/** * returns the current user and a new authorization token in the response */ public Mono<UserDto> userWithToken(Mono<UserDto> userDto, ServerHttpResponse response, long expirationMillis) { return userDto.doOnNext(user -> { log.debug("Adding auth header for " + user.getUsername()); addAuthHeader(response, user, expirationMillis); }); }
/** * Returns the context data to be sent to the client, * i.e. <code>reCaptchaSiteKey</code> and all the properties * prefixed with <code>lemon.shared</code>. * * To send custom properties, put those in your application * properties in the format <em>lemon.shared.fooBar</em>. * * If a user is logged in, it also returns the user data * and a new authorization token. If expirationMillis is not provided, * the expiration of the new token is set to the default. * * Override this method if needed. */ public Mono<Map<String, Object>> getContext(Optional<Long> expirationMillis, ServerHttpResponse response) { log.debug("Getting context ..."); Mono<Optional<UserDto>> userDtoMono = LecrUtils.currentUser(); return userDtoMono.map(optionalUser -> { Map<String, Object> context = buildContext(); optionalUser.ifPresent(user -> { addAuthHeader(response, user, expirationMillis.orElse(properties.getJwt().getExpirationMillis())); context.put("user", user); }); return context; }); }
/** * Afgter a successful login, returns the current user with an authorization header. */ @PostMapping("/login") public Mono<UserDto> login(ServerWebExchange exchange) { log.debug("Returning current user ... "); return ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .map(Authentication::getPrincipal) .cast(LemonPrincipal.class) .doOnNext(LemonPrincipal::eraseCredentials) .map(LemonPrincipal::currentUser) .zipWith(exchange.getFormData()) .doOnNext(tuple -> { long expirationMillis = lemonReactiveService.getExpirationMillis(tuple.getT2()); lemonReactiveService.addAuthHeader(exchange.getResponse(), tuple.getT1(), expirationMillis); }) .map(Tuple2::getT1); }