ }
+ }
Long userId = (Long) req.getSession().getAttribute(USER_KEY);
if (userId == null) {
throw new AccessControlException("User not logged in");