saulteafarmer/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-06-06 18:30:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update EndpointInterceptor.java

Browse Source
This commit is contained in:
Ludy87 2025-04-03 17:21:13 +02:00
parent 5b6cd42706
commit fea1ba2e4c
No known key found for this signature in database
GPG Key ID: 92696155E0220F94
1 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/main/java/stirling/software/SPDF/config/EndpointInterceptor.java
View File

@ -34,27 +34,29 @@ public class EndpointInterceptor implements HandlerInterceptor {
if (session == null) { if (session == null) {
session = request.getSession(true); session = request.getSession(true);
} }
String requestURI = request.getRequestURI();
if ("GET".equalsIgnoreCase(request.getMethod())) { if ("GET".equalsIgnoreCase(request.getMethod())) {
Principal principal = request.getUserPrincipal(); Principal principal = request.getUserPrincipal();
// allowlist for public or static routes // allowlist for public or static routes
if ("/".equals(request.getRequestURI()) if ("/".equals(requestURI)
|| "/login".equals(request.getRequestURI()) || "/login".equals(requestURI)
|| "/home".equals(request.getRequestURI()) || "/home".equals(requestURI)
|| "/home-legacy".equals(request.getRequestURI()) || "/home-legacy".equals(requestURI)
|| request.getRequestURI().contains("/js/") || requestURI.contains("/js/")
|| request.getRequestURI().contains("/css/") || requestURI.contains("/css/")
|| request.getRequestURI().contains("/fonts/") || requestURI.contains("/fonts/")
|| request.getRequestURI().contains("/images/") || requestURI.contains("/images/")
|| request.getRequestURI().contains("/favicon") || requestURI.contains("/favicon")
|| request.getRequestURI().contains("/error") || requestURI.contains("/pdfjs-legacy/")
|| request.getRequestURI().contains("/session") || requestURI.contains("/error")
|| request.getRequestURI().endsWith(".js") || requestURI.contains("/session")
|| request.getRequestURI().endsWith(".png") || requestURI.endsWith(".js")
|| request.getRequestURI().endsWith(".webmanifest") || requestURI.endsWith(".png")
|| request.getRequestURI().contains("/files/")) { || requestURI.endsWith(".webmanifest")
|| requestURI.contains("/files/")) {
return true; return true;
} else if (principal != null) { } else if (principal != null) {
if (session == null) { if (session == null) {
@ -108,10 +110,10 @@ public class EndpointInterceptor implements HandlerInterceptor {
// If session is not registered yet, register it; otherwise, update the last request // If session is not registered yet, register it; otherwise, update the last request
// timestamp. // timestamp.
if (!isCurrentSessionRegistered) { if (!isCurrentSessionRegistered) {
log.info("Register session: {}", sessionId); log.debug("Register session: {}", sessionId);
sessionsInterface.registerSession(finalSession); sessionsInterface.registerSession(finalSession);
} else { } else {
log.info("Update session last request: {}", sessionId); log.debug("Update session last request: {}", sessionId);
sessionsInterface.updateSessionLastRequest(sessionId); sessionsInterface.updateSessionLastRequest(sessionId);
} }
return true; return true;
@ -146,17 +148,16 @@ public class EndpointInterceptor implements HandlerInterceptor {
return false; return false;
} }
if (!isCurrentSessionRegistered) { if (!isCurrentSessionRegistered) {
log.info("Register session: {}", sessionId); log.debug("Register session: {}", sessionId);
sessionsInterface.registerSession(finalSession); sessionsInterface.registerSession(finalSession);
} else { } else {
log.info("Update session last request: {}", sessionId); log.debug("Update session last request: {}", sessionId);
sessionsInterface.updateSessionLastRequest(sessionId); sessionsInterface.updateSessionLastRequest(sessionId);
} }
return true; return true;
} }
} }
String requestURI = request.getRequestURI();
// Check if endpoint is enabled in config // Check if endpoint is enabled in config
if (!endpointConfiguration.isEndpointEnabled(requestURI)) { if (!endpointConfiguration.isEndpointEnabled(requestURI)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "This endpoint is disabled"); response.sendError(HttpServletResponse.SC_FORBIDDEN, "This endpoint is disabled");