/** * Authenticate user and start user session. */ protected JsonResult login() { T authToken; authToken = loginViaBasicAuth(servletRequest); if (authToken == null) { authToken = loginViaRequestParams(servletRequest); } if (authToken == null) { log.warn("Login failed."); return JsonResult.of(HttpStatus.error401().unauthorized("Login failed.")); } log.info("login OK!"); final UserSession<T> userSession = new UserSession<>(authToken, userAuth.tokenValue(authToken)); userSession.start(servletRequest, servletResponse); // return token return tokenAsJson(authToken); }
@Override public Object intercept(final ActionRequest actionRequest) throws Exception { final ActionRuntime actionRuntime = actionRequest.getActionRuntime(); if (actionRuntime.isAuthenticated()) { // action requires user to be authenticated T grantedAuthToken = authenticateUserViaHttpSession(actionRequest); if (grantedAuthToken == null) { grantedAuthToken = authenticateUserViaToken(actionRequest); } if (authenticateViaBasicAuth && grantedAuthToken == null) { grantedAuthToken = authenticateUserViaBasicAuth(actionRequest); } if (grantedAuthToken == null) { return JsonResult.of(return404instead401 ? HttpStatus.error404().notFound() : HttpStatus.error401().unauthorized("Not authorized")); } if (!authorized(actionRequest)) { return JsonResult.of(HttpStatus.error403().forbidden()); } } return actionRequest.invoke(); }
/** * Authenticate user and start user session. */ protected JsonResult login() { T authToken; authToken = loginViaBasicAuth(servletRequest); if (authToken == null) { authToken = loginViaRequestParams(servletRequest); } if (authToken == null) { log.warn("Login failed."); return JsonResult.of(HttpStatus.error401().unauthorized("Login failed.")); } log.info("login OK!"); final UserSession<T> userSession = new UserSession<>(authToken, userAuth.tokenValue(authToken)); userSession.start(servletRequest, servletResponse); // return token return tokenAsJson(authToken); }
@Override public Object intercept(final ActionRequest actionRequest) throws Exception { final ActionRuntime actionRuntime = actionRequest.getActionRuntime(); if (actionRuntime.isAuthenticated()) { // action requires user to be authenticated T grantedAuthToken = authenticateUserViaHttpSession(actionRequest); if (grantedAuthToken == null) { grantedAuthToken = authenticateUserViaToken(actionRequest); } if (authenticateViaBasicAuth && grantedAuthToken == null) { grantedAuthToken = authenticateUserViaBasicAuth(actionRequest); } if (grantedAuthToken == null) { return JsonResult.of(return404instead401 ? HttpStatus.error404().notFound() : HttpStatus.error401().unauthorized("Not authorized")); } if (!authorized(actionRequest)) { return JsonResult.of(HttpStatus.error403().forbidden()); } } return actionRequest.invoke(); }