From e26d81c7430d8668b3af1bbf15672f06a855d6d0 Mon Sep 17 00:00:00 2001 From: ninioe Date: Sun, 7 Aug 2016 09:48:44 +0300 Subject: check user cookies on server side before login dialog --- src/org/traccar/api/resource/SessionResource.java | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'src/org') diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java index 745088a4d..5d41cdd71 100644 --- a/src/org/traccar/api/resource/SessionResource.java +++ b/src/org/traccar/api/resource/SessionResource.java @@ -20,6 +20,7 @@ import org.traccar.api.BaseResource; import org.traccar.model.User; import javax.annotation.security.PermitAll; +import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -39,6 +40,8 @@ import java.sql.SQLException; public class SessionResource extends BaseResource { public static final String USER_ID_KEY = "userId"; + public static final String USER_COOKIE_KEY = "user"; + public static final String PASS_COOKIE_KEY = "pass"; @javax.ws.rs.core.Context private HttpServletRequest request; @@ -47,6 +50,28 @@ public class SessionResource extends BaseResource { @GET public User get() throws SQLException { Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY); + if (userId == null) { + Cookie[] cookies = request.getCookies(); + String email = null, password = null; + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals(USER_COOKIE_KEY)) { + email = cookies[i].getValue(); + } + if (cookies[i].getName().equals(PASS_COOKIE_KEY)) { + password = cookies[i].getValue(); + } + } + } + if (email != null && password != null){ + User user = Context.getDataManager().login(email, password); + if (user != null) { + userId = user.getId(); + request.getSession().setAttribute(USER_ID_KEY, userId); + } + } + } + if (userId != null) { return Context.getDataManager().getUser(userId); } else { -- cgit v1.2.3 From e35bb104574105e94872fef42607f3ccd19f12b8 Mon Sep 17 00:00:00 2001 From: ninioe Date: Sun, 7 Aug 2016 10:06:31 +0300 Subject: Checkstyle error fix --- src/org/traccar/api/resource/SessionResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/org') diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java index 5d41cdd71..ae2c919e9 100644 --- a/src/org/traccar/api/resource/SessionResource.java +++ b/src/org/traccar/api/resource/SessionResource.java @@ -63,7 +63,7 @@ public class SessionResource extends BaseResource { } } } - if (email != null && password != null){ + if (email != null && password != null) { User user = Context.getDataManager().login(email, password); if (user != null) { userId = user.getId(); -- cgit v1.2.3 From 26fb811c067e11f884640fd9f13be2ab8f77b400 Mon Sep 17 00:00:00 2001 From: ninioe Date: Sun, 7 Aug 2016 10:14:37 +0300 Subject: fix references names --- src/org/traccar/api/resource/SessionResource.java | 2 +- web/app/view/LoginController.js | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'src/org') diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java index ae2c919e9..49670c1f9 100644 --- a/src/org/traccar/api/resource/SessionResource.java +++ b/src/org/traccar/api/resource/SessionResource.java @@ -41,7 +41,7 @@ public class SessionResource extends BaseResource { public static final String USER_ID_KEY = "userId"; public static final String USER_COOKIE_KEY = "user"; - public static final String PASS_COOKIE_KEY = "pass"; + public static final String PASS_COOKIE_KEY = "password"; @javax.ws.rs.core.Context private HttpServletRequest request; diff --git a/web/app/view/LoginController.js b/web/app/view/LoginController.js index 47fae59f9..8beef1e04 100644 --- a/web/app/view/LoginController.js +++ b/web/app/view/LoginController.js @@ -40,9 +40,9 @@ Ext.define('Traccar.view.LoginController', { callback: function (options, success, response) { Ext.getBody().unmask(); if (success) { - if (this.lookupReference('rememberMeField').getValue()) { + if (this.lookupReference('rememberField').getValue()) { Ext.util.Cookies.set('user', this.lookupReference('userField').getValue(), Ext.Date.add(new Date(), Ext.Date.YEAR, 1)); - Ext.util.Cookies.set('pass', this.lookupReference('passwordField').getValue(), Ext.Date.add(new Date(), Ext.Date.YEAR, 1)); + Ext.util.Cookies.set('password', this.lookupReference('passwordField').getValue(), Ext.Date.add(new Date(), Ext.Date.YEAR, 1)); } Traccar.app.setUser(Ext.decode(response.responseText)); this.fireViewEvent('login'); @@ -56,7 +56,7 @@ Ext.define('Traccar.view.LoginController', { logout: function () { Ext.util.Cookies.clear('user'); - Ext.util.Cookies.clear('pass'); + Ext.util.Cookies.clear('password'); Ext.Ajax.request({ scope: this, method: 'DELETE', -- cgit v1.2.3