implemented user logout
This commit is contained in:
@@ -119,6 +119,7 @@ public abstract class PathHandler implements HttpHandler {
|
||||
}
|
||||
|
||||
public static boolean sendContent(HttpExchange ex, Object o) throws IOException {
|
||||
if (o instanceof JSONObject) ex.getResponseHeaders().add(CONTENT_TYPE, JSON);
|
||||
return sendContent(ex, HTTP_OK, o.toString().getBytes(UTF_8));
|
||||
}
|
||||
|
||||
|
||||
@@ -59,10 +59,23 @@ public class Backend extends PathHandler {
|
||||
|
||||
@Override
|
||||
public boolean doGet(String path, HttpExchange ex) throws IOException {
|
||||
// pre-login paths
|
||||
switch (path) {
|
||||
case "/openid-configuration":
|
||||
return openidConfig(ex);
|
||||
}
|
||||
|
||||
var optSession = getSession(ex);
|
||||
if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
|
||||
|
||||
// post-login paths
|
||||
var session = optSession.get();
|
||||
switch (path) {
|
||||
case "/logout":
|
||||
return logout(ex,session);
|
||||
}
|
||||
|
||||
System.err.println("not implemented");
|
||||
return sendEmptyResponse(HTTP_NOT_FOUND, ex);
|
||||
}
|
||||
|
||||
@@ -98,6 +111,12 @@ public class Backend extends PathHandler {
|
||||
return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessions::retrieve);
|
||||
}
|
||||
|
||||
private boolean logout(HttpExchange ex, Session session) throws IOException {
|
||||
sessions.dropSession(session.id());
|
||||
new SessionToken("").addTo(ex);
|
||||
return sendEmptyResponse(HTTP_OK,ex);
|
||||
}
|
||||
|
||||
private boolean openidConfig(HttpExchange ex) throws IOException {
|
||||
var uri = ex.getRequestURI().toString();
|
||||
JSONObject json = new JSONObject();
|
||||
@@ -108,15 +127,8 @@ public class Backend extends PathHandler {
|
||||
|
||||
|
||||
private boolean sendUserAndCookie(HttpExchange ex, Session session) throws IOException {
|
||||
var bytes = new JSONObject(session.user().map(false)).toString().getBytes(UTF_8);
|
||||
var headers = ex.getResponseHeaders();
|
||||
|
||||
headers.add(CONTENT_TYPE, JSON);
|
||||
new SessionToken(session.id()).addTo(headers);
|
||||
ex.sendResponseHeaders(200, bytes.length);
|
||||
var out = ex.getResponseBody();
|
||||
out.write(bytes);
|
||||
return true;
|
||||
new SessionToken(session.id()).addTo(ex);
|
||||
return sendContent(ex,new JSONObject(session.user().map(false)));
|
||||
}
|
||||
|
||||
private boolean updatePassword(HttpExchange ex, Session session) throws IOException {
|
||||
@@ -126,13 +138,15 @@ public class Backend extends PathHandler {
|
||||
if (!uuid.equals(user.uuid())) {
|
||||
return sendEmptyResponse(HTTP_FORBIDDEN, ex);
|
||||
}
|
||||
var oldPass = json.getJSONArray("oldpass");
|
||||
var oldPass1 = oldPass.getString(0);
|
||||
if (!oldPass1.equals(oldPass.getString(1))){
|
||||
var oldPass = json.getString("oldpass");
|
||||
if (!users.passwordMatches(oldPass,user.hashedPassword())) return sendError(ex,"wrong password");
|
||||
|
||||
var newpass = json.getJSONArray("newpass");
|
||||
var newPass1 = newpass.getString(0);
|
||||
if (!newPass1.equals(newpass.getString(1))){
|
||||
return sendError(ex,"password mismatch");
|
||||
}
|
||||
if (!users.passwordMatches(oldPass1,user.hashedPassword())) return sendError(ex,"wrong password");
|
||||
users.updatePassword(user,json.getString("newpass"));
|
||||
users.updatePassword(user,newPass1);
|
||||
return sendContent(ex,new JSONObject(user.map(false)));
|
||||
}
|
||||
|
||||
|
||||
@@ -143,6 +143,9 @@ public class FileStore implements ClientService, SessionService, UserService {
|
||||
|
||||
/*** Session Service Methods ***/
|
||||
|
||||
// TODO: prolong session on user activity
|
||||
// TODO: drop expired sessions
