Example 1 with ErrorResponseModel
use of com.saransh.vidflow.model.response.ErrorResponseModel in project vidflow-backend by CryptoSingh1337.
the class CustomAuthorizationFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) throws ServletException, IOException {
String requestPath = req.getServletPath();
if (requestPath.equals(env.getProperty("auth.login.path")) || requestPath.equals(env.getProperty("auth.register.path")))
filterChain.doFilter(req, res);
else {
String authToken = req.getHeader(AUTHORIZATION);
String token = jwtUtils.extractAuthorizationToken(authToken);
if (token != null) {
JWTVerifier verifier = jwtUtils.getTokenVerifier();
DecodedJWT decodedJWT = verifier.verify(token);
String username = decodedJWT.getSubject();
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null, null);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
filterChain.doFilter(req, res);
} else {
res.setStatus(HttpStatus.FORBIDDEN.value());
res.setContentType("application/json");
mapper.writeValue(res.getWriter(), new ErrorResponseModel("Missing Authorization Header"));
}
}
}
Also used :
ErrorResponseModel(com.saransh.vidflow.model.response.ErrorResponseModel)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
JWTVerifier(com.auth0.jwt.JWTVerifier)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Example 2 with ErrorResponseModel
use of com.saransh.vidflow.model.response.ErrorResponseModel in project vidflow-backend by CryptoSingh1337.
the class UserController method refreshToken.
@PostMapping(value = "/token/refresh", produces = { "application/json" })
public ResponseEntity<?> refreshToken(HttpServletRequest req) {
String authToken = req.getHeader(AUTHORIZATION);
String token = jwtUtils.extractAuthorizationToken(authToken);
if (token != null) {
JWTVerifier jwtVerifier = jwtUtils.getRefreshTokenVerifier();
DecodedJWT decodedJWT = jwtVerifier.verify(token);
String username = decodedJWT.getSubject();
User user = (User) userService.loadUserByUsername(username);
return ResponseEntity.ok(jwtUtils.getTokens(user, decodedJWT));
} else {
return ResponseEntity.status(FORBIDDEN).body(new ErrorResponseModel("Refresh token is missing"));
}
}
Also used :
User(org.springframework.security.core.userdetails.User)
ErrorResponseModel(com.saransh.vidflow.model.response.ErrorResponseModel)
JWTVerifier(com.auth0.jwt.JWTVerifier)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Aggregations
JWTVerifier (com.auth0.jwt.JWTVerifier)2
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)2
ErrorResponseModel (com.saransh.vidflow.model.response.ErrorResponseModel)2
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
User (org.springframework.security.core.userdetails.User)1
