use of com.infiniteautomation.mango.spring.components.pageresolver.LoginUriInfo in project ma-modules-public by infiniteautomation.
the class LoginRestController method switchUser.
/**
* The actual authentication for the switch user occurs in the core by the SwitchUserFilter,
* by the time this end point is actually reached the user is either already authenticated or not
* The Spring Security authentication success handler forwards the request here
*
* Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value
*/
@ApiOperation(value = "Switch User", notes = "Used to switch User using GET")
@RequestMapping(method = RequestMethod.POST, value = "/su")
public ResponseEntity<UserModel> switchUser(@ApiParam(value = "Username to switch to", required = true, allowMultiple = false) @RequestParam(required = true) String username, @AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
if (ex != null) {
// TODO
// return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
response.sendError(HttpStatus.UNAUTHORIZED.value(), ex.getMessage());
return null;
}
if (user == null) {
return new ResponseEntity<>(HttpStatus.OK);
} else {
LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
if (info.isRequired())
response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
}
}
use of com.infiniteautomation.mango.spring.components.pageresolver.LoginUriInfo in project ma-modules-public by infiniteautomation.
the class LoginRestController method exitSwitchUser.
/**
* The actual authentication for the exit user occurs in the core by the SwitchUserFilter,
* by the time this end point is actually reached the user is either already authenticated or not
* The Spring Security authentication success handler forwards the request here
*
* Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value
*/
@ApiOperation(value = "Exit Switch User", notes = "Used to switch User using POST")
@RequestMapping(method = RequestMethod.POST, value = "/exit-su")
public ResponseEntity<UserModel> exitSwitchUser(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
if (ex != null) {
// return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
response.sendError(HttpStatus.UNAUTHORIZED.value(), ex.getMessage());
return null;
}
if (user == null) {
return new ResponseEntity<>(HttpStatus.OK);
} else {
LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
if (info.isRequired())
response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
}
}
use of com.infiniteautomation.mango.spring.components.pageresolver.LoginUriInfo in project ma-modules-public by infiniteautomation.
the class LoginRestController method loginPost.
/**
* <p>The actual authentication for the login occurs in the core, by the time this
* end point is actually reached the user is either already authenticated or not.
* The Spring Security authentication success handler forwards the request here.</p>
*
* <p>Authentication exceptions are re-thrown and mapped to rest bodies in {@link com.infiniteautomation.mango.rest.latest.exception.RestExceptionHandler MangoSpringExceptionHandler}</p>
*
* <p>Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value</p>
*/
@ApiOperation(value = "Login", notes = "Used to login using POST and JSON credentials")
@RequestMapping(method = RequestMethod.POST)
@AnonymousAccess
public ResponseEntity<UserModel> loginPost(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) {
AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
if (ex != null) {
throw ex;
}
if (user == null) {
return new ResponseEntity<>(HttpStatus.OK);
} else {
LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
if (info.isRequired())
response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
}
}
Aggregations