mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-06-12 02:25:03 +00:00
29fcbf30d7
* Prevents SSO login due to faulty verification * add translation & fix show error message * Update settings.yml.template --------- Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
61 lines
2.3 KiB
Java
61 lines
2.3 KiB
Java
package stirling.software.SPDF.config.security;
|
|
|
|
import java.io.IOException;
|
|
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
|
import org.springframework.security.web.savedrequest.SavedRequest;
|
|
|
|
import jakarta.servlet.ServletException;
|
|
import jakarta.servlet.http.HttpServletRequest;
|
|
import jakarta.servlet.http.HttpServletResponse;
|
|
import jakarta.servlet.http.HttpSession;
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import stirling.software.SPDF.utils.RequestUriUtils;
|
|
|
|
@Slf4j
|
|
public class CustomAuthenticationSuccessHandler
|
|
extends SavedRequestAwareAuthenticationSuccessHandler {
|
|
|
|
private LoginAttemptService loginAttemptService;
|
|
private UserService userService;
|
|
|
|
public CustomAuthenticationSuccessHandler(
|
|
LoginAttemptService loginAttemptService, UserService userService) {
|
|
this.loginAttemptService = loginAttemptService;
|
|
this.userService = userService;
|
|
}
|
|
|
|
@Override
|
|
public void onAuthenticationSuccess(
|
|
HttpServletRequest request, HttpServletResponse response, Authentication authentication)
|
|
throws ServletException, IOException {
|
|
|
|
String userName = request.getParameter("username");
|
|
if (userService.isUserDisabled(userName)) {
|
|
getRedirectStrategy().sendRedirect(request, response, "/logout?userIsDisabled=true");
|
|
return;
|
|
}
|
|
loginAttemptService.loginSucceeded(userName);
|
|
|
|
// Get the saved request
|
|
HttpSession session = request.getSession(false);
|
|
SavedRequest savedRequest =
|
|
(session != null)
|
|
? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")
|
|
: null;
|
|
|
|
if (savedRequest != null
|
|
&& !RequestUriUtils.isStaticResource(
|
|
request.getContextPath(), savedRequest.getRedirectUrl())) {
|
|
// Redirect to the original destination
|
|
super.onAuthenticationSuccess(request, response, authentication);
|
|
} else {
|
|
// Redirect to the root URL (considering context path)
|
|
getRedirectStrategy().sendRedirect(request, response, "/");
|
|
}
|
|
|
|
// super.onAuthenticationSuccess(request, response, authentication);
|
|
}
|
|
}
|