• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• MovieApp-master
  • movie-svc
    • src
      • main
        • resources
          • application.yml
          • application-dev.yml
          • db
            • migration
              • V1.0__create_tables.sql
          • application-prod.yml
          • application-test.yml
          • mapper
            • MovieMapper.xml
        • java
          • com
            • jskillcloud
              • movie
                • security
                  • JwtAuthenticationEntryPoint.java
                  • JwtAuthenticationFilter.java
                  • JwtTokenValidator.java
                  • UserPrincipal.java
                  • CurrentUser.java
                • dto
                  • ApiResponse.java
                • config
                  • WebMvcConfig.java
                  • SecurityConfig.java
                  • MyBatisConfig.java
                • service
                  • MovieService.java
                • MovieSvcApplication.java
                • model
                  • Movie.java
                • mapper
                  • MovieMapper.java
                • controller
                  • MovieController.java
    • pom.xml
    • mvnw
    • .mvn
      • wrapper
        • maven-wrapper.jar
        • MavenWrapperDownloader.java
        • maven-wrapper.properties
    • Dockerfile
    • mvnw.cmd
  • gateway
    • src
      • main
        • resources
          • application.yml
          • application-dev.yml
          • application-prod.yml
          • application-test.yml
        • java
          • com
            • jskillcloud
              • gateway
                • GatewayApplication.java
      • test
        • java
          • com
            • jskillcloud
              • gateway
                • GatewayApplicationTests.java
    • pom.xml
    • mvnw
    • .mvn
      • wrapper
        • maven-wrapper.jar
        • MavenWrapperDownloader.java
        • maven-wrapper.properties
    • Dockerfile
    • .gitignore
    • mvnw.cmd
  • LICENSE
  • movie-app
    • src
      • components
        • FlashMessages.jsx
        • SearchBar.jsx
        • NotFound.jsx
        • MovieList.jsx
        • LoginForm.jsx
        • RegisterForm.jsx
        • SavedMovies.jsx
        • MovieCard.jsx
      • App.css
      • App.jsx
      • index.js
    • .env.development
    • public
      • favicon.ico
      • manifest.json
      • index.html
    • README.md
    • package.json
    • Dockerfile
    • .dockerignore
  • auth-svc
    • src
      • main
        • resources
          • application.yml
          • application-dev.yml
          • db
            • migration
              • V1.1__default_roles.sql
              • V1.0__create_tables.sql
          • application-prod.yml
          • application-test.yml
          • mapper
            • UserMapper.xml
            • RoleMapper.xml
        • java
          • com
            • jskillcloud
              • authsvc
                • security
                  • CustomUserDetailsService.java
                  • JwtAuthenticationEntryPoint.java
                  • JwtAuthenticationFilter.java
                  • UserPrincipal.java
                  • CurrentUser.java
                  • JwtTokenProvider.java
                • dto
                  • JwtAuthenticationResponse.java
                  • UserIdentityAvailability.java
                  • SignUpRequest.java
                  • ApiResponse.java
                  • LoginRequest.java
                  • UserInfo.java
                • config
                  • WebMvcConfig.java
                  • SecurityConfig.java
                  • MyBatisConfig.java
                • service
                  • AuthService.java
                • exception
                  • ResourceNotFoundException.java
                  • AppException.java
                • model
                  • RoleName.java
                  • Role.java
                  • User.java
                • mapper
                  • RoleMapper.java
                  • UserMapper.java
                • controller
                  • UserController.java
                  • AuthController.java
                • AuthSvcApplication.java
      • test
        • java
          • com
            • jskillcloud
              • authsvc
                • AuthsvcApplicationTests.java
                • it
                  • mapper
                    • UserMapperTest.java
                    • RoleMapperTest.java
                  • controller
                    • UserControllerTest.java
                    • AuthControllerTest.java
    • pom.xml
    • mvnw
    • .mvn
      • wrapper
        • maven-wrapper.jar
        • MavenWrapperDownloader.java
        • maven-wrapper.properties
    • Dockerfile
    • mvnw.cmd
  • k8s
    • testing
      • movie-svc
        • deployment.yaml
        • service.yaml
      • gateway
        • deployment.yaml
        • service.yaml
      • zipkin
        • deployment.yaml
        • service.yaml
      • movie-db-mysql
        • deployment.yaml
        • service.yaml
      • movie-app
        • deployment.yaml
        • service.yaml
      • auth-svc
        • deployment.yaml
        • service.yaml
      • auth-db-mysql
        • deployment.yaml
        • service.yaml
  • README.md
  • .gitignore
  • docker-compose.yml
  • doc
    • image
      • techstack.jpg
    • ppt

package com.jskillcloud.movie.security;

import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.security.core.context.SecurityContextHolder;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Slf4j
public class JwtAuthenticationFilter extends OncePerRequestFilter {

    @Autowired
    private JwtTokenValidator tokenValidator;


    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        try {
            // Get jwt token
            String jwt = getJwtFromRequest(request);

            // Validate the token
            if (StringUtils.hasText(jwt) && tokenValidator.validateToken(jwt)) {
                // Build userDetails
                UserDetails userDetails = tokenValidator.getUserPrincipalFromJWT(jwt);

                // Crate auth object
                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

                // Authenticate the user
                SecurityContextHolder.getContext().setAuthentication(authentication);
            }
        } catch (Exception ex) {
            logger.error("Could not set user authentication in security context", ex);
            // In case of failure. Make sure it's clear; so guarantee user won't be authenticated.
            SecurityContextHolder.clearContext();
        }

        filterChain.doFilter(request, response);
    }

    private String getJwtFromRequest(HttpServletRequest request) {
        String bearerToken = request.getHeader("Authorization");
        if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
            return bearerToken.substring(7);
        }
        return null;
    }
}