fixed some issue for the token authorization (#87)

Reviewed-on: PGL/Clyde#87 Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com> Co-authored-by: Bartha Maxime <231026@umons.ac.be> Co-committed-by: Bartha Maxime <231026@umons.ac.be>
2024-03-10 23:28:13 +01:00
parent b7c97ead2b
commit ce2efb61c8
6 changed files with 45 additions and 13 deletions
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
@ -49,10 +49,6 @@ public class MockController {
        mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));

        userRepo.saveAll(mockUsers);
-
-        for (User user: mockUsers){
-            tokenRepo.save(new Token(user,user.getPassword()));
-        }
    }

    @DeleteMapping("/mock")
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java
@ -0,0 +1,26 @@
+package ovh.herisson.Clyde.EndPoints;
+
+
+
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import ovh.herisson.Clyde.Services.TokenService;
+import ovh.herisson.Clyde.Tables.Token;
+
+@RestController
+@CrossOrigin(origins = "http://localhost:5173")
+public class TokenController {
+
+    private final TokenService tokenServ;
+
+    public TokenController(TokenService tokenServ){
+        this.tokenServ = tokenServ;
+    }
+
+
+    @GetMapping("/tokens")
+    public Iterable<Token> getTokens(){
+        return tokenServ.getAllTokens();
+    }
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
@ -23,18 +23,18 @@ public class UserController {
    }

    @GetMapping("/user")
-    public ResponseEntity<User> getUser(@RequestHeader("Authorization") String token){
-        User user = authServ.getUserFromToken(token);
-        if (user == null) {
-            return new UnauthorizedResponse<>(null);
-        }
+    public ResponseEntity<User> getUser(@RequestHeader("Cookie") String authorization){
+
+        if (authorization == null) return new UnauthorizedResponse<>(null);
+        User user = authServ.getUserFromToken(authorization);
+        if (user == null) return new UnauthorizedResponse<>(null);
        return new ResponseEntity<>(user, HttpStatus.OK);
    }

    @PostMapping("/user")
    public ResponseEntity<String> postUser(@RequestBody User user){
        userService.save(user);
-        return new ResponseEntity<String>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
+        return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
    }

    @GetMapping("/users")
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java
@ -9,4 +9,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
    Token getByToken(String token);

    Iterable<Token> getByUser(User user);
+
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
@ -20,12 +20,19 @@ public class TokenService {
        this.tokenRepo = tokenRepo;
    }

+    public Iterable<Token> getAllTokens() {
+        return tokenRepo.findAll();
+    }
+

    public String generateNewToken(){
        byte[] bytes = new byte[64];
        new SecureRandom().nextBytes(bytes);
        for (int i = 0; i < bytes.length; i++) {
            bytes[i] = (byte) (((bytes[i]+256)%256  %95+ 32));
+            while ((char)bytes[i] == ';'){
+                bytes[i] = new SecureRandom().generateSeed(1)[0];
+            }
        }
        // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
        try {
@ -35,8 +42,10 @@ public class TokenService {
        }
    }

-    public User getUserFromToken(String token){
-        return tokenRepo.getByToken(token).getUser();
+    public User getUserFromToken(String token) {
+        Token tokenRep = tokenRepo.getByToken(token);
+        if (tokenRep == null) return null;
+        return tokenRep.getUser();
    }

    public void saveToken(String token, User user, Date expirationDate){// todo faire qlq chose de l'expDate
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java
@ -8,7 +8,7 @@ public class Token {
    @Id
    private int id;

-    @ManyToOne(fetch = FetchType.LAZY)
+    @ManyToOne(fetch = FetchType.EAGER)
    @JoinColumn(name ="Users")
    private User user;
    private String token;