From 13c9d2edb40d099915b45838df918b0f6f076cf4 Mon Sep 17 00:00:00 2001
From: Bart Chou <bart@beehex.com>
Date: Sun, 30 Oct 2022 16:39:49 -0400
Subject: [PATCH] now server can create login cookie and client can store
cookie in broser. We use userId as token for login cookie for convinence for
now.
---
.../controllers/UserController.java | 36 ++++++++++++++-----
.../switch-room/src/components/AppHeader.vue | 2 +-
.../switch-room/src/components/MainPage.vue | 19 +++++-----
.../switch-room/src/router/index.ts | 3 +-
.../src/services/ServerHttpService.ts | 2 ++
.../switch-room/src/services/UserService.ts | 4 +--
.../switch-room/src/store/modules/auth.ts | 2 --
7 files changed, 42 insertions(+), 26 deletions(-)
diff --git a/BackendFolder/SwitchRoom/src/main/java/vt/CS5934/SwitchRoom/controllers/UserController.java b/BackendFolder/SwitchRoom/src/main/java/vt/CS5934/SwitchRoom/controllers/UserController.java
index 81533d14..c01f490f 100644
--- a/BackendFolder/SwitchRoom/src/main/java/vt/CS5934/SwitchRoom/controllers/UserController.java
+++ b/BackendFolder/SwitchRoom/src/main/java/vt/CS5934/SwitchRoom/controllers/UserController.java
@@ -9,15 +9,19 @@ import vt.CS5934.SwitchRoom.models.ResponseModel;
import vt.CS5934.SwitchRoom.models.UserModel;
import vt.CS5934.SwitchRoom.services.UserService;
import vt.CS5934.SwitchRoom.hash.SHAModel;
-import lombok.Getter;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletResponse;
import java.security.NoSuchAlgorithmException;
/**
* The "@RestController" made the class into rest handle class
* The "@RequestMapping("example")" on the class level make it only react to url ".../example/..."
*/
-@CrossOrigin
+@CrossOrigin(
+ allowCredentials = "true",
+ origins = {"http://localhost:8080/"}
+)
@RestController
@RequestMapping("user")
public class UserController {
@@ -58,7 +62,7 @@ public class UserController {
}
@PostMapping("/loginUser")
- public ResponseModel loginUser(@RequestBody UserModel user) throws NoSuchAlgorithmException {
+ public ResponseModel loginUser(@RequestBody UserModel user, HttpServletResponse servletResponse) throws NoSuchAlgorithmException {
logger.info("You reached the handlePost() functions.");
ResponseModel response = new ResponseModel();
SHAModel hash = new SHAModel();
@@ -69,16 +73,23 @@ public class UserController {
if (existUser != null && existUser.getPassword().equals(inputPassword)) {
response.setMessage("Login in successfully");
response.setStatus(HttpStatus.OK);
- var token = Token.of(existUser.getUserId(), 10L, "secret");
- existUser.setToken(token.getToken());
+// var token = Token.of(existUser.getUserId(), 10L, "secret");
+// existUser.setToken(token.getToken());
} else {
response.setMessage("Couldn't find an account matching the login info you entered");
response.setStatus(HttpStatus.FORBIDDEN);
}
+// Cookie theCookie = new Cookie("token", token.getToken());
+ Cookie theCookie = new Cookie("userId", Integer.toString(existUser.getUserId())); // use UserId for now
+ theCookie.setHttpOnly(false);
+ theCookie.setSecure(false);
+ theCookie.setPath("/");
+ theCookie.setMaxAge(60);
+ servletResponse.addCookie(theCookie);
+
existUser.setPassword(null);
response.setData(existUser);
- response.setData(existUser);
return response;
}catch (Exception e){
@@ -88,10 +99,17 @@ public class UserController {
null);
}
}
- @PostMapping("/checkLoginSession")
- public ResponseModel checkLoginSession(@RequestBody Object json) {
+ @GetMapping("/checkLoginSession")
+ public ResponseModel checkLoginSession(@CookieValue(value = "userId", required = false) String token) {
ResponseModel response = new ResponseModel();
- response.setStatus(HttpStatus.OK);
+
+ if (token == null) {
+ System.out.println("checkLoginSession: FORBIDDEN");
+ response.setStatus(HttpStatus.FORBIDDEN);
+ } else {
+ System.out.println("checkLoginSession: OK");
+ response.setStatus(HttpStatus.OK);
+ }
return response;
}
diff --git a/FrontendFolder/switch-room/src/components/AppHeader.vue b/FrontendFolder/switch-room/src/components/AppHeader.vue
index 615723eb..442c1208 100644
--- a/FrontendFolder/switch-room/src/components/AppHeader.vue
