Stirling-PDF/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationSuccessHandler.java

package stirling.software.SPDF.config.security;

import java.io.IOException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.stereotype.Component;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;

@Component
public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {

    @Autowired
    private LoginAttemptService loginAttemptService;

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
    	String username = request.getParameter("username");
        loginAttemptService.loginSucceeded(username);
        
        
        // Get the saved request
        HttpSession session = request.getSession(false);
        SavedRequest savedRequest = session != null ? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST") : null;
        if (savedRequest != null && !isStaticResource(savedRequest)) {
            // Redirect to the original destination
            super.onAuthenticationSuccess(request, response, authentication);
        } else {
            // Redirect to the root URL (considering context path)
            getRedirectStrategy().sendRedirect(request, response, "/");
        }
        
        //super.onAuthenticationSuccess(request, response, authentication);
    }
    
    private boolean isStaticResource(SavedRequest savedRequest) {
        String requestURI = savedRequest.getRedirectUrl();
        return requestURI.startsWith("/css/") 
        		|| requestURI.startsWith("/js/")
        		|| requestURI.startsWith("/images/")
        		|| requestURI.startsWith("/public/")
        		|| requestURI.startsWith("/pdfjs/")
        		|| requestURI.endsWith(".svg");
    }
    
}
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`package stirling.software.SPDF.config.security;`

			`import java.io.IOException;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.security.core.Authentication;`
			`import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;`
contextPath fixes 2023-12-28 13:50:31 +00:00			`import org.springframework.security.web.savedrequest.SavedRequest;`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`import org.springframework.stereotype.Component;`

			`import jakarta.servlet.ServletException;`
			`import jakarta.servlet.http.HttpServletRequest;`
			`import jakarta.servlet.http.HttpServletResponse;`
contextPath fixes 2023-12-28 13:50:31 +00:00			`import jakarta.servlet.http.HttpSession;`
internal API plus brute force security 2023-12-24 17:12:32 +00:00
			`@Component`
			`public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {`

			`@Autowired`
			`private LoginAttemptService loginAttemptService;`

			`@Override`
			`public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {`
contextPath fixes 2023-12-28 13:50:31 +00:00			`String username = request.getParameter("username");`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`loginAttemptService.loginSucceeded(username);`
contextPath fixes 2023-12-28 13:50:31 +00:00

			`// Get the saved request`
			`HttpSession session = request.getSession(false);`
			`SavedRequest savedRequest = session != null ? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST") : null;`
			`if (savedRequest != null && !isStaticResource(savedRequest)) {`
			`// Redirect to the original destination`
			`super.onAuthenticationSuccess(request, response, authentication);`
			`} else {`
			`// Redirect to the root URL (considering context path)`
			`getRedirectStrategy().sendRedirect(request, response, "/");`
			`}`

			`//super.onAuthenticationSuccess(request, response, authentication);`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`}`
contextPath fixes 2023-12-28 13:50:31 +00:00
			`private boolean isStaticResource(SavedRequest savedRequest) {`
			`String requestURI = savedRequest.getRedirectUrl();`
			`return requestURI.startsWith("/css/")`
			`\|\| requestURI.startsWith("/js/")`
			`\|\| requestURI.startsWith("/images/")`
			`\|\| requestURI.startsWith("/public/")`
			`\|\| requestURI.startsWith("/pdfjs/")`
			`\|\| requestURI.endsWith(".svg");`
			`}`

internal API plus brute force security 2023-12-24 17:12:32 +00:00			`}`