dendi-wang/thingsboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #46 from thingsboard/master

Browse Source 
Detect https protocol in case of forwarding
This commit is contained in:
Andrew Shvayka 2017-02-07 10:33:47 +02:00 committed by GitHub
commit de7b5ff994
2 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
application/src/main/java/org/thingsboard/server/controller/AuthController.java
View File

@ -124,9 +124,12 @@ public class AuthController extends BaseController {
HttpServletRequest request) throws ThingsboardException { HttpServletRequest request) throws ThingsboardException {
try { try {
UserCredentials userCredentials = userService.requestPasswordReset(email); UserCredentials userCredentials = userService.requestPasswordReset(email);
String scheme = request.getScheme();
if (request.getHeader("x-forwarded-proto") != null) {
scheme = request.getHeader("x-forwarded-proto");
}
String baseUrl = String.format("%s://%s:%d", String baseUrl = String.format("%s://%s:%d",
request.getScheme(), scheme,
request.getServerName(), request.getServerName(),
request.getServerPort()); request.getServerPort());
String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl,
@ -172,8 +175,12 @@ public class AuthController extends BaseController {
UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword); UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
User user = userService.findUserById(credentials.getUserId()); User user = userService.findUserById(credentials.getUserId());
SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled()); SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled());
String scheme = request.getScheme();
if (request.getHeader("x-forwarded-proto") != null) {
scheme = request.getHeader("x-forwarded-proto");
}
String baseUrl = String.format("%s://%s:%d", String baseUrl = String.format("%s://%s:%d",
request.getScheme(), scheme,
request.getServerName(), request.getServerName(),
request.getServerPort()); request.getServerPort());
String loginUrl = String.format("%s/login", baseUrl); String loginUrl = String.format("%s/login", baseUrl);
@ -209,8 +216,12 @@ public class AuthController extends BaseController {
userCredentials = userService.saveUserCredentials(userCredentials); userCredentials = userService.saveUserCredentials(userCredentials);
User user = userService.findUserById(userCredentials.getUserId()); User user = userService.findUserById(userCredentials.getUserId());
SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled()); SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled());
String scheme = request.getScheme();
if (request.getHeader("x-forwarded-proto") != null) {
scheme = request.getHeader("x-forwarded-proto");
}
String baseUrl = String.format("%s://%s:%d", String baseUrl = String.format("%s://%s:%d",
request.getScheme(), scheme,
request.getServerName(), request.getServerName(),
request.getServerPort()); request.getServerPort());
String loginUrl = String.format("%s/login", baseUrl); String loginUrl = String.format("%s/login", baseUrl);

12
application/src/main/java/org/thingsboard/server/controller/UserController.java
View File

@ -77,8 +77,12 @@ public class UserController extends BaseController {
User savedUser = checkNotNull(userService.saveUser(user)); User savedUser = checkNotNull(userService.saveUser(user));
if (sendEmail) { if (sendEmail) {
UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId()); UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId());
String scheme = request.getScheme();
if (request.getHeader("x-forwarded-proto") != null) {
scheme = request.getHeader("x-forwarded-proto");
}
String baseUrl = String.format("%s://%s:%d", String baseUrl = String.format("%s://%s:%d",
request.getScheme(), scheme,
request.getServerName(), request.getServerName(),
request.getServerPort()); request.getServerPort());
String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,
@ -107,8 +111,12 @@ public class UserController extends BaseController {
User user = checkNotNull(userService.findUserByEmail(email)); User user = checkNotNull(userService.findUserByEmail(email));
UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId()); UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId());
if (!userCredentials.isEnabled()) { if (!userCredentials.isEnabled()) {
String scheme = request.getScheme();
if (request.getHeader("x-forwarded-proto") != null) {
scheme = request.getHeader("x-forwarded-proto");
}
String baseUrl = String.format("%s://%s:%d", String baseUrl = String.format("%s://%s:%d",
request.getScheme(), scheme,
request.getServerName(), request.getServerName(),
request.getServerPort()); request.getServerPort());
String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,