Skip to content

Commit

Permalink
fix: return 401 when token is invalid
Browse files Browse the repository at this point in the history
  • Loading branch information
peageon committed Jun 3, 2024
1 parent 63cdf9c commit 5787b86
Showing 1 changed file with 25 additions and 17 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.runningmate.backend.jwt.filter;

import com.runningmate.backend.exception.InvalidTokenException;
import com.runningmate.backend.jwt.service.JwtService;
import com.runningmate.backend.member.repository.MemberRepository;
import jakarta.servlet.FilterChain;
Expand Down Expand Up @@ -65,23 +66,30 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
// return;
// }

jwtService.extractAccessToken(request).ifPresent(
accessToken -> jwtService.extractUsername(accessToken).ifPresent(
username -> memberRepository.findByUsername(username).ifPresent(
member -> {
UserDetails user = User.builder()
.username(member.getUsername())
.password(member.getPassword())
.roles(member.getRole().name())
.build();
//TODO: Create Custom UserDetails to store member so i do not need to do another findByUsername in controller
Authentication authentication = new UsernamePasswordAuthenticationToken(user, null, authoritiesMapper.mapAuthorities(user.getAuthorities()));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
)
)
);
System.out.println("Went through extracting username from accessToken");
boolean tokenValid = jwtService.extractAccessToken(request)
.filter(jwtService::isTokenValid)
.flatMap(jwtService::extractUsername)
.flatMap(username -> memberRepository.findByUsername(username)
.map(member -> {
UserDetails user = User.builder()
.username(member.getUsername())
.password(member.getPassword())
.roles(member.getRole().name())
.build();
Authentication authentication = new UsernamePasswordAuthenticationToken(user, null, authoritiesMapper.mapAuthorities(user.getAuthorities()));
SecurityContextHolder.getContext().setAuthentication(authentication);
return true;
}))
.orElse(false);

// If the token is invalid, return a 401 response
if (!tokenValid) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.getWriter().write("{\"error\":\"Invalid token\"}");
response.setContentType("application/json");
return;
}

filterChain.doFilter(request, response);
}

Expand Down

0 comments on commit 5787b86

Please sign in to comment.