From 47fa3ae2bf6e9e79feacdd44f00a05135544553c Mon Sep 17 00:00:00 2001 From: SebClem Date: Fri, 10 Jun 2022 16:55:05 +0200 Subject: [PATCH] :lock: Add dev mode to auth --- .../Api/Security/Filters/JwtFilter.java | 20 ++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/main/java/net/Broken/Api/Security/Filters/JwtFilter.java b/src/main/java/net/Broken/Api/Security/Filters/JwtFilter.java index ce17e7d..771cadd 100644 --- a/src/main/java/net/Broken/Api/Security/Filters/JwtFilter.java +++ b/src/main/java/net/Broken/Api/Security/Filters/JwtFilter.java @@ -4,7 +4,9 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jws; import net.Broken.Api.Security.Data.JwtPrincipal; import net.Broken.Api.Security.Services.JwtService; +import net.Broken.BotConfigLoader; import net.Broken.DB.Entity.UserEntity; +import net.Broken.DB.Repository.UserRepository; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; @@ -23,6 +25,10 @@ import java.util.ArrayList; public class JwtFilter extends OncePerRequestFilter { @Autowired private JwtService jwtService; + @Autowired + private BotConfigLoader config; + @Autowired + private UserRepository userRepository; private final Logger logger = LogManager.getLogger(); @Override @@ -31,9 +37,17 @@ public class JwtFilter extends OncePerRequestFilter { if (authHeader != null && authHeader.startsWith("Bearer ")) { String token = authHeader.replace("Bearer ", ""); try { - Jws jwt = jwtService.verifyAndParseJwt(token); - UserEntity user = jwtService.getUserWithJwt(jwt); - JwtPrincipal principal = new JwtPrincipal(jwt.getBody().getId(), user); + UserEntity user; + JwtPrincipal principal; + if(config.mode().equals("DEV")){ + user = userRepository.findByDiscordId(token).orElseThrow(); + principal = new JwtPrincipal("DEV", user); + } + else { + Jws jwt = jwtService.verifyAndParseJwt(token); + user = jwtService.getUserWithJwt(jwt); + principal = new JwtPrincipal(jwt.getBody().getId(), user); + } UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(principal, null, new ArrayList<>()); authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authenticationToken);