Commit ed185a3a authored by Jie Yuan's avatar Jie Yuan
Browse files

add delete mapping for /api/auth/api-token

parent 8a6d2455
......@@ -14,6 +14,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
......@@ -177,6 +178,44 @@ public class AuthController {
@DeleteMapping("/api-token")
@PreAuthorize("hasAuthority('ADMIN') or hasAuthority('USER') ")
@Transactional
@Modifying
public ResponseEntity<?> deleteAPIToken(Principal currentUser ) {
if ( currentUser.getName() == null ) {
return ResponseEntity.ok(HttpStatus.NON_AUTHORITATIVE_INFORMATION);
}
//System.out.print(currentUser.getName() + "....................**..\n");
UserInfo tmp = this.userRepository.findByUsername(currentUser.getName());
Long tmpId = tmp.getId();
UserCreatedToken atoken = tokenRepo.findOne(tmpId);
if ( atoken == null) {
return ResponseEntity.ok(HttpStatus.NO_CONTENT);
} else {
Claims claims = Jwts.parser()
.setSigningKey(jwtSecret)
.parseClaimsJws(atoken.getToken())
.getBody();
String id = claims.getSubject();
userRepository.deleteById(Long.valueOf(id));
tokenRepo.delete(tmpId);
userRepository.flush();
tokenRepo.flush();
return ResponseEntity.ok(HttpStatus.ACCEPTED);
}
}
@GetMapping("/api-token")
@PreAuthorize("hasAuthority('ADMIN') or hasAuthority('USER') ")
public ResponseEntity<UserCreatedToken> getAPIToken(Principal currentUser ) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment