diff options
5 files changed, 43 insertions, 16 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index 90f0ceade..3e80e0020 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -82,7 +82,7 @@ public class SessionResource extends BaseResource { public User get(@QueryParam("token") String token) throws StorageException, IOException, GeneralSecurityException { if (token != null) { - User user = loginService.login(token); + User user = loginService.login(token).getUser(); if (user != null) { request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -109,7 +109,7 @@ public class SessionResource extends BaseResource { } } if (email != null && password != null) { - User user = loginService.login(email, password, null); + User user = loginService.login(email, password, null).getUser(); if (user != null) { request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -148,7 +148,7 @@ public class SessionResource extends BaseResource { @FormParam("code") Integer code) throws StorageException { User user; try { - user = loginService.login(email, password, code); + user = loginService.login(email, password, code).getUser(); } catch (CodeRequiredException e) { Response response = Response .status(Response.Status.UNAUTHORIZED) diff --git a/src/main/java/org/traccar/api/security/LoginResult.java b/src/main/java/org/traccar/api/security/LoginResult.java new file mode 100644 index 000000000..66c35bbed --- /dev/null +++ b/src/main/java/org/traccar/api/security/LoginResult.java @@ -0,0 +1,25 @@ +package org.traccar.api.security; + +import org.traccar.model.User; + +import java.util.Date; + +public class LoginResult { + + private final User user; + private final Date expiration; + + public LoginResult(User user) { + this.user = user; + expiration = null; + } + + public User getUser() { + return user; + } + + public Date getExpiration() { + return expiration; + } + +} diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java index 829f5d2fa..6246d2494 100644 --- a/src/main/java/org/traccar/api/security/LoginService.java +++ b/src/main/java/org/traccar/api/security/LoginService.java @@ -1,5 +1,5 @@ /* - * Copyright 2022 Anton Tananaev (anton@traccar.org) + * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -58,9 +58,9 @@ public class LoginService { forceOpenId = config.getBoolean(Keys.OPENID_FORCE); } - public User login(String token) throws StorageException, GeneralSecurityException, IOException { + public LoginResult login(String token) throws StorageException, GeneralSecurityException, IOException { if (serviceAccountToken != null && serviceAccountToken.equals(token)) { - return new ServiceAccountUser(); + return new LoginResult(new ServiceAccountUser()); } long userId = tokenManager.verifyToken(token); User user = storage.getObject(User.class, new Request( @@ -68,10 +68,10 @@ public class LoginService { if (user != null) { checkUserEnabled(user); } - return user; + return new LoginResult(user); } - public User login(String email, String password, Integer code) throws StorageException { + public LoginResult login(String email, String password, Integer code) throws StorageException { if (forceOpenId) { return null; } @@ -87,20 +87,20 @@ public class LoginService { || !forceLdap && user.isPasswordValid(password)) { checkUserCode(user, code); checkUserEnabled(user); - return user; + return new LoginResult(user); } } else { if (ldapProvider != null && ldapProvider.login(email, password)) { user = ldapProvider.getUser(email); user.setId(storage.addObject(user, new Request(new Columns.Exclude("id")))); checkUserEnabled(user); - return user; + return new LoginResult(user); } } return null; } - public User login(String email, String name, boolean administrator) throws StorageException { + public LoginResult login(String email, String name, boolean administrator) throws StorageException { User user = storage.getObject(User.class, new Request( new Columns.All(), new Condition.Equals("email", email))); @@ -115,7 +115,7 @@ public class LoginService { user.setId(storage.addObject(user, new Request(new Columns.Exclude("id")))); } checkUserEnabled(user); - return user; + return new LoginResult(user); } private void checkUserEnabled(User user) throws SecurityException { diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java index cb523177e..e308024da 100644 --- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java +++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java @@ -82,13 +82,14 @@ public class SecurityRequestFilter implements ContainerRequestFilter { if (authHeader != null) { try { - User user; + LoginResult loginResult; if (authHeader.startsWith("Bearer ")) { - user = loginService.login(authHeader.substring(7)); + loginResult = loginService.login(authHeader.substring(7)); } else { String[] auth = decodeBasicAuth(authHeader); - user = loginService.login(auth[0], auth[1], null); + loginResult = loginService.login(auth[0], auth[1], null); } + User user = loginResult.getUser(); if (user != null) { statisticsManager.registerRequest(user.getId()); securityContext = new UserSecurityContext(new UserPrincipal(user.getId())); diff --git a/src/main/java/org/traccar/database/OpenIdProvider.java b/src/main/java/org/traccar/database/OpenIdProvider.java index 1f5a2f481..93297f7ab 100644 --- a/src/main/java/org/traccar/database/OpenIdProvider.java +++ b/src/main/java/org/traccar/database/OpenIdProvider.java @@ -189,7 +189,8 @@ public class OpenIdProvider { throw new GeneralSecurityException("Your OpenID Groups do not permit access to Traccar."); } - User user = loginService.login(userInfo.getEmailAddress(), userInfo.getName(), administrator); + User user = loginService.login( + userInfo.getEmailAddress(), userInfo.getName(), administrator).getUser(); request.getSession().setAttribute(SessionResource.USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); |