Skip to content

Commit

Permalink
MAIN-T-95 Do not access token for anonymous requests
Browse files Browse the repository at this point in the history
  • Loading branch information
@hanna-eismant
hanna-eismant committed Apr 4, 2024
1 parent 03d8368 commit 9e81a42
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions server/src/main/java/org/hkurh/doky/security/JwtAuthorizationFilter.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,18 @@ import java.io.IOException
@Component
class JwtAuthorizationFilter(private val userService: UserService) : OncePerRequestFilter() {
private val authorizationHeader = "Authorization"
private val anonymousEndpoints = arrayOf("/register", "/login")

@Throws(ServletException::class, IOException::class)
override fun doFilterInternal(request: HttpServletRequest, response: HttpServletResponse, filterChain: FilterChain) {
LOG.debug("Jwt Authorization Filter is invoked.")

if (anonymousEndpoints.contains(request.requestURI)) {
LOG.debug("No check token for request ${request.requestURI}")
filterChain.doFilter(request, response)
return
}

try {
val token = getTokenFromRequest(request)
if (token != null) {
Expand Down

0 comments on commit 9e81a42

Please sign in to comment.