+++ b/FrontendFolder/switch-room/src/components/AppHeader.vue
@@ -30,8 +30,8 @@ export default defineComponent({
logOut: "logOutApi",
}),
hanldeLogOut() {
- localStorage.setItem("token", "");
this.logOut()
+ document.cookie = 'userId=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
this.$router.push("/");
}
}
diff --git a/FrontendFolder/switch-room/src/components/MainPage.vue b/FrontendFolder/switch-room/src/components/MainPage.vue
index e946219d..2d69366a 100644
--- a/FrontendFolder/switch-room/src/components/MainPage.vue
+++ b/FrontendFolder/switch-room/src/components/MainPage.vue
@@ -85,15 +85,14 @@ export default defineComponent({
actionLoginApi: "loginApi",
}),
async handleCreated() {
- let token = localStorage.getItem('token');
- if (token) {
- await checkLoginSession(JSON.stringify(token))
- .then((result) => {
- if (result.status == "OK") {
- this.$router.push("/login-main-page");
- }
- })
- }
+ await checkLoginSession()
+ .then((result) => {
+ if (result.status == "OK") {
+ this.$router.push({name: 'LoginMainPage'});
+ } else {
+ this.$router.push({name: 'home'})
+ }
+ })
},
async handleLogin() {
const payload = {
@@ -102,7 +101,7 @@ export default defineComponent({
};
await this.actionLoginApi(payload);
if (this.getLoginStatus){
- this.$router.push("/login-main-page");
+ this.$router.push({name: 'LoginMainPage'});
}
},
},
diff --git a/FrontendFolder/switch-room/src/router/index.ts b/FrontendFolder/switch-room/src/router/index.ts
index 877fcbd8..b357ec61 100644
--- a/FrontendFolder/switch-room/src/router/index.ts
+++ b/FrontendFolder/switch-room/src/router/index.ts
@@ -1,7 +1,6 @@
import { createRouter, createWebHistory, RouteRecordRaw } from "vue-router";
import HomeView from "../views/HomeView.vue";
import RegisterView from "../views/RegisterView.vue";
-import store from "../store/index"
const routes: Array<RouteRecordRaw> = [
{
@@ -50,7 +49,7 @@ const router = createRouter({
router.beforeEach((to, from, next) => {
if (to.matched.some(record => record.meta.requiresAuth)) {
- if (!store.getters["auth/getLoginStatus"]) {
+ if (!document.cookie) {
next({ name: 'home' })
} else {
next()
diff --git a/FrontendFolder/switch-room/src/services/ServerHttpService.ts b/FrontendFolder/switch-room/src/services/ServerHttpService.ts
index ea93675e..14c4c3f2 100644
--- a/FrontendFolder/switch-room/src/services/ServerHttpService.ts
+++ b/FrontendFolder/switch-room/src/services/ServerHttpService.ts
@@ -11,6 +11,7 @@ function Get(path: string) {
return fetch(url, {
method: "GET",
+ credentials: "include",
})
.then((response) => {
if (response.ok) {
@@ -31,6 +32,7 @@ function Post(path: string, bodyData: any) {
console.log("With Data: ", JSON.stringify(bodyData));
return fetch(url, {
method: "POST",
+ credentials: "include",
headers: {
"Content-Type": "application/json",
},
diff --git a/FrontendFolder/switch-room/src/services/UserService.ts b/FrontendFolder/switch-room/src/services/UserService.ts
index 9df72caa..b6553b67 100644
--- a/FrontendFolder/switch-room/src/services/UserService.ts
+++ b/FrontendFolder/switch-room/src/services/UserService.ts
@@ -11,9 +11,9 @@ function loginUser(userData: any) {
// console.log(Server_URL + baseUrl + urlPath);
return serverHttpService.Post(baseUrl + urlPath, JSON.parse(userData));
}
-function checkLoginSession(token: any) {
+function checkLoginSession() {
const urlPath = "/checkLoginSession";
- return serverHttpService.Post(baseUrl + urlPath, JSON.parse(token));
+ return serverHttpService.Get(baseUrl + urlPath);
}
export { postUserDataToServer, loginUser, checkLoginSession };
diff --git a/FrontendFolder/switch-room/src/store/modules/auth.ts b/FrontendFolder/switch-room/src/store/modules/auth.ts
index a2235b59..85bc4c1a 100644
--- a/FrontendFolder/switch-room/src/store/modules/auth.ts
+++ b/FrontendFolder/switch-room/src/store/modules/auth.ts
@@ -16,8 +16,6 @@ const actions = {
.catch((error) => alert(error));
if (response.status == "OK") {
commit("setLoginStatus", true);
- console.log("login token: " + response.data.token)
- localStorage.setItem('token', response.data.token)
} else {
alert(response.message)
}
--
GitLab