Allow auth verify/me to auto-create users
All checks were successful
build-and-deploy / build-deploy (push) Successful in 40s
All checks were successful
build-and-deploy / build-deploy (push) Successful in 40s
This commit is contained in:
androidlover5842
@@ -40,7 +40,7 @@ class FirebaseAuthFilter(
|
|||||||
}
|
}
|
||||||
val token = header.removePrefix("Bearer ").trim()
|
val token = header.removePrefix("Bearer ").trim()
|
||||||
try {
|
try {
|
||||||
val principal = authResolver.resolveFromToken(token, createIfMissing = false)
|
val principal = authResolver.resolveFromToken(token, createIfMissing = shouldAutoCreateUser(request))
|
||||||
val user = appUserRepo.findById(principal.userId).orElse(null)
|
val user = appUserRepo.findById(principal.userId).orElse(null)
|
||||||
logger.debug("Auth verified uid={}, userId={}", principal.firebaseUid, user?.id)
|
logger.debug("Auth verified uid={}, userId={}", principal.firebaseUid, user?.id)
|
||||||
val auth = UsernamePasswordAuthenticationToken(principal, token, emptyList())
|
val auth = UsernamePasswordAuthenticationToken(principal, token, emptyList())
|
||||||
@@ -51,4 +51,9 @@ class FirebaseAuthFilter(
|
|||||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid token")
|
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid token")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private fun shouldAutoCreateUser(request: HttpServletRequest): Boolean {
|
||||||
|
val path = request.requestURI
|
||||||
|
return path == "/auth/verify" || path == "/auth/me"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user