fixed cors on password reset

This commit is contained in:
Claudio Maggioni 2020-03-26 01:01:49 +01:00
parent 6c9e2a7d7d
commit 802cee52f8
2 changed files with 8 additions and 19 deletions

View file

@ -1,7 +1,6 @@
package ch.usi.inf.sa4.sanmarinoes.smarthut.config; package ch.usi.inf.sa4.sanmarinoes.smarthut.config;
import java.io.IOException; import java.io.IOException;
import java.util.List;
import javax.servlet.*; import javax.servlet.*;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -14,23 +13,13 @@ import org.springframework.stereotype.Component;
@Component @Component
public class CORSFilter implements Filter { public class CORSFilter implements Filter {
static void setCORSHeaders(HttpServletResponse response) { public static void setCORSHeaders(HttpServletResponse response) {
response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "HEAD, PUT, POST, GET, OPTIONS, DELETE"); response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Headers", "*");
response.setHeader( response.setHeader("Access-Control-Allow-Credentials", "true");
"Access-Control-Allow-Headers", response.setHeader("Access-Control-Expose-Headers", "*");
String.join( response.setHeader("Access-Control-Max-Age", "6".repeat(99));
",",
List.of(
"Access-Control-Allow-Headers",
"Origin",
"Accept",
"X-Requested-With",
"Authorization",
"Content-Type",
"Access-Control-Request-Method",
"Access-Control-Request-Headers")));
} }
@Override @Override

View file

@ -160,7 +160,7 @@ public class UserAccountController {
* @throws EmailTokenNotFoundException if given token is not a valid token for password reset * @throws EmailTokenNotFoundException if given token is not a valid token for password reset
*/ */
@PutMapping("/reset-password") @PutMapping("/reset-password")
public void resetPassword( public OkResponse resetPassword(
@Valid @RequestBody PasswordResetRequest resetRequest, @Valid @RequestBody PasswordResetRequest resetRequest,
final HttpServletResponse response) final HttpServletResponse response)
throws EmailTokenNotFoundException, IOException { throws EmailTokenNotFoundException, IOException {
@ -179,7 +179,7 @@ public class UserAccountController {
// Delete token to prevent further password changes // Delete token to prevent further password changes
confirmationTokenRepository.delete(token); confirmationTokenRepository.delete(token);
response.sendRedirect(emailConfig.getResetPasswordRedirect()); return new OkResponse();
} }
/** /**