Correciones

de2ba4b5 · Percy Quispe · 95cd8819 · de2ba4b5
Commit de2ba4b5 authored Apr 23, 2018 by Percy Quispe
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 6 deletions

RequestFilter.java src/java/demojsoncrud/servlets/RequestFilter.java +19 -6

No files found.
--- a/src/java/demojsoncrud/servlets/RequestFilter.java
+++ b/src/java/demojsoncrud/servlets/RequestFilter.java
@@ -47,14 +47,26 @@ public class RequestFilter implements Filter, ServletContextListener {
            String js = request.getContextPath() + "/js";
            String url = String.valueOf(request.getRequestURL());
-            if (url.contains(login) || url.contains(plantilla) || url.contains(js)|| url.contains("index.jsp")||url.contains("main.jsp")
+            if (url.contains(login) || url.contains(plantilla) || url.contains(js)|| url.contains("index.jsp")||url.contains("main.jsp")) {
-                    || url.contains(BASE)) {
                chain.doFilter(request, response);
            } else {
-                String auth = request.getHeader("Authorization");
+                JSONObject valid = null;
+                String auth = "";
+                if(url.contains(".jsp")){
+                    auth = request.getHeader("Cookie");  
+                    if(auth.contains("Bearer")){
+                        String[] parts = auth.split(";");
+                        String authorization = parts[0];
+                        parts = authorization.split("%20");
+                        auth = "Bearer "+parts[1];
+                        System.out.println(auth);
+                    }
+                }else{
+                    auth = request.getHeader("Authorization");  
+                }
                PostRequest postRequest = new PostRequest(urlRequested);
                respuesta = postRequest.getRespueta(auth);
-                JSONObject valid = new JSONObject(respuesta);
+                valid = new JSONObject(respuesta);
                if (valid.getBoolean("status")) {
                    JSONObject menu=new JSONObject(valid.getString("menu"));//Obtiene el menu
                    JSONArray views = new JSONArray(menu.get("vistas").toString());//Obtiene las vistas disponibles del usuario
@@ -62,12 +74,13 @@ public class RequestFilter implements Filter, ServletContextListener {
                    String ruta = request.getRequestURI();
                    int indice = obtenerIndex(ruta);
                    String rutaJsp = ruta.substring(indice, ruta.length());
+                    if(url.contains(".jsp")){
                        boolean acceso = false;
                        for(Object vista :views){
                            System.out.println("Vista : "+vista +"rutaJSP : "+rutaJsp);
                            if(vista.toString().equalsIgnoreCase(rutaJsp)){
                                acceso=true;
+                                break;
                            }
                        }
                        if(!acceso){
@@ -77,7 +90,7 @@ public class RequestFilter implements Filter, ServletContextListener {
                            builder = Response.status(Response.Status.UNAUTHORIZED).entity(response);
                            throw new WebApplicationException(builder.build());
                        }
+                    }
 //                    List<String> views = (List<String>) ;
                    chain.doFilter(request, response);
                } else {