InternalTokenInterceptor.java
- package com.sintia.ffl.admin.dentaire.api.interceptors;
- import com.sintia.ffl.admin.dentaire.api.exceptions.BadInternalTokenException;
- import lombok.extern.slf4j.Slf4j;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.stereotype.Component;
- import org.springframework.web.servlet.HandlerInterceptor;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- @Slf4j
- @Component
- public class InternalTokenInterceptor implements HandlerInterceptor {
- @Value("${app.internal-auth-token}")
- private String internalAuthToken;
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
- final String servletPath = request.getServletPath();
- if(servletPath.startsWith("/api")) {
- final String internalToken = request.getHeader("X-Internal-Token");
- if (internalToken == null || internalToken.isBlank() || !internalToken.equals(internalAuthToken)) {
- throw new BadInternalTokenException("Le token d'authentification interne est absent ou invalide");
- }
- }
- return HandlerInterceptor.super.preHandle(request, response, handler);
- }
- }