2 files changed, 13 insertions, 4 deletions

diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 104a6fac3..1e82a4cf2 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -15,6 +15,7 @@
  */
 package org.traccar.api.security;
 
+import org.traccar.api.signature.TokenManager;
 import org.traccar.config.Config;
 import org.traccar.config.Keys;
 import org.traccar.database.LdapProvider;
@@ -27,29 +28,35 @@ import org.traccar.storage.query.Request;
 
 import javax.annotation.Nullable;
 import javax.inject.Inject;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
 
 public class LoginService {
 
     private final Storage storage;
+    private final TokenManager tokenManager;
     private final LdapProvider ldapProvider;
 
     private final String serviceAccountToken;
     private final boolean forceLdap;
 
     @Inject
-    public LoginService(Config config, Storage storage, @Nullable LdapProvider ldapProvider) {
+    public LoginService(
+            Config config, Storage storage, TokenManager tokenManager, @Nullable LdapProvider ldapProvider) {
         this.storage = storage;
+        this.tokenManager = tokenManager;
         this.ldapProvider = ldapProvider;
         serviceAccountToken = config.getString(Keys.WEB_SERVICE_ACCOUNT_TOKEN);
         forceLdap = config.getBoolean(Keys.LDAP_FORCE);
     }
 
-    public User login(String token) throws StorageException {
+    public User login(String token) throws StorageException, GeneralSecurityException, IOException {
         if (serviceAccountToken != null && serviceAccountToken.equals(token)) {
             return new ServiceAccountUser();
         }
+        long userId = tokenManager.verifyToken(token);
         User user = storage.getObject(User.class, new Request(
-                new Columns.All(), new Condition.Equals("token", "token", token)));
+                new Columns.All(), new Condition.Equals("id", "id", userId)));
         if (user != null) {
             checkUserEnabled(user);
         }
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index ada7bf997..94b6bbf05 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -33,8 +33,10 @@ import javax.ws.rs.container.ResourceInfo;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
+import java.io.IOException;
 import java.lang.reflect.Method;
 import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
 
 public class SecurityRequestFilter implements ContainerRequestFilter {
 
@@ -94,7 +96,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
                         statisticsManager.registerRequest(user.getId());
                         securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
                     }
-                } catch (StorageException e) {
+                } catch (StorageException | GeneralSecurityException | IOException e) {
                     throw new WebApplicationException(e);
                 }