Commit 6f921dfd authored by Piotr Gawron's avatar Piotr Gawron
Browse files

there is possibility to define redirect url after login

so redirection from restricted area will go directly to the rigth place
parent 4f336d35
......@@ -177,7 +177,7 @@ GuiConnector.alert = function (error) {
}
var message = error;
if (message instanceof SecurityError) {
message = error.message + "<p>Please <a href=\"login.xhtml\">login</a> to access this resource</p>";
message = error.message + "<p>Please <a href=\"login.xhtml?from="+encodeURI(window.location.href)+"\">login</a> to access this resource</p>";
} else if (message instanceof NetworkError && (error.message === "XHR error" || error.message === "Failed to fetch")) {
message = "File to big.<br>Please reduce file size or contact administrators.";
} else if (message instanceof Error) {
......
......@@ -44,6 +44,8 @@ ServerConnector.registerListenerType("onDataLoadStart");
ServerConnector.registerListenerType("onDataLoadStop");
ServerConnector._configurationParam = [];
ServerConnector._serverBaseUrl= undefined;
ServerConnector.getMinOverlayColorInt = function () {
var self = this;
......@@ -273,6 +275,9 @@ ServerConnector.getApiBaseUrl = function () {
ServerConnector.getServerBaseUrl = function () {
if (this._serverBaseUrl === undefined) {
var url = "" + window.location.href;
if (url.indexOf("?")>=0) {
url = url.substr(0,url.indexOf("?"));
}
if (!url.endsWith("/")) {
url = url.substr(0, url.lastIndexOf("/") + 1);
}
......
......@@ -196,22 +196,32 @@ describe('ServerConnector', function() {
});
});
describe('login', function() {
it('try invalid credentials', function() {
var method = ServerConnector.sendPostRequest;
ServerConnector.sendPostRequest = function() {
return Promise.reject(new NetworkError("xxx", {
statusCode : HttpStatus.FORBIDDEN
}));
};
return ServerConnector.login("blabla", "blablabla").then(function() {
ServerConnector.sendPostRequest = method;
assert.ok(false);
}, function(error) {
ServerConnector.sendPostRequest = method;
assert.ok(error.message.indexOf("credentials") >= 0);
});
describe('login', function() {
it('try invalid credentials', function() {
var method = ServerConnector.sendPostRequest;
ServerConnector.sendPostRequest = function() {
return Promise.reject(new NetworkError("xxx", {
statusCode : HttpStatus.FORBIDDEN
}));
};
return ServerConnector.login("blabla", "blablabla").then(function() {
ServerConnector.sendPostRequest = method;
assert.ok(false);
}, function(error) {
ServerConnector.sendPostRequest = method;
assert.ok(error.message.indexOf("credentials") >= 0);
});
});
});
describe('getServerBaseUrl', function() {
it('url with GET arg that looks similar to original url', function() {
helper.setUrl("http://localhost:8080/minerva/login.xhtml?from=http://localhost:8080/minerva/?id=sample");
var url = ServerConnector.getServerBaseUrl();
assert.ok(url.indexOf("?")===-1);
});
});
});
});
......@@ -11,12 +11,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.ObjectNotFoundException;
......@@ -41,9 +36,9 @@ public class UserController extends BaseController {
@RequestMapping(value = "/doLogin", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> login(//
@RequestParam(value = "login", defaultValue = Configuration.ANONYMOUS_LOGIN) String login, //
@RequestParam(value = "password", required = false) String password, //
HttpServletResponse response //
@RequestParam(value = "login", defaultValue = Configuration.ANONYMOUS_LOGIN) String login, //
@RequestParam(value = "password", required = false) String password, //
HttpServletResponse response //
) throws SecurityException, IOException {
AuthenticationToken token = userService.login(login, password);
if (token == null) {
......@@ -84,10 +79,10 @@ public class UserController extends BaseController {
userService.logout(token);
Map<String, String> result = new HashMap<>();
result.put("status", "OK");
final Boolean useSecureCookie = false;
final String cookiePath = "/";
Cookie cookie = new Cookie("MINERVA_AUTH_TOKEN", token);
cookie.setSecure(useSecureCookie);
......
......@@ -15,53 +15,54 @@ import org.springframework.security.web.savedrequest.SavedRequest;
/**
* Implementation of Spring Authentication Success Handler. When authentication
* is success, it will redirect user to the webpage that had accessed befor
* is success, it will redirect user to the web page that had accessed before
* authentication took place.
*
*
* @author Piotr Gawron
*
*/
public class MvAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
/**
* Default session expire time in seconds (120 minutes).
*/
private static final Integer MAX_INACTIVE_INTERVAL = 120 * 60;
/**
* Default session expire time in seconds (120 minutes).
*/
private static final Integer MAX_INACTIVE_INTERVAL = 120 * 60;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException,
ServletException {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException,
ServletException {
request.getSession().setMaxInactiveInterval(MAX_INACTIVE_INTERVAL);
request.getSession().setMaxInactiveInterval(MAX_INACTIVE_INTERVAL);
SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
String url = "";
SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
String url = request.getParameter("from");
// if we are not redirecting from somewhere then
if (savedRequest == null) {
logger.debug(request.getRequestURL());
logger.debug(request.getQueryString());
//redirect to the main page
url = request.getRequestURL().toString().replace(request.getServletPath(), "") + Configuration.MAIN_PAGE;
String queryString = request.getQueryString();
// and don't forget about parameters
if (queryString != null) {
url += "?" + queryString;
}
} else {
url = savedRequest.getRedirectUrl();
}
// if we are not redirecting from somewhere then
if ((url != null && !url.isEmpty())) {
logger.debug("Found redirect URL");
} else if (savedRequest == null) {
logger.debug(request.getRequestURL());
//redirect to the main page
url = request.getRequestURL().toString().replace(request.getServletPath(), "") + Configuration.MAIN_PAGE;
logger.debug("Redirecting: " + url);
String queryString = request.getQueryString();
// and don't forget about parameters
if (queryString != null) {
url += "?" + queryString;
}
} else {
url = savedRequest.getRedirectUrl();
}
if (!response.isCommitted()) {
response.sendRedirect(url);
return;
} else {
logger.warn("If you see this then something is wrong...");
}
logger.debug("Redirecting: " + url);
super.onAuthenticationSuccess(request, response, authentication);
}
if (!response.isCommitted()) {
response.sendRedirect(url);
return;
} else {
logger.warn("If you see this then something is wrong...");
}
super.onAuthenticationSuccess(request, response, authentication);
}
}
......@@ -52,6 +52,7 @@
}
function init() {
$("#from")[0].value = minerva.GuiConnector.getParams["from"];
$('#login').click(function (e) {
if (!loggedIn) {
e.preventDefault();
......@@ -94,6 +95,7 @@
value="LOGIN" styleClass="labelText" update="loginMessages"/>
</h:panelGrid>
<input type="hidden" name="from" id="from" value=""/>
<br/>
<br/>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment