From 2b8de7a3207dcab9a9fe1964da82e22431862a81 Mon Sep 17 00:00:00 2001 From: Wanda Date: Tue, 19 Nov 2024 21:49:07 +0700 Subject: [PATCH] perbaikan handling static token dan respon --- .../gateway/span/config/JwtAuthFilter.java | 2 +- .../span/controllers/AuthController.java | 28 ++++++++++--------- .../gateway/span/models/AuthResponse.java | 4 +-- .../span/services/HttpClientService.java | 11 ++++++-- .../gateway/span/services/JwtService.java | 13 ++++----- 5 files changed, 31 insertions(+), 27 deletions(-) diff --git a/src/main/java/id/co/anaheim/gateway/span/config/JwtAuthFilter.java b/src/main/java/id/co/anaheim/gateway/span/config/JwtAuthFilter.java index 6948cde..d1cf1aa 100644 --- a/src/main/java/id/co/anaheim/gateway/span/config/JwtAuthFilter.java +++ b/src/main/java/id/co/anaheim/gateway/span/config/JwtAuthFilter.java @@ -84,7 +84,7 @@ public class JwtAuthFilter extends OncePerRequestFilter { } } else { HashMap map = new HashMap<>(); - map.put("message", "Authorization header is missing"); + map.put("message", "Tidak ada authorization header"); Gson gson = new Gson(); response.setStatus(HttpServletResponse.SC_FORBIDDEN); response.setContentType("application/json"); diff --git a/src/main/java/id/co/anaheim/gateway/span/controllers/AuthController.java b/src/main/java/id/co/anaheim/gateway/span/controllers/AuthController.java index 5b969d2..1492a14 100644 --- a/src/main/java/id/co/anaheim/gateway/span/controllers/AuthController.java +++ b/src/main/java/id/co/anaheim/gateway/span/controllers/AuthController.java @@ -3,6 +3,7 @@ package id.co.anaheim.gateway.span.controllers; import at.favre.lib.crypto.bcrypt.BCrypt; import id.co.anaheim.gateway.span.models.AuthDto; import id.co.anaheim.gateway.span.models.AuthResponse; +import id.co.anaheim.gateway.span.models.JwtExpiration; import id.co.anaheim.gateway.span.models.User; import id.co.anaheim.gateway.span.repositories.UserRepository; import id.co.anaheim.gateway.span.repositories.jdbc.JdbcUserRepository; @@ -14,6 +15,8 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; +import java.text.SimpleDateFormat; + @RestController @RequestMapping("/auth") public class AuthController { @@ -30,19 +33,20 @@ public class AuthController { AuthResponse response = new AuthResponse(); User user = repository.findByUsername(authDto.getUsername()); if (user == null) { - response.setMessage("User not found"); - response.setStatus(false); + response.setMessage("Pengguna tidak ditemukan"); } else { BCrypt.Result result = BCrypt.verifyer().verify(authDto.getPassword().toCharArray(), user.getPassword()); if (result.verified) { - response.setMessage("Success"); - response.setStatus(true); - response.setUser(user); + response.setMessage("Berhasil masuk"); + response.setId(user.getId()); String token = jwtService.generateToken(user); response.setToken(token); + JwtExpiration jwtExpiration = jwtService.extractExpiration(token); + SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + response.setTokenExpiration(dateFormat.format(jwtExpiration.getValue())); } else { - response.setMessage("Invalid passwod"); - response.setStatus(false); + response.setMessage("Password tidak sesuai"); + } } return ResponseEntity.ok(response); @@ -62,14 +66,12 @@ public class AuthController { user.setRole("ADMIN"); repository.create(user); - response.setMessage("Success"); - response.setStatus(true); - response.setUser(user); + response.setMessage("Pendaftaran berhasil"); + response.setId(user.getId()); return ResponseEntity.ok(response); } - response.setStatus(false); - response.setMessage("User already exist"); - response.setUser(user); + response.setMessage("Pengguna dengan username admin sudah