Skip to content
Snippets Groups Projects
Commit dd067159 authored by Falucho's avatar Falucho
Browse files

Refactor Login

parent 4e85288e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 212 additions and 92 deletions
backoffice/pom.xml
+ 6
0
View file @ dd067159
......@@ -51,6 +51,12 @@
<artifactId>wildfly-jsf</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
......
backoffice/src/main/java/uy/edu/fing/tse/jsf/UserLoginBean.java
+ 11
18
View file @ dd067159
......@@ -6,12 +6,14 @@ import uy.edu.fing.tse.central.business.BusinessLocal;
import uy.edu.fing.tse.central.business.security.SecurityLocal;
import uy.edu.fing.tse.dto.Role;
import uy.edu.fing.tse.dto.UserBO;
import uy.edu.fing.tse.jsf.session.SessionBean;
import javax.annotation.PostConstruct;
import javax.ejb.EJB;
import javax.enterprise.context.RequestScoped;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import java.io.Serializable;
import java.util.List;
......@@ -25,9 +27,12 @@ public class UserLoginBean implements Serializable {
private static final Logger LOG = LoggerFactory.getLogger(UserLoginBean.class);
@EJB
private SecurityLocal securityLocal;
@EJB
private BusinessLocal negocio;
@Inject
private SessionBean session;
private List<Role> roles;
......@@ -40,8 +45,6 @@ public class UserLoginBean implements Serializable {
private String repassword;
private String token;
public List<Role> getRoles() {
return roles;
}
......@@ -62,31 +65,21 @@ public class UserLoginBean implements Serializable {
this.repassword = repassword;
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public String login() {
token = securityLocal.login(user);
public void login() {
String token = securityLocal.login(user);
if (token != null) {
try {//TODO sacar
Thread.sleep(2000);
} catch (InterruptedException e) {
e.printStackTrace();
}
return "gestionhechos";
session.setToken(token);
session.setUser(user);
// return "gestionhechos";
} else {
FacesContext.getCurrentInstance().addMessage(
null,
new FacesMessage(FacesMessage.SEVERITY_WARN,
"Ingreso incorrecto",
"Por favor verificar los datos ingresados"));
return "";
// return "";
}
}
......
backoffice/src/main/java/uy/edu/fing/tse/jsf/security/JwtFilter.java 0 → 100644
+ 47
0
View file @ dd067159
package uy.edu.fing.tse.jsf.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebFilter("/jsf/*")
public class JwtFilter implements javax.servlet.Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) req;
final HttpServletResponse response = (HttpServletResponse) res;
final String authHeader = request.getHeader("Authorization");
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
//TODO se puede hacer un send Redirect para enviarlo al Login
response.setStatus(401);
return;
}
try {
final String token = authHeader.substring(7); // The part after "Bearer "
final Claims claims = Jwts.parser().setSigningKey("1q2w3e4r5t6y7u8i9o0p").parseClaimsJws(token).getBody();
request.setAttribute("claims", claims);
} catch (final Exception e) {
response.setStatus(401);
return;
}
chain.doFilter(req, res);
}
@Override
public void destroy() {
}
}
backoffice/src/main/java/uy/edu/fing/tse/jsf/session/SessionBean.java 0 → 100644
+ 44
0
View file @ dd067159
package uy.edu.fing.tse.jsf.session;
import uy.edu.fing.tse.dto.UserBO;
import javax.enterprise.context.SessionScoped;
import javax.faces.context.FacesContext;
import javax.inject.Named;
import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;
@SessionScoped
@Named("sessionBean")
public class SessionBean implements Serializable {
private static final long serialVersionUID = 9062153372176877309L;
private String token = null;
private UserBO user = null;
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public UserBO getUser() {
return user;
}
public void setUser(UserBO user) {
this.user = user;
}
public void putToken() {
if (token == null) {
return;
}
HttpServletResponse response = (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse();
response.setHeader("Authorization", "Bearer " + token);
}
}
backoffice/src/main/webapp/WEB-INF/templates/template.xhtml
+ 27
1
View file @ dd067159
......@@ -2,9 +2,34 @@
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:h="http://xmlns.jcp.org/jsf/html" xmlns:f="http://xmlns.jcp.org/jsf/core"
>
<h:head>
<style type="text/css">
.ui-datatable .ui-datatable-header {
text-align: right !important;
}
.ui-button-text-only .ui-button-text {
padding: 0.3em 0.4em;
}
.ui-selectcheckboxmenu-panel .ui-selectcheckboxmenu-header .ui-chkbox {
visibility: hidden;
}
.ui-filter-column .ui-column-customfilter .custom-filter {
width: 100%;
box-sizing: border-box;
}
.year-spinner input {
width: 100%;
box-sizing: border-box;
}
</style>
<title>BackOffice - feiknius</title>
</h:head>
......@@ -15,6 +40,7 @@
</header>
<!-- Menús, headers y todo lo que vaya antes del contenido -->
<p:messages/>
<f:event type="preRenderView" listener="#{sessionBean.putToken()}"/>
<ui:insert name="contenido">
Contenido por defecto para que no quede en blanco...
