aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorninioe <ninioe@gmail.com>2016-08-07 09:48:44 +0300
committerninioe <ninioe@gmail.com>2016-08-07 09:48:44 +0300
commite26d81c7430d8668b3af1bbf15672f06a855d6d0 (patch)
tree0c953d64bf782534f4ab9477ac970816e5fe801a /src
parentc2001339cf2afac3104f3e0da430358f94e3dc18 (diff)
downloadtrackermap-server-e26d81c7430d8668b3af1bbf15672f06a855d6d0.tar.gz
trackermap-server-e26d81c7430d8668b3af1bbf15672f06a855d6d0.tar.bz2
trackermap-server-e26d81c7430d8668b3af1bbf15672f06a855d6d0.zip
check user cookies on server side before login dialog
Diffstat (limited to 'src')
-rw-r--r--src/org/traccar/api/resource/SessionResource.java25
1 files changed, 25 insertions, 0 deletions
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java
index 745088a4d..5d41cdd71 100644
--- a/src/org/traccar/api/resource/SessionResource.java
+++ b/src/org/traccar/api/resource/SessionResource.java
@@ -20,6 +20,7 @@ import org.traccar.api.BaseResource;
import org.traccar.model.User;
import javax.annotation.security.PermitAll;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -39,6 +40,8 @@ import java.sql.SQLException;
public class SessionResource extends BaseResource {
public static final String USER_ID_KEY = "userId";
+ public static final String USER_COOKIE_KEY = "user";
+ public static final String PASS_COOKIE_KEY = "pass";
@javax.ws.rs.core.Context
private HttpServletRequest request;
@@ -47,6 +50,28 @@ public class SessionResource extends BaseResource {
@GET
public User get() throws SQLException {
Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
+ if (userId == null) {
+ Cookie[] cookies = request.getCookies();
+ String email = null, password = null;
+ if (cookies != null) {
+ for (int i = 0; i < cookies.length; i++) {
+ if (cookies[i].getName().equals(USER_COOKIE_KEY)) {
+ email = cookies[i].getValue();
+ }
+ if (cookies[i].getName().equals(PASS_COOKIE_KEY)) {
+ password = cookies[i].getValue();
+ }
+ }
+ }
+ if (email != null && password != null){
+ User user = Context.getDataManager().login(email, password);
+ if (user != null) {
+ userId = user.getId();
+ request.getSession().setAttribute(USER_ID_KEY, userId);
+ }
+ }
+ }
+
if (userId != null) {
return Context.getDataManager().getUser(userId);
} else {