PGL/Clyde
3
2
Fork 3
Code Issues 13 Pull Requests Actions Projects 3 Releases 2 Wiki Activity

fixed some issue for the token authorization #87

Merged
Maxime merged 2 commits from Max/Backend/GetUser into master 2024-03-10 23:28:14 +01:00
Conversation 3 Commits 2 Files Changed 6 +45 -13
6 changed files with 45 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
View File

@ -49,10 +49,6 @@ public class MockController {
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke)); mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
userRepo.saveAll(mockUsers); userRepo.saveAll(mockUsers);
for (User user: mockUsers){
tokenRepo.save(new Token(user,user.getPassword()));
}
} }
@DeleteMapping("/mock") @DeleteMapping("/mock")

26
backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java Normal file
View File

@ -0,0 +1,26 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import ovh.herisson.Clyde.Services.TokenService;
import ovh.herisson.Clyde.Tables.Token;
@RestController
@CrossOrigin(origins = "http://localhost:5173")
tonitch commented 2024-03-09 21:13:05 +01:00
Review
Copy Link

Dans le dernier pr j'ai fait un petit changement au cross origin. Pour l'instant c'est bon mais c'est juste pour attirer l'attention sur ça !

Dans le dernier pr j'ai fait un petit changement au cross origin. Pour l'instant c'est bon mais c'est juste pour attirer l'attention sur ça !
public class TokenController {
private final TokenService tokenServ;
public TokenController(TokenService tokenServ){
this.tokenServ = tokenServ;
}
@GetMapping("/tokens")
public Iterable<Token> getTokens(){
tonitch commented 2024-03-09 21:16:59 +01:00
Review
Copy Link

C'est pour le debug ? Faudrait mettre un TODO pour mettre ça que pour les admins

C'est pour le debug ? Faudrait mettre un TODO pour mettre ça que pour les admins
return tokenServ.getAllTokens();
}
}

12
backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
View File

@ -23,18 +23,18 @@ public class UserController {
} }
@GetMapping("/user") @GetMapping("/user")
public ResponseEntity<User> getUser(@RequestHeader("Authorization") String token){ public ResponseEntity<User> getUser(@RequestHeader("Cookie") String authorization){
tonitch commented 2024-03-09 21:10:55 +01:00
Outdated
Review
Copy Link

Pourquoi le passage à Coookie ?

Pourquoi le passage à Coookie ?
tonitch commented 2024-03-10 00:07:15 +01:00
Outdated
Review
Copy Link

frontend/src/rest/restConsumer.js Line 35 in 8fdfb470cb
'Authorization': session_token,

https://git.herisson.ovh/PGL/Clyde/src/commit/8fdfb470cb3c130f0d0e3bde1adc9b7e4edb1981/frontend/src/rest/restConsumer.js#L35
User user = authServ.getUserFromToken(token);
if (user == null) { if (authorization == null) return new UnauthorizedResponse<>(null);
return new UnauthorizedResponse<>(null); User user = authServ.getUserFromToken(authorization);
} if (user == null) return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(user, HttpStatus.OK); return new ResponseEntity<>(user, HttpStatus.OK);
} }
@PostMapping("/user") @PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user){ public ResponseEntity<String> postUser(@RequestBody User user){
userService.save(user); userService.save(user);
return new ResponseEntity<String>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED); return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
} }
@GetMapping("/users") @GetMapping("/users")

1
backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java
View File

@ -9,4 +9,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
Token getByToken(String token); Token getByToken(String token);
Iterable<Token> getByUser(User user); Iterable<Token> getByUser(User user);
Maxime marked this conversation as resolved
tonitch commented 2024-03-09 21:27:02 +01:00
Review
Copy Link

t'es sur ?

t'es sur ?
} }

13
backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
View File

@ -20,12 +20,19 @@ public class TokenService {
this.tokenRepo = tokenRepo; this.tokenRepo = tokenRepo;
} }
public Iterable<Token> getAllTokens() {
return tokenRepo.findAll();
}
public String generateNewToken(){ public String generateNewToken(){
byte[] bytes = new byte[64]; byte[] bytes = new byte[64];
new SecureRandom().nextBytes(bytes); new SecureRandom().nextBytes(bytes);
for (int i = 0; i < bytes.length; i++) { for (int i = 0; i < bytes.length; i++) {
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32)); bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
while ((char)bytes[i] == ';'){
bytes[i] = new SecureRandom().generateSeed(1)[0];
}
Maxime marked this conversation as resolved
tonitch commented 2024-03-09 23:24:38 +01:00
Review
Copy Link

FAIT DU MD5

FAIT DU MD5
} }
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
try { try {
@ -35,8 +42,10 @@ public class TokenService {
} }
} }
public User getUserFromToken(String token){ public User getUserFromToken(String token) {
return tokenRepo.getByToken(token).getUser(); Token tokenRep = tokenRepo.getByToken(token);
if (tokenRep == null) return null;
return tokenRep.getUser();
} }
public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate

2
backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java
View File

@ -8,7 +8,7 @@ public class Token {
@Id @Id
private int id; private int id;
@ManyToOne(fetch = FetchType.LAZY) @ManyToOne(fetch = FetchType.EAGER)
@JoinColumn(name ="Users") @JoinColumn(name ="Users")
private User user; private User user;
private String token; private String token;