|
||||
|
||||
@Override
|
||||
public Session createSession(User user) {
|
||||
var now = Instant.now();
|
||||
@@ -152,7 +155,9 @@ public class FileStore implements ClientService, SessionService, UserService {
|
||||
|
||||
@Override
|
||||
public SessionService dropSession(String sessionId) {
|
||||
return null;
|
||||
json.getJSONObject(SESSIONS).remove(sessionId);
|
||||
save();
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
<title>Light OIDC</title>
|
||||
<script src="common.js"></script>
|
||||
<script src="login.js"></script>
|
||||
<link rel="stylesheet" href="style.css" />
|
||||
</head>
|
||||
<body>
|
||||
<h1>Login</h1>
|
||||
@@ -15,7 +16,7 @@
|
||||
</label>
|
||||
<label>
|
||||
Password
|
||||
<input type="password" id="password" />
|
||||
<input type="password" id="password" onkeydown="keyDown()"/>
|
||||
</label>
|
||||
<button type="button" onClick="tryLogin()">Login</button>
|
||||
</fieldset>
|
||||
|
||||
@@ -30,4 +30,8 @@ function tryLogin(){
|
||||
})
|
||||
}).then(handleLogin);
|
||||
return false;
|
||||
}
|
||||
|
||||
function keyDown(ev){
|
||||
if (event.keyCode == 13) tryLogin();
|
||||
}
|
||||
12
de.srsoftware.oidc.web/src/main/resources/en/logout.html
Normal file
12
de.srsoftware.oidc.web/src/main/resources/en/logout.html
Normal file
@@ -0,0 +1,12 @@
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Light OIDC</title>
|
||||
<script src="common.js"></script>
|
||||
<script src="logout.js"></script>
|
||||
<link rel="stylesheet" href="style.css" />
|
||||
</head>
|
||||
<body>
|
||||
You are being logged out…
|
||||
</body>
|
||||
</html>
|
||||
7
de.srsoftware.oidc.web/src/main/resources/en/logout.js
Normal file
7
de.srsoftware.oidc.web/src/main/resources/en/logout.js
Normal file
@@ -0,0 +1,7 @@
|
||||
function handleLogout(response){
|
||||
if (response.ok){
|
||||
document.body.innerHTML += 'success';
|
||||
document.location.href='index.html';
|
||||
}
|
||||
}
|
||||
fetch(api+"/logout").then(handleLogout)
|
||||
@@ -4,6 +4,7 @@
|
||||
<title>Light OIDC</title>
|
||||
<script src="common.js"></script>
|
||||
<script src="user.js"></script>
|
||||
<link rel="stylesheet" href="style.css" />
|
||||
</head>
|
||||
<body>
|
||||
<h1>Add new client</h1>
|
||||
|
||||
@@ -38,15 +38,15 @@
|
||||
<table>
|
||||
<tr>
|
||||
<th>Old password</th>
|
||||
<td><input id="oldpass1" type="password"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Repeat Password</th>
|
||||
<td><input id="oldpass2" type="password"></td>
|
||||
<td><input id="oldpass" type="password"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>New Password</th>
|
||||
<td><input id="newpass" type="password"></td>
|
||||
<td><input id="newpass1" type="password"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Repeat Password</th>
|
||||
<td><input id="newpass2" type="password" onkeydown="passKeyDown()"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<button id="passBtn" type="button" onClick="updatePass()">Update</button>
|
||||
|
||||
@@ -47,8 +47,8 @@ function updatePass(){
|
||||
disable('passBtn');
|
||||
setText('passBtn','sent…');
|
||||
var newData = {
|
||||
oldpass : [getValue('oldpass1'),getValue('oldpass2')],
|
||||
newpass : getValue('newpass'),
|
||||
oldpass : getValue('oldpass'),
|
||||
newpass : [getValue('newpass1'),getValue('newpass2')],
|
||||
uuid : getValue('uuid')
|
||||
}
|
||||
fetch(api+'/update/password',{
|
||||
@@ -65,4 +65,8 @@ function updatePass(){
|
||||
},10000);
|
||||
}
|
||||
|
||||
function passKeyDown(ev){
|
||||
if (event.keyCode == 13) updatePass();
|
||||
}
|
||||
|
||||
setTimeout(fillForm,100);
|
||||
Reference in New Issue
Block a user