Avoid an issue when a token is outdated and users want to login

ls1intum · Dec 22, 2024 · 0174c86 · 0174c86
1 parent ae42352
commit 0174c86
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 23 deletions.
diff --git a/src/main/java/de/tum/cit/aet/GeneratedByJHipster.java b/src/main/java/de/tum/cit/aet/GeneratedByJHipster.java
diff --git a/src/main/java/de/tum/cit/aet/service/simulation/SimulationScheduleService.java b/src/main/java/de/tum/cit/aet/service/simulation/SimulationScheduleService.java
@@ -145,8 +145,8 @@ public void unsubscribeFromSchedule(String key) {
      */
     @Scheduled(fixedRate = 1000 * 60, initialDelay = 0)
     void executeScheduledSimulations() {
-        log.info("Executing scheduled simulation runs");
-        var simulationSchedules = simulationScheduleRepository.findAll();
+        final var simulationSchedules = simulationScheduleRepository.findAll();
+        log.info("Executing {} scheduled simulation runs", simulationSchedules.size());
         simulationSchedules
             .stream()
             .filter(simulationSchedule -> simulationSchedule.getNextRun().isBefore(now()))

diff --git a/src/main/java/de/tum/cit/aet/web/rest/AuthenticateController.java b/src/main/java/de/tum/cit/aet/web/rest/AuthenticateController.java
@@ -79,12 +79,8 @@ public String createToken(Authentication authentication, boolean rememberMe) {
         String authorities = authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.joining(" "));
 
         Instant now = Instant.now();
-        Instant validity;
-        if (rememberMe) {
-            validity = now.plus(this.tokenValidityInSecondsForRememberMe, ChronoUnit.SECONDS);
-        } else {
-            validity = now.plus(this.tokenValidityInSeconds, ChronoUnit.SECONDS);
-        }
+        long amountToAdd = rememberMe ? this.tokenValidityInSecondsForRememberMe : this.tokenValidityInSeconds;
+        Instant validity = now.plus(amountToAdd, ChronoUnit.SECONDS);
 
         // @formatter:off
         JwtClaimsSet claims = JwtClaimsSet.builder()
@@ -93,11 +89,11 @@ public String createToken(Authentication authentication, boolean rememberMe) {
             .subject(authentication.getName())
             .claim(AUTHORITIES_KEY, authorities)
             .build();
+        // @formatter:on
 
         JwsHeader jwsHeader = JwsHeader.with(JWT_ALGORITHM).build();
         return this.jwtEncoder.encode(JwtEncoderParameters.from(jwsHeader, claims)).getTokenValue();
     }
 
-    public record JWTToken(@JsonProperty("id_token") String idToken) {
-    }
+    public record JWTToken(@JsonProperty("id_token") String idToken) {}
 }
diff --git a/src/main/webapp/app/core/interceptor/auth.interceptor.ts b/src/main/webapp/app/core/interceptor/auth.interceptor.ts
@@ -14,9 +14,15 @@ export class AuthInterceptor implements HttpInterceptor {
 
   intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
     const serverApiUrl = this.applicationConfigService.getEndpointFor('');
+
     if (!request.url || (request.url.startsWith('http') && !(serverApiUrl && request.url.startsWith(serverApiUrl)))) {
       return next.handle(request);
     }
+    // NOTE: do not add the token to requests that do not expect it (e.g. authenticate or forget password)
+    const allowedUrls = ['/authenticate', '/account/reset-password/init', '/account/reset-password/finish'];
+    if (allowedUrls.some(url => request.url.endsWith(url))) {
+      return next.handle(request);
+    }
 
     const token: string | null = this.stateStorageService.getAuthenticationToken();
     if (token) {