diff --git a/backoffice/src/main/java/uy/edu/fing/tse/jsf/UserLoginBean.java b/backoffice/src/main/java/uy/edu/fing/tse/jsf/UserLoginBean.java
index 589e11e4afa3b06890a33e8e748f7d1ac759a607..ef39f8aa6779c4944543537b8e65839342f1debf 100644
--- a/backoffice/src/main/java/uy/edu/fing/tse/jsf/UserLoginBean.java
+++ b/backoffice/src/main/java/uy/edu/fing/tse/jsf/UserLoginBean.java
@@ -65,22 +65,21 @@ public class UserLoginBean implements Serializable {
this.repassword = repassword;
}
-
- public void login() {
+ public String login() {
String token = securityLocal.login(user);
if (token != null) {
session.setToken(token);
session.setUser(user);
- // return "gestionhechos";
+ return "jsf/gestionhechos";
} else {
FacesContext.getCurrentInstance().addMessage(
null,
new FacesMessage(FacesMessage.SEVERITY_WARN,
"Ingreso Incorrecto",
"Por favor verificar los datos ingresados"));
- // return "";
}
+ return "";
}
public String register() {
@@ -92,7 +91,7 @@ public class UserLoginBean implements Serializable {
//TODO
if (valid) {
final var s = securityLocal.register(user);
- return "gestionhechos";
+ return "jsf/gestionhechos";
} else {
FacesContext.getCurrentInstance().addMessage(
null,
diff --git a/backoffice/src/main/java/uy/edu/fing/tse/jsf/security/JwtFilter.java b/backoffice/src/main/java/uy/edu/fing/tse/jsf/security/JwtFilter.java
index c0112eaf8817058e12e5745991edf4a5c54d3a8b..91f644a0966bd56a107cbf2820e558f86b112047 100644
--- a/backoffice/src/main/java/uy/edu/fing/tse/jsf/security/JwtFilter.java
+++ b/backoffice/src/main/java/uy/edu/fing/tse/jsf/security/JwtFilter.java
@@ -2,46 +2,52 @@ package uy.edu.fing.tse.jsf.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
+import uy.edu.fing.tse.jsf.session.SessionBean;
+import javax.inject.Inject;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
-//@WebFilter("/jsf/*")
-//public class JwtFilter implements javax.servlet.Filter {
-// @Override
-// public void init(FilterConfig filterConfig) throws ServletException {
-//
-// }
-//
-// @Override
-// public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
-// final HttpServletRequest request = (HttpServletRequest) req;
-// final HttpServletResponse response = (HttpServletResponse) res;
-//
-// final String authHeader = request.getHeader("Authorization");
-// if (authHeader == null || !authHeader.startsWith("Bearer ")) {
-// //TODO se puede hacer un send Redirect para enviarlo al Login
-// response.setStatus(401);
-// return;
-// }
-//
-// try {
-// final String token = authHeader.substring(7); // The part after "Bearer "
-// final Claims claims = Jwts.parser().setSigningKey("1q2w3e4r5t6y7u8i9o0p").parseClaimsJws(token).getBody();
-// request.setAttribute("claims", claims);
-// } catch (final Exception e) {
-// response.setStatus(401);
-// return;
-// }
-//
-// chain.doFilter(req, res);
-// }
-//
-// @Override
-// public void destroy() {
-//
-// }
-//}
+@WebFilter("/jsf/*")
+public class JwtFilter implements javax.servlet.Filter {
+
+ @Inject
+ private SessionBean session;
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+
+ }
+
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
+ final HttpServletRequest request = (HttpServletRequest) req;
+ final HttpServletResponse response = (HttpServletResponse) res;
+
+ final var token = session.getToken();
+ if (token == null) {
+ //TODO se puede hacer un send Redirect para enviarlo al Login
+ response.setStatus(401);
+ response.sendRedirect(request.getContextPath() + "/login.xhtml");
