Skip to content

Commit 2e6b68a

Browse files
SebastianLopezOSebastianLopezO
committed
Update JwtAuthFilter.java
1 parent 9afeb45 commit 2e6b68a

File tree

1 file changed

+26
-2
lines changed

1 file changed

+26
-2
lines changed

src/main/java/app/smartpot/api/security/config/filters/JwtAuthFilter.java

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,39 +7,63 @@
77
import jakarta.servlet.http.HttpServletRequest;
88
import jakarta.servlet.http.HttpServletResponse;
99
import lombok.NonNull;
10+
import org.springframework.beans.factory.annotation.Value;
1011
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
1112
import org.springframework.security.core.context.SecurityContextHolder;
1213
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
1314
import org.springframework.stereotype.Component;
1415
import org.springframework.web.filter.OncePerRequestFilter;
1516

1617
import java.io.IOException;
18+
import java.util.Arrays;
19+
import java.util.List;
1720

1821
@Component
1922
public class JwtAuthFilter extends OncePerRequestFilter {
2023

2124
// TODO: implement role for jwt
2225
private final JwtServiceImpl jwtServiceImpl;
2326

27+
@Value("${application.security.public.routes}")
28+
private String publicRoutes;
29+
private List<String> publicRoutesList;
30+
2431
public JwtAuthFilter(JwtServiceImpl jwtServiceImpl) {
2532
this.jwtServiceImpl = jwtServiceImpl;
2633
}
2734

35+
@Override
36+
public void afterPropertiesSet() {
37+
if (publicRoutes != null && !publicRoutes.isEmpty()) {
38+
publicRoutesList = Arrays.stream(publicRoutes.split(","))
39+
.map(route -> route.replace("/**", ""))
40+
.toList();
41+
}
42+
}
43+
2844
@Override
2945
protected void doFilterInternal(
3046
@NonNull HttpServletRequest request,
3147
@NonNull HttpServletResponse response,
3248
@NonNull FilterChain filterChain
3349
) throws ServletException, IOException {
50+
for (String route : publicRoutesList) {
51+
if (request.getServletPath().startsWith(route)) {
52+
filterChain.doFilter(request, response);
53+
return;
54+
}
55+
}
3456
String authHeader = request.getHeader("Authorization");
3557
try {
3658
UserDTO user = jwtServiceImpl.validateAuthHeader(authHeader);
3759
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
3860
user, user.getPassword(), null /* user.getAuthorities() */);
3961
authToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
4062
SecurityContextHolder.getContext().setAuthentication(authToken);
41-
} catch (Exception ignored) {
63+
filterChain.doFilter(request, response);
64+
65+
} catch (Exception e) {
66+
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Token Invalido o Expirado");
4267
}
43-
filterChain.doFilter(request, response);
4468
}
4569
}

0 commit comments

Comments
 (0)