🔒 Add dev mode to auth

This commit is contained in:
SebClem 2022-06-10 16:55:05 +02:00
parent cb0c916196
commit 47fa3ae2bf
Signed by: sebclem
GPG Key ID: 5A4308F6A359EA50

View File

@ -4,7 +4,9 @@ import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import net.Broken.Api.Security.Data.JwtPrincipal;
import net.Broken.Api.Security.Services.JwtService;
import net.Broken.BotConfigLoader;
import net.Broken.DB.Entity.UserEntity;
import net.Broken.DB.Repository.UserRepository;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
@ -23,6 +25,10 @@ import java.util.ArrayList;
public class JwtFilter extends OncePerRequestFilter {
@Autowired
private JwtService jwtService;
@Autowired
private BotConfigLoader config;
@Autowired
private UserRepository userRepository;
private final Logger logger = LogManager.getLogger();
@Override
@ -31,9 +37,17 @@ public class JwtFilter extends OncePerRequestFilter {
if (authHeader != null && authHeader.startsWith("Bearer ")) {
String token = authHeader.replace("Bearer ", "");
try {
Jws<Claims> jwt = jwtService.verifyAndParseJwt(token);
UserEntity user = jwtService.getUserWithJwt(jwt);
JwtPrincipal principal = new JwtPrincipal(jwt.getBody().getId(), user);
UserEntity user;
JwtPrincipal principal;
if(config.mode().equals("DEV")){
user = userRepository.findByDiscordId(token).orElseThrow();
principal = new JwtPrincipal("DEV", user);
}
else {
Jws<Claims> jwt = jwtService.verifyAndParseJwt(token);
user = jwtService.getUserWithJwt(jwt);
principal = new JwtPrincipal(jwt.getBody().getId(), user);
}
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(principal, null, new ArrayList<>());
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authenticationToken);