diff options
Diffstat (limited to 'src/org/traccar/api/resource/SessionResource.java')
-rw-r--r-- | src/org/traccar/api/resource/SessionResource.java | 120 |
1 files changed, 0 insertions, 120 deletions
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java deleted file mode 100644 index fd331c766..000000000 --- a/src/org/traccar/api/resource/SessionResource.java +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright 2015 Anton Tananaev (anton@traccar.org) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.traccar.api.resource; - -import org.traccar.Context; -import org.traccar.api.BaseResource; -import org.traccar.helper.DataConverter; -import org.traccar.helper.LogAction; -import org.traccar.model.User; - -import javax.annotation.security.PermitAll; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.Consumes; -import javax.ws.rs.DELETE; -import javax.ws.rs.FormParam; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; - -import java.io.UnsupportedEncodingException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; -import java.sql.SQLException; - -@Path("session") -@Produces(MediaType.APPLICATION_JSON) -@Consumes(MediaType.APPLICATION_FORM_URLENCODED) -public class SessionResource extends BaseResource { - - public static final String USER_ID_KEY = "userId"; - public static final String USER_COOKIE_KEY = "user"; - public static final String PASS_COOKIE_KEY = "password"; - - @javax.ws.rs.core.Context - private HttpServletRequest request; - - @PermitAll - @GET - public User get(@QueryParam("token") String token) throws SQLException, UnsupportedEncodingException { - Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY); - if (userId == null) { - Cookie[] cookies = request.getCookies(); - String email = null, password = null; - if (cookies != null) { - for (Cookie cookie : cookies) { - if (cookie.getName().equals(USER_COOKIE_KEY)) { - byte[] emailBytes = DataConverter.parseBase64( - URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name())); - email = new String(emailBytes, StandardCharsets.UTF_8); - } else if (cookie.getName().equals(PASS_COOKIE_KEY)) { - byte[] passwordBytes = DataConverter.parseBase64( - URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name())); - password = new String(passwordBytes, StandardCharsets.UTF_8); - } - } - } - if (email != null && password != null) { - User user = Context.getPermissionsManager().login(email, password); - if (user != null) { - userId = user.getId(); - request.getSession().setAttribute(USER_ID_KEY, userId); - } - } else if (token != null) { - User user = Context.getUsersManager().getUserByToken(token); - if (user != null) { - userId = user.getId(); - request.getSession().setAttribute(USER_ID_KEY, userId); - } - } - } - - if (userId != null) { - Context.getPermissionsManager().checkUserEnabled(userId); - return Context.getPermissionsManager().getUser(userId); - } else { - throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); - } - } - - @PermitAll - @POST - public User add( - @FormParam("email") String email, @FormParam("password") String password) throws SQLException { - User user = Context.getPermissionsManager().login(email, password); - if (user != null) { - request.getSession().setAttribute(USER_ID_KEY, user.getId()); - LogAction.login(user.getId()); - return user; - } else { - throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build()); - } - } - - @DELETE - public Response remove() { - LogAction.logout(getUserId()); - request.getSession().removeAttribute(USER_ID_KEY); - return Response.noContent().build(); - } - -} |