suspend coroutines

2025-02-28 01:17:52 +03:00
parent 35090b946d
commit db0ada5ee8
13 changed files with 1099 additions and 1184 deletions
--- a/src/main/kotlin/space/luminic/budgerapp/configs/BearerTokenFilter.kt
+++ b/src/main/kotlin/space/luminic/budgerapp/configs/BearerTokenFilter.kt
@@ -1,16 +1,11 @@
 package space.luminic.budgerapp.configs

+import kotlinx.coroutines.reactor.mono
 import org.slf4j.LoggerFactory
 import org.springframework.http.HttpHeaders
-import org.springframework.http.HttpMethod
-import org.springframework.http.HttpStatus
-import org.springframework.security.authentication.BadCredentialsException
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-import org.springframework.security.core.AuthenticationException
-import org.springframework.security.core.GrantedAuthority
 import org.springframework.security.core.authority.SimpleGrantedAuthority
 import org.springframework.security.core.context.ReactiveSecurityContextHolder
-import org.springframework.security.core.context.SecurityContext
 import org.springframework.security.core.context.SecurityContextImpl
 import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
 import org.springframework.stereotype.Component
@@ -23,37 +18,36 @@ import space.luminic.budgerapp.services.AuthService
 class BearerTokenFilter(private val authService: AuthService) : SecurityContextServerWebExchangeWebFilter() {
    private val logger = LoggerFactory.getLogger(BearerTokenFilter::class.java)

+
+
    override fun filter(exchange: ServerWebExchange, chain: WebFilterChain): Mono<Void> {
        val token = exchange.request.headers.getFirst(HttpHeaders.AUTHORIZATION)?.removePrefix("Bearer ")

-        if (exchange.request.path.value() in listOf("/api/auth/login","/api/auth/register", "/api/auth/tgLogin") || exchange.request.path.value()
-                .startsWith("/api/actuator")
+        if (exchange.request.path.value() in listOf(
+                "/api/auth/login",
+                "/api/auth/register",
+                "/api/auth/tgLogin"
+            ) || exchange.request.path.value().startsWith("/api/actuator")
        ) {
            return chain.filter(exchange)
        }

        return if (token != null) {
-            authService.isTokenValid(token)
-                .flatMap { userDetails ->
-                    val authorities = userDetails.roles.map { SimpleGrantedAuthority(it) }
-                    val securityContext = SecurityContextImpl(
-                        UsernamePasswordAuthenticationToken(
-                            userDetails.username, null, authorities
-                        )
-                    )
-                    chain.filter(exchange)
-                        .contextWrite(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext)))
-                }
-                .onErrorMap(AuthException::class.java) { ex ->
-                    BadCredentialsException(ex.message ?: "Unauthorized")
-                }
-
+            mono {
+                val userDetails = authService.isTokenValid(token) // suspend вызов
+                val authorities = userDetails.roles.map { SimpleGrantedAuthority(it) }
+                val securityContext = SecurityContextImpl(
+                    UsernamePasswordAuthenticationToken(userDetails.username, null, authorities)
+                )
+                securityContext
+            }.flatMap { securityContext ->
+                chain.filter(exchange)
+                    .contextWrite(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext)))
+            }
        } else {
            Mono.error(AuthException("Authorization token is missing"))
        }
    }
-
-
 }