@RequestMapping(value = "login", method = RequestMethod.POST)
ResponseEntity<PageDto> login(
@Validated @RequestBody LoginDto loginDto,
HttpServletRequest request,
HttpServletResponse response) {
PageDto pageDto = userService.login(loginDto);
if (pageDto.getHeaderDto().isAuth()) {
CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
if (csrf != null) {
Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
String token = csrf.getToken();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if ((cookie == null || token != null && !token.equals(cookie.getValue()))
&& (authentication != null && authentication.isAuthenticated())) {
cookie = new Cookie("XSRF-TOKEN", token);
cookie.setPath("/");
response.addCookie(cookie);
}
}
return new ResponseEntity<>(pageDto, null, HttpStatus.OK);
} else {
return new ResponseEntity<>(pageDto, null, HttpStatus.UNAUTHORIZED);
}
}
@RequestMapping(method = RequestMethod.POST)
ResponseEntity<UserDto> registerUser(
@Validated @RequestBody UserDto userDto,
HttpServletRequest request,
HttpServletResponse response) {
UserDto outDto = userService.registerUser(userDto);
if (outDto.getErrorMessage() != null) {
return new ResponseEntity<>(outDto, null, HttpStatus.NOT_ACCEPTABLE);
} else {
return new ResponseEntity<>(outDto, null, HttpStatus.CREATED);
}
}
@RequestMapping(value = "nickname", method = RequestMethod.PUT)
ResponseEntity<UserDto> updateNickname(
@AuthenticationPrincipal BeadsanUserDetails userDetail,
@Validated @RequestBody UserDto userDto,
HttpServletRequest request,
HttpServletResponse response) {
if (!userDetail.getUserInfo().getMailAddress().equals(userDto.getMailAddress())) {
UserDto errorUserDto = new UserDto();
errorUserDto.setMessage("ログイン時と異なるメールアドレスです");
return new ResponseEntity<>(null, null, HttpStatus.NOT_ACCEPTABLE);
}
UserDto outDto = userService.updateNickname(userDto);
return new ResponseEntity<>(outDto, null, HttpStatus.OK);
}