Git Product home page Git Product logo

Comments (6)

melloware avatar melloware commented on May 20, 2024 1

I will let you know what they say on the chat.

from quarkus-faces.

melloware avatar melloware commented on May 20, 2024

Because Quarkus obsviously works differently than a normal EE container i am not surprised by this.

@tmulle asked this very question on this ticket how to programmtic "login" and I don't think it ever got answered as that topic morphed more into progammatic logout and the login question i am not sure was ever answered was it @tmulle?

Read this thread: quarkusio/quarkus#27389

from quarkus-faces.

melloware avatar melloware commented on May 20, 2024

@Ryaryu it might be worth opening another Quarkus ticket and reference that original ticket that was never answered about programmatic login?

I also asked the Devs on Zulip Chat as well: https://quarkusio.zulipchat.com/#narrow/stream/187038-dev/topic/j_security_check.20Programmatic.20Login.3F

from quarkus-faces.

Ryaryu avatar Ryaryu commented on May 20, 2024

Fair enough.

from quarkus-faces.

melloware avatar melloware commented on May 20, 2024

@Ryaryu can you post a small sample code of how you authenticate and logout with quarkus Faces? There are other users asking how to create a login form etc. we have an OIDC example from @tmulle but not a basic login form authentication example. Even snippets here will be fine?

from quarkus-faces.

Ryaryu avatar Ryaryu commented on May 20, 2024

Oh... sure.
I'm using a single Bean to handle both.

@Named
@RequestScoped
public class LoginController {

  @Getter
  @Setter
  String username;

  @Getter
  @Setter
  String password;

  @Inject
  FacesContext facesContext;

  @ConfigProperty(name = "quarkus.http.auth.form.cookie-name")
  String cookieName;

  /**
  * Clear cookieName and redirects to my login page (/login.xhtml)
  */
  public String logout() {
    var fcResponse = (HttpServletResponse) facesContext.getExternalContext().getResponse();
    var cookie = new Cookie(cookieName, "");
    cookie.setMaxAge(0);
    fcResponse.addCookie(cookie);
    return "/login.xhtml?faces-redirect=true";
  }

  public void login() {
    try {
      var request = (HttpServletRequest) facesContext.getExternalContext().getRequest();

      generateCookie(request);

      // redirect to your main page.
      facesContext.getExternalContext().redirect("/principal.xhtml");
    } catch (Exception ex) {
      // do something?
    }
  }

  /**
   * Here we just replace the login form partial URL (in my case /login.xhtml) with /j_security_check
   * and make a request there so Quarkus can create the session cookie
   */
  private void generateCookie(HttpServletRequest request) throws IOException, InterruptedException {
    var securityCheckUrl = request.getRequestURL().toString()
        .replace("/login.xhtml", "/j_security_check");
    var response = jSecurityCheckRequest(securityCheckUrl);

    var fcResponse = (HttpServletResponse) facesContext.getExternalContext().getResponse();
    setCookie(response, fcResponse);
  }

  /**
  * Magic lies here.
  * We set the cookie generated by the /j_security_check request into the FacesContext response.
  */
  private void setCookie(HttpResponse<String> response, HttpServletResponse fcResponse) {
    var responseMap = response.headers().map();
    if (responseMap.containsKey("set-cookie")) {
      var cookieString = responseMap.get("set-cookie").get(0);
      var quarkusCookie = new Cookie(cookieName, cookieString.split("=")[1]);
      quarkusCookie.setMaxAge(8 * 60 * 60);
      quarkusCookie.setHttpOnly(true);
      fcResponse.addCookie(quarkusCookie);
    }
  }

  private HttpResponse<String> jSecurityCheckRequest(String securityCheckUrl)
      throws IOException, InterruptedException {
    var response = HttpClient.newHttpClient().send(HttpRequest.newBuilder()
        .uri(URI.create(securityCheckUrl))
        .POST(HttpRequest.BodyPublishers.ofString(
            "j_username=" + username + "&j_password=" + password))
        .header("Content-Type", "application/x-www-form-urlencoded")
        .build(), HttpResponse.BodyHandlers.ofString());
    return response;
  }

}

You can then call this bean from your xhtml freely, #{loginController.login()} or #{loginController.logout().

from quarkus-faces.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.