ada"); + response.setId(user.getId()); return ResponseEntity.ok(response); } } diff --git a/src/main/java/id/co/anaheim/gateway/span/models/AuthResponse.java b/src/main/java/id/co/anaheim/gateway/span/models/AuthResponse.java index 8edfb77..9057c8f 100644 --- a/src/main/java/id/co/anaheim/gateway/span/models/AuthResponse.java +++ b/src/main/java/id/co/anaheim/gateway/span/models/AuthResponse.java @@ -4,8 +4,8 @@ import lombok.Data; @Data public class AuthResponse { - private User user; + private String id; private String token; private String message; - private boolean status; + private String tokenExpiration; } diff --git a/src/main/java/id/co/anaheim/gateway/span/services/HttpClientService.java b/src/main/java/id/co/anaheim/gateway/span/services/HttpClientService.java index 26b9ee8..a0a52bc 100644 --- a/src/main/java/id/co/anaheim/gateway/span/services/HttpClientService.java +++ b/src/main/java/id/co/anaheim/gateway/span/services/HttpClientService.java @@ -1,5 +1,6 @@ package id.co.anaheim.gateway.span.services; +import id.co.anaheim.gateway.span.models.JwtUsername; import lombok.extern.slf4j.Slf4j; import org.asynchttpclient.AsyncHttpClient; import org.asynchttpclient.BoundRequestBuilder; @@ -50,10 +51,14 @@ public class HttpClientService { if (!request.headers().header("Authorization").isEmpty()) { String authorizationHeader = request.headers().header("Authorization").get(0); String token = authorizationHeader.substring(7); - String staticToken = jwtService.extractStaticToken(token); - if (!staticToken.equals("admin")) { - boundRequestBuilder.addHeader("token", staticToken); + JwtUsername username = jwtService.extractUsername(token); + if (username.isValid() && !username.getValue().equals("admin")) { + String staticToken = jwtService.extractStaticToken(token); + if (staticToken != null) { + boundRequestBuilder.addHeader("token", staticToken); + } } + } Future whenResponse = boundRequestBuilder .execute(); diff --git a/src/main/java/id/co/anaheim/gateway/span/services/JwtService.java b/src/main/java/id/co/anaheim/gateway/span/services/JwtService.java index 178b688..285f5b1 100644 --- a/src/main/java/id/co/anaheim/gateway/span/services/JwtService.java +++ b/src/main/java/id/co/anaheim/gateway/span/services/JwtService.java @@ -52,11 +52,8 @@ public class JwtService { StaticToken staticToken = gson.fromJson(responseBody, StaticToken.class); if (staticToken != null) { claims.put("token", staticToken.getToken()); - } else { - claims.put("token", "admin"); } } catch (IOException | ExecutionException | InterruptedException e) { - claims.put("token", "admin"); log.error("error get token", e); } log.info("here"); @@ -109,19 +106,19 @@ public class JwtService { return JwtValidationResult.builder().valid(true).claims(claims).message(message).build(); } catch (MalformedJwtException e) { log.error("Invalid JWT token: {}", e.getMessage()); - message = "Invalid JWT token"; + message = "JWT token tidak sesuai"; } catch (ExpiredJwtException e) { log.error("JWT token is expired: {}", e.getMessage()); - message = "JWT token is expired"; + message = "JWT token telah kadaluarsa"; } catch (UnsupportedJwtException e) { log.error("JWT token is unsupported: {}", e.getMessage()); - message = "JWT token is unsupported"; + message = "JWT token tidak didukung"; } catch (IllegalArgumentException e) { log.error("JWT claims string is empty: {}", e.getMessage()); - message = "JWT claims string is empty"; + message = "String JWT claims kosong"; } catch (Exception e){ log.error("Invalid JWT token"); - message = "Invalid JWT token"; + message = "JWT token tidak sesuai"; } return JwtValidationResult.builder().valid(false).message(message).build(); }