public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
String authToken = ((HttpServletRequest) request).getHeader("x-auth-token");
if ((null != authToken)
&& !authToken.trim().equals("")
&& !authToken.trim().equalsIgnoreCase("null")) {
String strToken = authToken;
System.out.println("Token: " + strToken);
if (tokenServiceImpl.validate(strToken)) {
System.out.println("valid token found");
User user = tokenServiceImpl.getUserFromToken(strToken);
UsernamePasswordAuthenticationToken authentication =
new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword());
authentication.setDetails(
new WebAuthenticationDetailsSource().buildDetails((HttpServletRequest) request));
SecurityContextHolder.getContext()
.setAuthentication(authManager.authenticate(authentication));
} else {
System.out.println("invalid token");
}
} else {
System.out.println("no token found");
}
// continue thru the filter chain
chain.doFilter(request, response);
}
@RequestMapping(value = "/login", method = RequestMethod.POST)
public ModelMap login(@RequestBody User user, HttpServletResponse response) {
ModelMap map = new ModelMap();
try {
User dbUser = userServiceImpl.getUser(user.getUsername(), user.getPassword());
if (dbUser != null) {
String token = tokenServiceImpl.getToken(dbUser);
if (null != token && !token.equals("")) {
map.addAttribute("success", true);
response.setHeader("x-auth-token", token);
} else {
map.addAttribute("error", true);
}
}
} catch (ApplicationException e) {
map.addAttribute("error", true);
}
return map;
}