package net.pterodactylus.sone.web.ajax;
-import java.util.UUID;
-
import net.pterodactylus.sone.data.Sone;
import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.sone.web.page.Page;
* session
*/
protected Session getCurrentSession(ToadletContext toadletContenxt) {
- return getCurrentSession(toadletContenxt, true);
+ return webInterface.getCurrentSession(toadletContenxt);
}
/**
* session
*/
protected Session getCurrentSession(ToadletContext toadletContenxt, boolean create) {
- try {
- Session session = webInterface.getSessionManager().useSession(toadletContenxt);
- if (create && (session == null)) {
- session = webInterface.getSessionManager().createSession(UUID.randomUUID().toString(), toadletContenxt);
- }
- return session;
- } catch (freenet.clients.http.RedirectException re1) {
- return null;
- }
+ return webInterface.getCurrentSession(toadletContenxt, create);
}
/**
* currently logged in
*/
protected Sone getCurrentSone(ToadletContext toadletContext) {
- Session session = getCurrentSession(toadletContext);
- if (session == null) {
- return null;
- }
- String soneId = (String) session.getAttribute("Sone.CurrentSone");
- if (soneId == null) {
- return null;
- }
- return webInterface.getCore().getLocalSone(soneId, false);
+ return webInterface.getCurrentSone(toadletContext);
+ }
+
+ /**
+ * Returns the currently logged in Sone.
+ *
+ * @param toadletContext
+ * The toadlet context
+ * @param create
+ * {@code true} to create a new session if no session exists,
+ * {@code false} to not create a new session
+ * @return The currently logged in Sone, or {@code null} if no Sone is
+ * currently logged in
+ */
+ protected Sone getCurrentSone(ToadletContext toadletContext, boolean create) {
+ return webInterface.getCurrentSone(toadletContext, create);
}
//
return true;
}
+ /**
+ * Returns whether this page requires the user to be logged in.
+ *
+ * @return {@code true} if the user needs to be logged in to use this page,
+ * {@code false} otherwise
+ */
+ protected boolean requiresLogin() {
+ return true;
+ }
+
//
// PROTECTED METHODS
//
*/
@Override
public Response handleRequest(Request request) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !request.getToadletContext().isAllowedFullAccess()) {
+ return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+ }
if (needsFormPassword()) {
String formPassword = request.getHttpRequest().getParam("formPassword");
if (!webInterface.getFormPassword().equals(formPassword)) {
return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
}
}
+ if (requiresLogin()) {
+ if (getCurrentSone(request.getToadletContext(), false) == null) {
+ return new Response(401, "Not authorized", "application/json", JsonUtils.format(createErrorJsonObject("auth-required")));
+ }
+ }
JsonObject jsonObject = createJsonObject(request);
return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
}
projects / Sone.git / blobdiff