diff --git a/src/main/java/org/ccalm/jwt/MainController.java b/src/main/java/org/ccalm/jwt/MainController.java index ce0bd51..debdfdb 100644 --- a/src/main/java/org/ccalm/jwt/MainController.java +++ b/src/main/java/org/ccalm/jwt/MainController.java @@ -500,26 +500,17 @@ public class MainController implements ServletContextAware { @RequestMapping(value = "/access", method = {RequestMethod.POST}, produces = "application/json;charset=utf-8") @ResponseBody public ResponseEntity access( - Model model, - @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, + Authentication authentication, @Nullable @RequestBody ActionNameModel action_name, @CookieValue(value = "lng", defaultValue = "1") String language_id ) { Translation trt = new Translation(language_id, jdbcTemplate); try { - if (jwt_a.isEmpty() || countOccurrences(jwt_a, '.') != 2) { - return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Please_log_in"), null, null), HttpStatus.INTERNAL_SERVER_ERROR); - } - - Jws claims; - try { - claims = Jwts.parserBuilder() - .setSigningKey(getPublicKey()) - .build() - .parseClaimsJws(jwt_a); - } catch (Exception e) { - return new ResponseEntity<>(new ErrorResponseModel(10000, Arrays.asList(trt.trt(false, "Please_log_in"), trt.trt(false, "JWT_token_verification_error")), null, null), HttpStatus.INTERNAL_SERVER_ERROR); + if (authentication == null || !authentication.isAuthenticated()) { + String uuid = UUID.randomUUID().toString(); + return new ResponseEntity<>(new ErrorResponseModel(10401, trt.trt(false, "Please_log_in"), null, uuid), HttpStatus.UNAUTHORIZED); } + UserDetails userDetails = (UserDetails) authentication.getPrincipal(); String sql = """ select @@ -533,7 +524,7 @@ public class MainController implements ServletContextAware { """; MapSqlParameterSource parameters = new MapSqlParameterSource(); - parameters.addValue("user_id", claims.getBody().get("user_id")); + parameters.addValue("user_id", userDetails.getUserId()); if (action_name == null) { parameters.addValue("action_name", null); } else {