</ui:insert>
......
backoffice/src/main/webapp/index.xhtml
+ 1
1
View file @ dd067159
......@@ -6,7 +6,7 @@
>
<body>
<ui:decorate template="WEB-INF/templates/template.xhtml">
<ui:decorate template="/WEB-INF/templates/template.xhtml">
<ui:define name="contenido">
<h1>Push</h1>
<h:panelGroup id="messagePanel" layout="block">
......
backoffice/src/main/webapp/jsf/gestionhechos.xhtml
+ 46
70
View file @ dd067159
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui"
xmlns:f="http://xmlns.jcp.org/jsf/core">
<h:head>
<style type="text/css">
.ui-datatable .ui-datatable-header {
text-align: right !important;
}
.ui-button-text-only .ui-button-text {
padding: 0.3em 0.4em;
}
.ui-selectcheckboxmenu-panel .ui-selectcheckboxmenu-header .ui-chkbox {
visibility: hidden;
}
.ui-filter-column .ui-column-customfilter .custom-filter {
width: 100%;
box-sizing: border-box;
}
.year-spinner input {
width: 100%;
box-sizing: border-box;
}
</style>
</h:head>
<f:view>
<h:form >
<p:outputPanel style="font-size: 30px;text-align: center">
<h:outputText value= "Bienvenido " />
<h:outputText value= "#{userLoginView.user.mail}" />
</p:outputPanel>
<p:dataTable var="hecho" id="dataHecho" value="#{gestionHechos.filteredFacts}" widgetVar="NoticiasTable"
emptyMessage="Hecho no encontrada" filteredValue="#{gestionHechos.filteredFacts}">
<f:facet name="header">
<p:outputPanel>
<h:outputText value="Buscar en todos los campos:" />
<p:inputText id="globalFilter" onkeyup="PF('NoticiasTable').filter()" style="width:150px" placeholder="Enter keyword"/>
</p:outputPanel>
</f:facet>
<p:column filterBy="#{gestionHechos.filterTitulo}" headerText="Titulo" filterMatchMode="contains">
<h:outputText value="#{hecho.title}" />
</p:column>
<p:column filterBy="#{gestionHechos.filterDesc}" headerText="Descripción" filterMatchMode="contains">
<h:outputText value="#{hecho.description}"/>
</p:column>
<p:column filterBy="#{gestionHechos.filterEstado}" headerText="Estados" filterMatchMode="exact">
<f:facet name="filter">
<p:selectOneMenu onchange="PF('NoticiasTable').filter()" styleClass="custom-filter">
<f:selectItem itemLabel="Select One" itemValue="#{null}" noSelectionOption="true" />
<f:selectItems value="#{gestionHechos.estados}" var="e" itemLabel="#{e.value}"
itemValue="#{e.value}"/>
</p:selectOneMenu>
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:f="http://xmlns.jcp.org/jsf/core"
>
<body>
<ui:decorate template="/WEB-INF/templates/template.xhtml">
<ui:define name="contenido">
<h:form>
<p:outputPanel style="font-size: 30px;text-align: center">
<h:outputText value="Bienvenido "/>
<h:outputText value="#{userLoginView.user.mail}"/>
</p:outputPanel>
<p:dataTable var="hecho" id="dataHecho" value="#{gestionHechos.filteredFacts}" widgetVar="NoticiasTable"
emptyMessage="Hecho no encontrada" filteredValue="#{gestionHechos.filteredFacts}">
<f:facet name="header">
<p:outputPanel>
<h:outputText value="Buscar en todos los campos:"/>
<p:inputText id="globalFilter" onkeyup="PF('NoticiasTable').filter()" style="width:150px"
placeholder="Enter keyword"/>
</p:outputPanel>
</f:facet>
<h:outputText value="#{hecho.actualState.value}"/>
</p:column>
