axel/FocusAgenda
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: corrige erro de permissao no login

Browse Source 
- Adiciona try-catch no loadUserByUsername do FiltroJwt para
  evitar 500 quando token referencia usuario deletado
- Expande shouldNotFilter para pular endpoints publicos e imagens
- Corrige login.html para limpar tokens expirados antes de
  redirecionar ao calendario, prevenindo redirect loop
This commit is contained in:
axel
2026-05-26 20:22:43 -03:00
parent ef20162351
commit 5f7a0f2c7a
2 changed files with 40 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/com/agendaestudantil/filtro/FiltroJwt.java
+14 -2
View File
@@ -5,6 +5,8 @@ import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
@@ -17,6 +19,8 @@ import java.io.IOException;
@Component
public class FiltroJwt extends OncePerRequestFilter {
private static final Logger log = LoggerFactory.getLogger(FiltroJwt.class);
private final UtilJwt utilJwt;
private final UserDetailsService userDetailsService;
@@ -30,8 +34,11 @@ public class FiltroJwt extends OncePerRequestFilter {
String path = request.getRequestURI();
return path.equals("/") || path.equals("/index.html") || path.equals("/favicon.ico")
|| path.startsWith("/static/") || path.startsWith("/css/") || path.startsWith("/js/")
|| path.startsWith("/img/") || path.endsWith(".css") || path.endsWith(".js")
|| path.endsWith(".ico") || path.endsWith(".html");
|| path.startsWith("/img/") || path.startsWith("/imagens/")
|| path.startsWith("/api/estudantes/login") || path.startsWith("/api/estudantes/cadastro")
|| path.endsWith(".css") || path.endsWith(".js")
|| path.endsWith(".ico") || path.endsWith(".html") || path.endsWith(".png")
|| path.endsWith(".svg");
}
@Override
@@ -50,10 +57,15 @@ public class FiltroJwt extends OncePerRequestFilter {
estudanteId = utilJwt.getEstudanteIdFromToken(token);
if (SecurityContextHolder.getContext().getAuthentication() == null) {
try {
UserDetails userDetails = userDetailsService.loadUserByUsername(estudanteId);
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
} catch (Exception e) {
log.warn("Falha ao carregar usuario do token (id={}): {}", estudanteId, e.getMessage());
SecurityContextHolder.clearContext();
}
}
}
src/main/resources/static/login.html
+20 -1
View File
@@ -40,13 +40,32 @@
(function () {
const params = new URLSearchParams(window.location.search);
if (params.get('sessao') === 'expirada') {
localStorage.removeItem('fa_token');
localStorage.removeItem('fa_user');
const erroEl = document.getElementById('mensagem-erro');
erroEl.textContent = 'Sua sessao expirou. Faca login novamente.';
erroEl.style.display = 'block';
return;
}
if (localStorage.getItem('fa_token')) {
const token = localStorage.getItem('fa_token');
if (token && token.split('.').length === 3) {
try {
const payload = JSON.parse(atob(token.split('.')[1]));
if (payload.exp && Date.now() >= payload.exp * 1000) {
localStorage.removeItem('fa_token');
localStorage.removeItem('fa_user');
} else {
window.location.href = 'calendario.html';
return;
}
} catch {
localStorage.removeItem('fa_token');
localStorage.removeItem('fa_user');
}
} else if (token) {
localStorage.removeItem('fa_token');
localStorage.removeItem('fa_user');
}
})();