@RequestMapping(value = "login", method = RequestMethod.POST) ResponseEntity<PageDto> login( @Validated @RequestBody LoginDto loginDto, HttpServletRequest request, HttpServletResponse response) { PageDto pageDto = userService.login(loginDto); if (pageDto.getHeaderDto().isAuth()) { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if ((cookie == null || token != null && !token.equals(cookie.getValue())) && (authentication != null && authentication.isAuthenticated())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); } } return new ResponseEntity<>(pageDto, null, HttpStatus.OK); } else { return new ResponseEntity<>(pageDto, null, HttpStatus.UNAUTHORIZED); } }
@RequestMapping(method = RequestMethod.POST) ResponseEntity<UserDto> registerUser( @Validated @RequestBody UserDto userDto, HttpServletRequest request, HttpServletResponse response) { UserDto outDto = userService.registerUser(userDto); if (outDto.getErrorMessage() != null) { return new ResponseEntity<>(outDto, null, HttpStatus.NOT_ACCEPTABLE); } else { return new ResponseEntity<>(outDto, null, HttpStatus.CREATED); } }
@RequestMapping(value = "nickname", method = RequestMethod.PUT) ResponseEntity<UserDto> updateNickname( @AuthenticationPrincipal BeadsanUserDetails userDetail, @Validated @RequestBody UserDto userDto, HttpServletRequest request, HttpServletResponse response) { if (!userDetail.getUserInfo().getMailAddress().equals(userDto.getMailAddress())) { UserDto errorUserDto = new UserDto(); errorUserDto.setMessage("ログイン時と異なるメールアドレスです"); return new ResponseEntity<>(null, null, HttpStatus.NOT_ACCEPTABLE); } UserDto outDto = userService.updateNickname(userDto); return new ResponseEntity<>(outDto, null, HttpStatus.OK); }