Merge pull request #17 from burakkggul/jwt_username_check

jwt username existing check added.
burakkggul · Jul 15, 2022 · 4221de2 · 4221de2
2 parents c1a8d44 + 1469912
commit 4221de2
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/idea-httpclient/funct-tests.http b/idea-httpclient/funct-tests.http
@@ -18,4 +18,4 @@ Content-Type: application/json
 
 ### HealthCheck Request
 GET http://localhost:8080/healthCheck
-Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJidXJhayIsImlzcyI6ImJ1cmFrZ3VsLmNvbS50ciIsImlhdCI6MTY1Nzg5MTg1MCwiZXhwIjoxNjU3ODkyMTUwfQ.9NbJxa4WMN4s-bRe_lo-hNOfYZ6oK5STncUdD3wr1onDidKV57QRIkTk5kZDAeZK7scE0cTu-CWvvYYcFPmzFA
+Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJidXJhayIsImlzcyI6ImJ1cmFrZ3VsLmNvbS50ciIsImlhdCI6MTY1Nzg5NDY0NywiZXhwIjoxNjU3ODk0OTQ3fQ._8EUA5YPckRefiuYmHWz-eyy2VvPw63W1KKG7J8LsTlTkYFI7ibFvi96j-bidXa6IG0wYr--o4uaZY7xabUdgg
diff --git a/src/main/java/tr/com/burakgul/springsecuritytrainer/auth/JwtTokenFilter.java b/src/main/java/tr/com/burakgul/springsecuritytrainer/auth/JwtTokenFilter.java
@@ -28,11 +28,13 @@
 public class JwtTokenFilter extends OncePerRequestFilter {
 
     @Autowired
-    public JwtTokenFilter(TokenManager tokenManager) {
+    public JwtTokenFilter(TokenManager tokenManager, UserDetailService userDetailService) {
         this.tokenManager = tokenManager;
+        this.userDetailService = userDetailService;
     }
 
     private TokenManager tokenManager;
+    private UserDetailService userDetailService;
 
     /**
      * Bu metod gelen her isteği karşılamaktadır.
@@ -81,11 +83,14 @@ public void doFilterInternal(HttpServletRequest httpServletRequest,
         */
         if (token != null && username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
             if (tokenManager.hasTokenValid(token)) {
-                UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username,
-                        null,
-                        new ArrayList<>());
-                authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
-                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+                UserDetails user = this.userDetailService.loadUserByUsername(username);
+                if (Objects.nonNull(user)) {
+                    UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user,
+                            null,
+                            new ArrayList<>());
+                    authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
+                    SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+                }
             }
         }
         /*