Esempio n. 1
0
  @RequestMapping(value = "login", method = RequestMethod.POST)
  ResponseEntity<PageDto> login(
      @Validated @RequestBody LoginDto loginDto,
      HttpServletRequest request,
      HttpServletResponse response) {

    PageDto pageDto = userService.login(loginDto);

    if (pageDto.getHeaderDto().isAuth()) {
      CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
      if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if ((cookie == null || token != null && !token.equals(cookie.getValue()))
            && (authentication != null && authentication.isAuthenticated())) {
          cookie = new Cookie("XSRF-TOKEN", token);
          cookie.setPath("/");
          response.addCookie(cookie);
        }
      }
      return new ResponseEntity<>(pageDto, null, HttpStatus.OK);
    } else {
      return new ResponseEntity<>(pageDto, null, HttpStatus.UNAUTHORIZED);
    }
  }
Esempio n. 2
0
  @RequestMapping(method = RequestMethod.POST)
  ResponseEntity<UserDto> registerUser(
      @Validated @RequestBody UserDto userDto,
      HttpServletRequest request,
      HttpServletResponse response) {

    UserDto outDto = userService.registerUser(userDto);

    if (outDto.getErrorMessage() != null) {
      return new ResponseEntity<>(outDto, null, HttpStatus.NOT_ACCEPTABLE);
    } else {
      return new ResponseEntity<>(outDto, null, HttpStatus.CREATED);
    }
  }
Esempio n. 3
0
  @RequestMapping(value = "nickname", method = RequestMethod.PUT)
  ResponseEntity<UserDto> updateNickname(
      @AuthenticationPrincipal BeadsanUserDetails userDetail,
      @Validated @RequestBody UserDto userDto,
      HttpServletRequest request,
      HttpServletResponse response) {

    if (!userDetail.getUserInfo().getMailAddress().equals(userDto.getMailAddress())) {
      UserDto errorUserDto = new UserDto();
      errorUserDto.setMessage("ログイン時と異なるメールアドレスです");
      return new ResponseEntity<>(null, null, HttpStatus.NOT_ACCEPTABLE);
    }
    UserDto outDto = userService.updateNickname(userDto);
    return new ResponseEntity<>(outDto, null, HttpStatus.OK);
  }