aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/main/java/org/traccar/api/resource/SessionResource.java6
-rw-r--r--src/main/java/org/traccar/api/security/LoginResult.java25
-rw-r--r--src/main/java/org/traccar/api/security/LoginService.java18
-rw-r--r--src/main/java/org/traccar/api/security/SecurityRequestFilter.java7
-rw-r--r--src/main/java/org/traccar/database/OpenIdProvider.java3
5 files changed, 43 insertions, 16 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java
index 90f0ceade..3e80e0020 100644
--- a/src/main/java/org/traccar/api/resource/SessionResource.java
+++ b/src/main/java/org/traccar/api/resource/SessionResource.java
@@ -82,7 +82,7 @@ public class SessionResource extends BaseResource {
public User get(@QueryParam("token") String token) throws StorageException, IOException, GeneralSecurityException {
if (token != null) {
- User user = loginService.login(token);
+ User user = loginService.login(token).getUser();
if (user != null) {
request.getSession().setAttribute(USER_ID_KEY, user.getId());
LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request));
@@ -109,7 +109,7 @@ public class SessionResource extends BaseResource {
}
}
if (email != null && password != null) {
- User user = loginService.login(email, password, null);
+ User user = loginService.login(email, password, null).getUser();
if (user != null) {
request.getSession().setAttribute(USER_ID_KEY, user.getId());
LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request));
@@ -148,7 +148,7 @@ public class SessionResource extends BaseResource {
@FormParam("code") Integer code) throws StorageException {
User user;
try {
- user = loginService.login(email, password, code);
+ user = loginService.login(email, password, code).getUser();
} catch (CodeRequiredException e) {
Response response = Response
.status(Response.Status.UNAUTHORIZED)
diff --git a/src/main/java/org/traccar/api/security/LoginResult.java b/src/main/java/org/traccar/api/security/LoginResult.java
new file mode 100644
index 000000000..66c35bbed
--- /dev/null
+++ b/src/main/java/org/traccar/api/security/LoginResult.java
@@ -0,0 +1,25 @@
+package org.traccar.api.security;
+
+import org.traccar.model.User;
+
+import java.util.Date;
+
+public class LoginResult {
+
+ private final User user;
+ private final Date expiration;
+
+ public LoginResult(User user) {
+ this.user = user;
+ expiration = null;
+ }
+
+ public User getUser() {
+ return user;
+ }
+
+ public Date getExpiration() {
+ return expiration;
+ }
+
+}
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 829f5d2fa..6246d2494 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2022 Anton Tananaev (anton@traccar.org)
+ * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -58,9 +58,9 @@ public class LoginService {
forceOpenId = config.getBoolean(Keys.OPENID_FORCE);
}
- public User login(String token) throws StorageException, GeneralSecurityException, IOException {
+ public LoginResult login(String token) throws StorageException, GeneralSecurityException, IOException {
if (serviceAccountToken != null && serviceAccountToken.equals(token)) {
- return new ServiceAccountUser();
+ return new LoginResult(new ServiceAccountUser());
}
long userId = tokenManager.verifyToken(token);
User user = storage.getObject(User.class, new Request(
@@ -68,10 +68,10 @@ public class LoginService {
if (user != null) {
checkUserEnabled(user);
}
- return user;
+ return new LoginResult(user);
}
- public User login(String email, String password, Integer code) throws StorageException {
+ public LoginResult login(String email, String password, Integer code) throws StorageException {
if (forceOpenId) {
return null;
}
@@ -87,20 +87,20 @@ public class LoginService {
|| !forceLdap && user.isPasswordValid(password)) {
checkUserCode(user, code);
checkUserEnabled(user);
- return user;
+ return new LoginResult(user);
}
} else {
if (ldapProvider != null && ldapProvider.login(email, password)) {
user = ldapProvider.getUser(email);
user.setId(storage.addObject(user, new Request(new Columns.Exclude("id"))));
checkUserEnabled(user);
- return user;
+ return new LoginResult(user);
}
}
return null;
}
- public User login(String email, String name, boolean administrator) throws StorageException {
+ public LoginResult login(String email, String name, boolean administrator) throws StorageException {
User user = storage.getObject(User.class, new Request(
new Columns.All(),
new Condition.Equals("email", email)));
@@ -115,7 +115,7 @@ public class LoginService {
user.setId(storage.addObject(user, new Request(new Columns.Exclude("id"))));
}
checkUserEnabled(user);
- return user;
+ return new LoginResult(user);
}
private void checkUserEnabled(User user) throws SecurityException {
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index cb523177e..e308024da 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -82,13 +82,14 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
if (authHeader != null) {
try {
- User user;
+ LoginResult loginResult;
if (authHeader.startsWith("Bearer ")) {
- user = loginService.login(authHeader.substring(7));
+ loginResult = loginService.login(authHeader.substring(7));
} else {
String[] auth = decodeBasicAuth(authHeader);
- user = loginService.login(auth[0], auth[1], null);
+ loginResult = loginService.login(auth[0], auth[1], null);
}
+ User user = loginResult.getUser();
if (user != null) {
statisticsManager.registerRequest(user.getId());
securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
diff --git a/src/main/java/org/traccar/database/OpenIdProvider.java b/src/main/java/org/traccar/database/OpenIdProvider.java
index 1f5a2f481..93297f7ab 100644
--- a/src/main/java/org/traccar/database/OpenIdProvider.java
+++ b/src/main/java/org/traccar/database/OpenIdProvider.java
@@ -189,7 +189,8 @@ public class OpenIdProvider {
throw new GeneralSecurityException("Your OpenID Groups do not permit access to Traccar.");
}
- User user = loginService.login(userInfo.getEmailAddress(), userInfo.getName(), administrator);
+ User user = loginService.login(
+ userInfo.getEmailAddress(), userInfo.getName(), administrator).getUser();
request.getSession().setAttribute(SessionResource.USER_ID_KEY, user.getId());
LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request));