简柏林 / thingskit · Commits

Commit d751ace71cabc64ab16b1286693c579a1487fbdf

Authored by Igor Kulikov
1 parent efb03e49

Use x-forwarded-port header to detect base URL port.

Inline Side-by-side
Showing 3 changed files with 25 additions and 40 deletions
@@ -124,14 +124,7 @@ public class AuthController extends BaseController { @@ -124,14 +124,7 @@ public class AuthController extends BaseController {
124 HttpServletRequest request) throws ThingsboardException { 124 HttpServletRequest request) throws ThingsboardException {
125 try { 125 try {
126 UserCredentials userCredentials = userService.requestPasswordReset(email); 126 UserCredentials userCredentials = userService.requestPasswordReset(email);
127 - String scheme = request.getScheme();  
128 - if (request.getHeader("x-forwarded-proto") != null) {  
129 - scheme = request.getHeader("x-forwarded-proto");  
130 - }  
131 - String baseUrl = String.format("%s://%s:%d",  
132 - scheme,  
133 - request.getServerName(),  
134 - request.getServerPort()); 127 + String baseUrl = constructBaseUrl(request);
135 String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, 128 String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl,
136 userCredentials.getResetToken()); 129 userCredentials.getResetToken());
137 130
@@ -175,14 +168,7 @@ public class AuthController extends BaseController { @@ -175,14 +168,7 @@ public class AuthController extends BaseController {
175 UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword); 168 UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
176 User user = userService.findUserById(credentials.getUserId()); 169 User user = userService.findUserById(credentials.getUserId());
177 SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled()); 170 SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled());
178 - String scheme = request.getScheme();  
179 - if (request.getHeader("x-forwarded-proto") != null) {  
180 - scheme = request.getHeader("x-forwarded-proto");  
181 - }  
182 - String baseUrl = String.format("%s://%s:%d",  
183 - scheme,  
184 - request.getServerName(),  
185 - request.getServerPort()); 171 + String baseUrl = constructBaseUrl(request);
186 String loginUrl = String.format("%s/login", baseUrl); 172 String loginUrl = String.format("%s/login", baseUrl);
187 String email = user.getEmail(); 173 String email = user.getEmail();
188 mailService.sendAccountActivatedEmail(loginUrl, email); 174 mailService.sendAccountActivatedEmail(loginUrl, email);
@@ -216,14 +202,7 @@ public class AuthController extends BaseController { @@ -216,14 +202,7 @@ public class AuthController extends BaseController {
216 userCredentials = userService.saveUserCredentials(userCredentials); 202 userCredentials = userService.saveUserCredentials(userCredentials);
217 User user = userService.findUserById(userCredentials.getUserId()); 203 User user = userService.findUserById(userCredentials.getUserId());
218 SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled()); 204 SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled());
219 - String scheme = request.getScheme();  
220 - if (request.getHeader("x-forwarded-proto") != null) {  
221 - scheme = request.getHeader("x-forwarded-proto");  
222 - }  
223 - String baseUrl = String.format("%s://%s:%d",  
224 - scheme,  
225 - request.getServerName(),  
226 - request.getServerPort()); 205 + String baseUrl = constructBaseUrl(request);
227 String loginUrl = String.format("%s/login", baseUrl); 206 String loginUrl = String.format("%s/login", baseUrl);
228 String email = user.getEmail(); 207 String email = user.getEmail();
229 mailService.sendPasswordWasResetEmail(loginUrl, email); 208 mailService.sendPasswordWasResetEmail(loginUrl, email);
@@ -57,6 +57,7 @@ import org.thingsboard.server.service.component.ComponentDiscoveryService; @@ -57,6 +57,7 @@ import org.thingsboard.server.service.component.ComponentDiscoveryService;
57 import org.thingsboard.server.service.security.model.SecurityUser; 57 import org.thingsboard.server.service.security.model.SecurityUser;
58 58
59 import javax.mail.MessagingException; 59 import javax.mail.MessagingException;
  60 +import javax.servlet.http.HttpServletRequest;
60 import javax.servlet.http.HttpServletResponse; 61 import javax.servlet.http.HttpServletResponse;
61 import java.util.List; 62 import java.util.List;
62 import java.util.Optional; 63 import java.util.Optional;
@@ -381,4 +382,23 @@ public abstract class BaseController { @@ -381,4 +382,23 @@ public abstract class BaseController {
381 checkTenantId(rule.getTenantId()); 382 checkTenantId(rule.getTenantId());
382 return rule; 383 return rule;
383 } 384 }
  385 +
  386 + protected String constructBaseUrl(HttpServletRequest request) {
  387 + String scheme = request.getScheme();
  388 + if (request.getHeader("x-forwarded-proto") != null) {
  389 + scheme = request.getHeader("x-forwarded-proto");
  390 + }
  391 + int serverPort = request.getServerPort();
  392 + if (request.getHeader("x-forwarded-port") != null) {
  393 + try {
  394 + serverPort = request.getIntHeader("x-forwarded-port");
  395 + } catch (NumberFormatException e) {}
  396 + }
  397 +
  398 + String baseUrl = String.format("%s://%s:%d",
  399 + scheme,
  400 + request.getServerName(),
  401 + serverPort);
  402 + return baseUrl;
  403 + }
384 } 404 }
@@ -77,14 +77,7 @@ public class UserController extends BaseController { @@ -77,14 +77,7 @@ public class UserController extends BaseController {
77 User savedUser = checkNotNull(userService.saveUser(user)); 77 User savedUser = checkNotNull(userService.saveUser(user));
78 if (sendEmail) { 78 if (sendEmail) {
79 UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId()); 79 UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId());
80 - String scheme = request.getScheme();  
81 - if (request.getHeader("x-forwarded-proto") != null) {  
82 - scheme = request.getHeader("x-forwarded-proto");  
83 - }  
84 - String baseUrl = String.format("%s://%s:%d",  
85 - scheme,  
86 - request.getServerName(),  
87 - request.getServerPort()); 80 + String baseUrl = constructBaseUrl(request);
88 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, 81 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,
89 userCredentials.getActivateToken()); 82 userCredentials.getActivateToken());
90 String email = savedUser.getEmail(); 83 String email = savedUser.getEmail();
@@ -111,14 +104,7 @@ public class UserController extends BaseController { @@ -111,14 +104,7 @@ public class UserController extends BaseController {
111 User user = checkNotNull(userService.findUserByEmail(email)); 104 User user = checkNotNull(userService.findUserByEmail(email));
112 UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId()); 105 UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId());
113 if (!userCredentials.isEnabled()) { 106 if (!userCredentials.isEnabled()) {
114 - String scheme = request.getScheme();  
115 - if (request.getHeader("x-forwarded-proto") != null) {  
116 - scheme = request.getHeader("x-forwarded-proto");  
117 - }  
118 - String baseUrl = String.format("%s://%s:%d",  
119 - scheme,  
120 - request.getServerName(),  
121 - request.getServerPort()); 107 + String baseUrl = constructBaseUrl(request);
122 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, 108 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,
123 userCredentials.getActivateToken()); 109 userCredentials.getActivateToken());
124 mailService.sendActivationEmail(activateUrl, email); 110 mailService.sendActivationEmail(activateUrl, email);