</p:dataTable>
</h:form>
</f:view>
</html>
<p:column filterBy="#{gestionHechos.filterTitulo}" headerText="Titulo" filterMatchMode="contains">
<h:outputText value="#{hecho.title}"/>
</p:column>
<p:column filterBy="#{gestionHechos.filterDesc}" headerText="Descripción" filterMatchMode="contains">
<h:outputText value="#{hecho.description}"/>
</p:column>
<p:column filterBy="#{gestionHechos.filterEstado}" headerText="Estados" filterMatchMode="exact">
<f:facet name="filter">
<p:selectOneMenu onchange="PF('NoticiasTable').filter()" styleClass="custom-filter">
<f:selectItem itemLabel="Select One" itemValue="#{null}" noSelectionOption="true"/>
<f:selectItems value="#{gestionHechos.estados}" var="e" itemLabel="#{e.value}"
itemValue="#{e.value}"/>
</p:selectOneMenu>
</f:facet>
<h:outputText value="#{hecho.actualState.value}"/>
</p:column>
</p:dataTable>
</h:form>
</ui:define>
</ui:decorate>
</body>
</html>
\ No newline at end of file
backoffice/src/main/webapp/jsf/login.xhtml backoffice/src/main/webapp/login.xhtml
+ 1
1
View file @ dd067159
......@@ -26,7 +26,7 @@
update="form" async="true" process="@this"/>
<p:commandButton value="Login" action="#{userLoginView.login()}" update="form"/>
</f:facet>
<h:outputLabel value="#{userLoginView.token}"/>
<h:inputHidden id="token" value="#{sessionBean.token}"/>
</h:panelGrid>
</h:form>
</ui:define>
......
central-ejb/pom.xml
+ 5
0
View file @ dd067159
......@@ -60,6 +60,11 @@
<version>0.8.0</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
</dependency>
<!-- Test scope dependencies -->
<dependency>
<groupId>junit</groupId>
......
central-ejb/src/main/java/uy/edu/fing/tse/central/business/security/SecurityBean.java
+ 18
1
View file @ dd067159
package uy.edu.fing.tse.central.business.security;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import uy.edu.fing.tse.central.business.common.Secure;
......@@ -12,6 +14,8 @@ import uy.edu.fing.tse.dto.UserBO;
import javax.annotation.PostConstruct;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import java.util.Calendar;
import java.util.Date;
import java.util.Objects;
@Stateless
......@@ -49,9 +53,22 @@ public class SecurityBean implements SecurityLocal, SecurityRemote {
final var thisPassword = Secure.encriptPBKDF(p.getPassword(), salt);
if (Objects.equals(thisPassword, user.getPassword())) {
return thisPassword;
return createJWT(user.getMail(), user.getRole().getName());
}
return null;
}
private String createJWT(String role, String user) {
// prepare expiration date according to application properties
Date expDate = new Date();
Calendar calendar = Calendar.getInstance();
calendar.setTime(expDate);
calendar.add(Calendar.MINUTE, 15);
expDate = calendar.getTime();
return Jwts.builder().setSubject(user).claim("role", role).setIssuedAt(new Date()).setExpiration(expDate)
.signWith(SignatureAlgorithm.HS256, "1q2w3e4r5t6y7u8i9o0p").compact();
}
}
pom.xml
+ 6
0
View file @ dd067159
......@@ -205,6 +205,12 @@
<scope>provided</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.faces</groupId>
<artifactId>jboss-jsf-api_2.3_spec</artifactId>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment