Commit 7db5a82d authored by Larbi Gharib's avatar Larbi Gharib
Browse files

Fix login error

Change-Id: I20d50d9fc1569bf552263bada4eb899128a02a09
parent 4d0ef143
......@@ -63,6 +63,9 @@ class Auth {
}
cb()
}).catch((error) => {
this.setJWT("");
this.setUsername("");
this.authenticated = false;
cb(error)
});
}
......@@ -116,7 +119,7 @@ class Auth {
});
}
isServerInstalled(cb) {
checkServerInstalled(cb) {
axios(configApiCall(api_path_get_server_status, "GET", null, null)).then((response) => {
if (response.data['installed'] === 'true') {
this.installed = true
......@@ -195,6 +198,10 @@ class Auth {
return this.activated;
}
isServerInstalled() {
return this.installed;
}
isUpdateAvailable() {
return this.updateAvailable;
}
......
......@@ -40,7 +40,7 @@ import "assets/css/material-dashboard-react.css?v=1.9.0";
import "./i18n";
const hist = createBrowserHistory();
auth.isServerInstalled(() => {
auth.checkServerInstalled(() => {
auth.checkAdminAccountStatus(() => {
auth.checkLastKnownStep(() => {
ReactDOM.render(
......
......@@ -93,7 +93,7 @@ export default function SignIn(props) {
if (auth.authenticated && auth.access_token !== "") {
auth.checkLastKnownStep(() => {
auth.checkDirectoryType(() => {
if (auth.isInstalled) {
if (auth.isServerInstalled()) {
if(auth.hasAdminScope())
history.push("/users");
else {
......
......@@ -42,6 +42,9 @@ import net.jami.jams.common.objects.user.User;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import static net.jami.jams.server.servlets.api.auth.login.AuthRequestProcessor.processUsernamePasswordAuth;
import static net.jami.jams.server.servlets.api.auth.login.AuthRequestProcessor.processX509Auth;
......@@ -83,10 +86,12 @@ public class LoginServlet extends HttpServlet {
StatementList statementList = new StatementList();
StatementElement statementElement = new StatementElement("username", "=", object.getUsername(), "");
statementList.addStatement(statementElement);
User user = dataStore.getUserDao().getObjects(statementList).get(0);
if(!user.getAccessLevelName().equals("ADMIN") && certificateAuthority.getLatestCRL().get() != null) {
if(certificateAuthority.getLatestCRL().get().getRevokedCertificate(user.getCertificate().getSerialNumber()) != null)
TomcatCustomErrorHandler.sendCustomError(resp, 401, "Invalid credentials provided!");
List<User> users = dataStore.getUserDao().getObjects(statementList);
if( users.size() !=0 &&
certificateAuthority.getLatestCRL().get() != null &&
!users.get(0).getAccessLevelName().equals("ADMIN") &&
certificateAuthority.getLatestCRL().get().getRevokedCertificate(users.get(0).getCertificate().getSerialNumber()) != null) {
TomcatCustomErrorHandler.sendCustomError(resp, 401, "Invalid credentials provided!");
}
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment