saulteafarmer/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-05-30 13:52:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update EndpointInterceptor.java

Browse Source
This commit is contained in:
Ludy87 2025-03-26 12:07:17 +01:00
parent 5ca84f4aa3
commit 8cb44a40a2
No known key found for this signature in database
GPG Key ID: 92696155E0220F94
1 changed files with 48 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
src/main/java/stirling/software/SPDF/config/EndpointInterceptor.java
View File

@ -5,20 +5,67 @@ import org.springframework.web.servlet.HandlerInterceptor;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import lombok.extern.slf4j.Slf4j;
import stirling.software.SPDF.config.interfaces.SessionsInterface;
@Component @Component
@Slf4j
public class EndpointInterceptor implements HandlerInterceptor { public class EndpointInterceptor implements HandlerInterceptor {
private final EndpointConfiguration endpointConfiguration; private final EndpointConfiguration endpointConfiguration;
private final SessionsInterface sessionsInterface;
public EndpointInterceptor(EndpointConfiguration endpointConfiguration) { public EndpointInterceptor(
EndpointConfiguration endpointConfiguration, SessionsInterface sessionsInterface) {
this.endpointConfiguration = endpointConfiguration; this.endpointConfiguration = endpointConfiguration;
this.sessionsInterface = sessionsInterface;
} }
@Override @Override
public boolean preHandle( public boolean preHandle(
HttpServletRequest request, HttpServletResponse response, Object handler) HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception { throws Exception {
HttpSession session = request.getSession(false);
if (session == null) {
session = request.getSession(true);
}
if ("GET".equalsIgnoreCase(request.getMethod())) {
if ("/".equals(request.getRequestURI())
|| "/login".equals(request.getRequestURI())
|| "/home".equals(request.getRequestURI())
|| "/home-legacy".equals(request.getRequestURI())
|| request.getRequestURI().contains("/js/")
|| request.getRequestURI().contains("/css/")
|| request.getRequestURI().contains("/fonts/")
|| request.getRequestURI().contains("/images/")
|| request.getRequestURI().contains("/favicon")
|| request.getRequestURI().contains("/error")
|| request.getRequestURI().contains("/session/status")
|| request.getRequestURI().contains("/session/expire")
|| request.getRequestURI().contains("/session/expire-all")
|| request.getRequestURI().endsWith(".js")
|| request.getRequestURI().endsWith(".png")
|| request.getRequestURI().endsWith(".webmanifest")
|| request.getRequestURI().contains("/files/")) {
return true;
} else {
String sessionId = session != null ? session.getId() : null;
if (sessionId == null || !sessionsInterface.isSessionValid(sessionId)) {
response.sendError(
HttpServletResponse.SC_UNAUTHORIZED,
"Max sessions reached for this user. To continue on this device, please close your session in another browser.");
return false;
} else {
sessionsInterface.updateSessionLastRequest(sessionId);
}
}
}
String requestURI = request.getRequestURI(); String requestURI = request.getRequestURI();
if (!endpointConfiguration.isEndpointEnabled(requestURI)) { if (!endpointConfiguration.isEndpointEnabled(requestURI)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "This endpoint is disabled"); response.sendError(HttpServletResponse.SC_FORBIDDEN, "This endpoint is disabled");