diff options
Diffstat (limited to 'src/main/java')
-rw-r--r-- | src/main/java/org/traccar/api/resource/SessionResource.java | 11 | ||||
-rw-r--r-- | src/main/java/org/traccar/api/security/SecurityRequestFilter.java | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index dc517277e..2f357a309 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -79,8 +79,8 @@ public class SessionResource extends BaseResource { if (token != null) { LoginResult loginResult = loginService.login(token); - User user = loginResult.getUser(); - if (user != null) { + if (loginResult != null) { + User user = loginResult.getUser(); request.getSession().setAttribute(USER_ID_KEY, user.getId()); request.getSession().setAttribute(EXPIRATION_KEY, loginResult.getExpiration()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -116,9 +116,9 @@ public class SessionResource extends BaseResource { @FormParam("email") String email, @FormParam("password") String password, @FormParam("code") Integer code) throws StorageException { - User user; + LoginResult loginResult; try { - user = loginService.login(email, password, code).getUser(); + loginResult = loginService.login(email, password, code); } catch (CodeRequiredException e) { Response response = Response .status(Response.Status.UNAUTHORIZED) @@ -126,7 +126,8 @@ public class SessionResource extends BaseResource { .build(); throw new WebApplicationException(response); } - if (user != null) { + if (loginResult != null) { + User user = new User(); request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); return user; diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java index c33a80015..12a5dbecf 100644 --- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java +++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java @@ -90,8 +90,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter { String[] auth = decodeBasicAuth(authHeader); loginResult = loginService.login(auth[0], auth[1], null); } - User user = loginResult.getUser(); - if (user != null) { + if (loginResult != null) { + User user = loginResult.getUser(); statisticsManager.registerRequest(user.getId()); securityContext = new UserSecurityContext( new UserPrincipal(user.getId(), loginResult.getExpiration())); |