+ return;
+ }
+
+ try {
+ final Claims claims = Jwts.parser().setSigningKey("1q2w3e4r5t6y7u8i9o0p").parseClaimsJws(token).getBody();
+ request.setAttribute("claims", claims);
+ } catch (final Exception e) {
+ session.invalidate();
+ response.setStatus(401);
+ return;
+ }
+
+ chain.doFilter(req, res);
+ }
+
+ @Override
+ public void destroy() {
+ }
+}
diff --git a/backoffice/src/main/java/uy/edu/fing/tse/jsf/session/SessionBean.java b/backoffice/src/main/java/uy/edu/fing/tse/jsf/session/SessionBean.java
index ae950252835b231acebd35924b5006d524fbac91..54b7c8223e42ec2c3fb89422763dc491f9fe9d87 100644
--- a/backoffice/src/main/java/uy/edu/fing/tse/jsf/session/SessionBean.java
+++ b/backoffice/src/main/java/uy/edu/fing/tse/jsf/session/SessionBean.java
@@ -3,9 +3,7 @@ package uy.edu.fing.tse.jsf.session;
import uy.edu.fing.tse.dto.UserBO;
import javax.enterprise.context.SessionScoped;
-import javax.faces.context.FacesContext;
import javax.inject.Named;
-import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;
@SessionScoped
@@ -34,11 +32,15 @@ public class SessionBean implements Serializable {
this.user = user;
}
- public void putToken() {
+ public String makeToken() {
if (token == null) {
- return;
+ return null;
}
- HttpServletResponse response = (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse();
- response.setHeader("Authorization", "Bearer " + token);
+ return "Bearer " + token;
+ }
+
+ public void invalidate() {
+ token = null;
+ user = null;
}
}
diff --git a/backoffice/src/main/webapp/WEB-INF/templates/template.xhtml b/backoffice/src/main/webapp/WEB-INF/templates/template.xhtml
index 624423b2d086142fd70dab5f8e32a8c80ac1cdb3..51e065b0717417557bca3b0ad597394c81960ffa 100644
--- a/backoffice/src/main/webapp/WEB-INF/templates/template.xhtml
+++ b/backoffice/src/main/webapp/WEB-INF/templates/template.xhtml
@@ -31,8 +31,11 @@
</style>
<title>BackOffice - feiknius</title>
+ <f:metadata>
+ <f:viewAction action="#{sessionBean.putToken()}"/>
+ <!--<f:event type="preRenderView" listener="#{sessionBean.putToken()}"/>-->
+ </f:metadata>
</h:head>
-
<h:body>
<header>
@@ -40,7 +43,6 @@
</header>
<!-- Menús, headers y todo lo que vaya antes del contenido -->
<p:messages/>
- <f:event type="preRenderView" listener="#{sessionBean.putToken()}"/>
<ui:insert name="contenido">
Contenido por defecto para que no quede en blanco...
</ui:insert>
diff --git a/backoffice/src/main/webapp/login.xhtml b/backoffice/src/main/webapp/login.xhtml
index 13361863583e03012f5026ad1bf7bc6cd9e21df4..69689b8b37399b128216b19cb44ca5574edf699f 100644
--- a/backoffice/src/main/webapp/login.xhtml
+++ b/backoffice/src/main/webapp/login.xhtml
@@ -23,10 +23,13 @@
<f:facet name="footer">
- <h:commandButton value="Register" action="register.xhmtl?faces-redirect=true"
+ <h:commandButton styleClass="btn btn-primary" value="Crear Usuario"
+ action="register.xhmtl?faces-redirect=true"
update="form" async="true" process="@this"/>
- <h:commandButton value="Login" action="#{userLoginView.login()}" update="form"/>
+ <h:commandButton styleClass="btn btn-primary"
+ value="Login" action="#{userLoginView.login()}"
+ update="form"/>
</f:facet>
<h:inputHidden id="token" value="#{sessionBean.token}"/>
</h:panelGrid>
diff --git a/backoffice/src/main/webapp/jsf/register.xhtml b/backoffice/src/main/webapp/register.xhtml
similarity index 100%
rename from backoffice/src/main/webapp/jsf/register.xhtml
rename to backoffice/src/main/webapp/register.xhtml