Skip to content

Commit c05e9e9

Browse files
jwoolbright23jwoolbright23
committed
auth-filter branch complete
1 parent c2bf6fb commit c05e9e9

2 files changed

Lines changed: 83 additions & 0 deletions

File tree

src/main/java/org/launchcode/codingevents/AuthenticationFilter.java

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
package org.launchcode.codingevents;
2+
3+
import jakarta.servlet.http.HttpServletRequest;
4+
import jakarta.servlet.http.HttpServletResponse;
5+
import jakarta.servlet.http.HttpSession;
6+
import org.launchcode.codingevents.controllers.AuthenticationController;
7+
import org.launchcode.codingevents.data.UserRepository;
8+
import org.launchcode.codingevents.models.User;
9+
import org.springframework.beans.factory.annotation.Autowired;
10+
import org.springframework.web.servlet.HandlerInterceptor;
11+
12+
import java.io.IOException;
13+
import java.util.Arrays;
14+
import java.util.List;
15+
16+
public class AuthenticationFilter implements HandlerInterceptor {
17+
18+
@Autowired
19+
UserRepository userRepository;
20+
21+
@Autowired
22+
AuthenticationController authenticationController;
23+
24+
private static final List<String> whitelist = Arrays.asList("/login", "/register", "/logout", "/css");
25+
26+
private static boolean isWhitelisted(String path) {
27+
for (String pathRoot : whitelist) {
28+
if (path.startsWith(pathRoot)) {
29+
return true;
30+
}
31+
}
32+
return false;
33+
}
34+
35+
@Override
36+
public boolean preHandle(HttpServletRequest request,
37+
HttpServletResponse response,
38+
Object handler) throws IOException {
39+
40+
// Don't require sign-in for whitelisted pages
41+
if (isWhitelisted(request.getRequestURI())) {
42+
// returning true indicates that the request may proceed
43+
return true;
44+
}
45+
46+
HttpSession session = request.getSession();
47+
User user = authenticationController.getUserFromSession(session);
48+
49+
// The user is logged in
50+
if (user != null) {
51+
return true;
52+
}
53+
54+
// The user is NOT logged in
55+
response.sendRedirect("/login");
56+
return false;
57+
}
58+
59+
}

src/main/java/org/launchcode/codingevents/WebApplicationConfig.java

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
package org.launchcode.codingevents;
2+
3+
import org.springframework.context.annotation.Bean;
4+
import org.springframework.context.annotation.Configuration;
5+
import org.springframework.web.servlet.HandlerInterceptor;
6+
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
7+
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
8+
9+
@Configuration
10+
public class WebApplicationConfig implements WebMvcConfigurer {
11+
12+
// Create spring-managed object to allow the app to access our filter
13+
@Bean
14+
public HandlerInterceptor authenticationFilter() {
15+
return new AuthenticationFilter();
16+
}
17+
18+
// Register the filter with the Spring container
19+
@Override
20+
public void addInterceptors(InterceptorRegistry registry) {
21+
registry.addInterceptor( authenticationFilter() );
22+
}
23+
24+
}

0 commit comments

Comments
 (0)