🔒 Add dev mode to auth
This commit is contained in:
parent
cb0c916196
commit
47fa3ae2bf
@ -4,7 +4,9 @@ import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.Jws;
|
||||
import net.Broken.Api.Security.Data.JwtPrincipal;
|
||||
import net.Broken.Api.Security.Services.JwtService;
|
||||
import net.Broken.BotConfigLoader;
|
||||
import net.Broken.DB.Entity.UserEntity;
|
||||
import net.Broken.DB.Repository.UserRepository;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -23,6 +25,10 @@ import java.util.ArrayList;
|
||||
public class JwtFilter extends OncePerRequestFilter {
|
||||
@Autowired
|
||||
private JwtService jwtService;
|
||||
@Autowired
|
||||
private BotConfigLoader config;
|
||||
@Autowired
|
||||
private UserRepository userRepository;
|
||||
private final Logger logger = LogManager.getLogger();
|
||||
|
||||
@Override
|
||||
@ -31,9 +37,17 @@ public class JwtFilter extends OncePerRequestFilter {
|
||||
if (authHeader != null && authHeader.startsWith("Bearer ")) {
|
||||
String token = authHeader.replace("Bearer ", "");
|
||||
try {
|
||||
Jws<Claims> jwt = jwtService.verifyAndParseJwt(token);
|
||||
UserEntity user = jwtService.getUserWithJwt(jwt);
|
||||
JwtPrincipal principal = new JwtPrincipal(jwt.getBody().getId(), user);
|
||||
UserEntity user;
|
||||
JwtPrincipal principal;
|
||||
if(config.mode().equals("DEV")){
|
||||
user = userRepository.findByDiscordId(token).orElseThrow();
|
||||
principal = new JwtPrincipal("DEV", user);
|
||||
}
|
||||
else {
|
||||
Jws<Claims> jwt = jwtService.verifyAndParseJwt(token);
|
||||
user = jwtService.getUserWithJwt(jwt);
|
||||
principal = new JwtPrincipal(jwt.getBody().getId(), user);
|
||||
}
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(principal, null, new ArrayList<>());
|
||||
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
||||
|
Loading…
Reference in New Issue
Block a user