feat: throw error 403 if creds incorrect
This commit is contained in:
parent
a8f6b30f1f
commit
63d7c0c53a
|
@ -9,6 +9,7 @@ import javax.persistence.TypedQuery;
|
||||||
import javax.persistence.NoResultException;
|
import javax.persistence.NoResultException;
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
import javax.ws.rs.CookieParam;
|
import javax.ws.rs.CookieParam;
|
||||||
|
import javax.ws.rs.ForbiddenException;
|
||||||
import javax.ws.rs.GET;
|
import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.NotFoundException;
|
import javax.ws.rs.NotFoundException;
|
||||||
import javax.ws.rs.POST;
|
import javax.ws.rs.POST;
|
||||||
|
@ -99,9 +100,8 @@ public class UserService {
|
||||||
try {
|
try {
|
||||||
// si on trouve l'utilisateur via son sessionID
|
// si on trouve l'utilisateur via son sessionID
|
||||||
user = User.fromSessionID(cookie.getValue(), em);
|
user = User.fromSessionID(cookie.getValue(), em);
|
||||||
|
|
||||||
LOGGER.info(user.getUsername() + " already logged in");
|
LOGGER.info(user.getUsername() + " already logged in");
|
||||||
// TODO: renvoyer un json avec les creds
|
|
||||||
} catch (NoResultException e) {
|
} catch (NoResultException e) {
|
||||||
// on trouve le user à partir de son username
|
// on trouve le user à partir de son username
|
||||||
user = em.find(User.class, username);
|
user = em.find(User.class, username);
|
||||||
|
@ -117,6 +117,7 @@ public class UserService {
|
||||||
LOGGER.info(user.getUsername() + " logged in");
|
LOGGER.info(user.getUsername() + " logged in");
|
||||||
} else {
|
} else {
|
||||||
LOGGER.info("incorrect creds for " + user.getUsername());
|
LOGGER.info("incorrect creds for " + user.getUsername());
|
||||||
|
throw new ForbiddenException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue