From 79b85ff51e850cb41786fa58c9e8e8289953ca75 Mon Sep 17 00:00:00 2001
From: Sonia Zorba <sonia.zorba@inaf.it>
Date: Mon, 18 Jan 2021 14:53:07 +0100
Subject: [PATCH] Added PreLoginFilter for destroying current session before
 login

---
 .../inaf/ia2/vospace/ui/PreLoginFilter.java   | 26 +++++++++++++++++++
 .../ia2/vospace/ui/VOSpaceUiApplication.java  | 10 +++++++
 .../ui/{ => exception}/VOSpaceException.java  |  0
 3 files changed, 36 insertions(+)
 create mode 100644 vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/PreLoginFilter.java
 rename vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/{ => exception}/VOSpaceException.java (100%)

diff --git a/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/PreLoginFilter.java b/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/PreLoginFilter.java
new file mode 100644
index 0000000..182cd64
--- /dev/null
+++ b/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/PreLoginFilter.java
@@ -0,0 +1,26 @@
+package it.inaf.ia2.vospace.ui;
+
+import java.io.IOException;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+/**
+ * Destroys the current session before a new login.
+ */
+public class PreLoginFilter implements Filter {
+
+    @Override
+    public void doFilter(ServletRequest req, ServletResponse res, FilterChain fc) throws IOException, ServletException {
+        HttpServletRequest request = (HttpServletRequest) req;
+        HttpSession session = request.getSession();
+        if (session != null && request.getParameter("code") == null) {
+            session.invalidate();
+        }
+        fc.doFilter(req, res);
+    }
+}
diff --git a/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceUiApplication.java b/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceUiApplication.java
index 8e4be47..461d692 100644
--- a/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceUiApplication.java
+++ b/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceUiApplication.java
@@ -8,6 +8,7 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
+import org.springframework.core.Ordered;
 
 @SpringBootApplication
 public class VOSpaceUiApplication {
@@ -16,6 +17,15 @@ public class VOSpaceUiApplication {
         SpringApplication.run(VOSpaceUiApplication.class, args);
     }
 
+    @Bean
+    public FilterRegistrationBean preLoginFilterRegistration() {
+        FilterRegistrationBean bean = new FilterRegistrationBean();
+        bean.setFilter(new PreLoginFilter());
+        bean.addUrlPatterns("/login");
+        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+        return bean;
+    }
+
     @Bean
     public FilterRegistrationBean loginFilterRegistration() {
         FilterRegistrationBean registration = new FilterRegistrationBean();
diff --git a/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceException.java b/vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/exception/VOSpaceException.java
similarity index 100%
rename from vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/VOSpaceException.java
rename to vospace-ui-backend/src/main/java/it/inaf/ia2/vospace/ui/exception/VOSpaceException.java
-- 
GitLab