Stirling-PDF/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java

package stirling.software.SPDF.config.security;

import java.io.IOException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

@Component
public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

    @Autowired private final LoginAttemptService loginAttemptService;

    @Autowired
    public CustomAuthenticationFailureHandler(LoginAttemptService loginAttemptService) {
        this.loginAttemptService = loginAttemptService;
    }

    @Override
    public void onAuthenticationFailure(
            HttpServletRequest request,
            HttpServletResponse response,
            AuthenticationException exception)
            throws IOException, ServletException {
        String ip = request.getRemoteAddr();
        logger.error("Failed login attempt from IP: " + ip);

        String username = request.getParameter("username");
        if (loginAttemptService.loginAttemptCheck(username)) {
            setDefaultFailureUrl("/login?error=locked");

        } else {
            if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) {
                setDefaultFailureUrl("/login?error=badcredentials");
            } else if (exception.getClass().isAssignableFrom(LockedException.class)) {
                setDefaultFailureUrl("/login?error=locked");
            }
        }

        super.onAuthenticationFailure(request, response, exception);
    }
}
Add files via upload 2023-08-13 01:14:30 +01:00			`package stirling.software.SPDF.config.security;`

			`import java.io.IOException;`

internal API plus brute force security 2023-12-24 17:12:32 +00:00			`import org.springframework.beans.factory.annotation.Autowired;`
cleanup imports 2023-08-27 00:39:22 +01:00			`import org.springframework.security.authentication.BadCredentialsException;`
			`import org.springframework.security.authentication.LockedException;`
Add files via upload 2023-08-13 01:14:30 +01:00			`import org.springframework.security.core.AuthenticationException;`
			`import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`import org.springframework.stereotype.Component;`
Clean imports and lang updates 2023-12-16 19:30:47 +00:00
Add files via upload 2023-08-13 01:14:30 +01:00			`import jakarta.servlet.ServletException;`
			`import jakarta.servlet.http.HttpServletRequest;`
			`import jakarta.servlet.http.HttpServletResponse;`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`@Component`
Add files via upload 2023-08-13 01:14:30 +01:00			`public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`@Autowired private final LoginAttemptService loginAttemptService;`
Add files via upload 2023-08-13 01:14:30 +01:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`@Autowired`
			`public CustomAuthenticationFailureHandler(LoginAttemptService loginAttemptService) {`
			`this.loginAttemptService = loginAttemptService;`
			`}`
formatting 2023-12-30 19:11:27 +00:00
Add files via upload 2023-08-13 01:14:30 +01:00			`@Override`
			`public void onAuthenticationFailure(`
			`HttpServletRequest request,`
			`HttpServletResponse response,`
			`AuthenticationException exception)`
			`throws IOException, ServletException {`
auth log #522 2023-12-16 18:18:00 +00:00			`String ip = request.getRemoteAddr();`
			`logger.error("Failed login attempt from IP: " + ip);`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`String username = request.getParameter("username");`
			`if (loginAttemptService.loginAttemptCheck(username)) {`
Add files via upload 2023-08-13 01:14:30 +01:00			`setDefaultFailureUrl("/login?error=locked");`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`} else {`
			`if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) {`
			`setDefaultFailureUrl("/login?error=badcredentials");`
			`} else if (exception.getClass().isAssignableFrom(LockedException.class)) {`
			`setDefaultFailureUrl("/login?error=locked");`
			`}`
Add files via upload 2023-08-13 01:14:30 +01:00			`}`
formatting 2023-12-30 19:11:27 +00:00
Add files via upload 2023-08-13 01:14:30 +01:00			`super.onAuthenticationFailure(request, response, exception);`
			`}`
			`}`