Add server.address property and update issuer field in LoginController to use dynamic server address. Modify SQL query in PrivilegedUserMapper to simplify permissions retrieval.

2025-07-28 23:01:18 +02:00 · 2025-07-28 23:01:18 +02:00 · 343964eda8
parent 1ce2088cae
commit 343964eda8
5 changed files with 12 additions and 7 deletions
--- a/backend/src/main/java/com/alttd/altitudeweb/controllers/login/LoginController.java
+++ b/backend/src/main/java/com/alttd/altitudeweb/controllers/login/LoginController.java
@ -36,6 +36,9 @@ public class LoginController implements LoginApi {
    @Value("${login.secret:#{null}}")
    private String loginSecret;
    @Value("${server.address:#{null}}")
    private String serverAddress;
    private record CacheEntry(UUID uuid, Instant expiry) {}
    private static final ConcurrentMap<String, CacheEntry> cache = new ConcurrentHashMap<>();
@ -160,7 +163,7 @@ public class LoginController implements LoginApi {
            }
        }));
        JwtClaimsSet claims = JwtClaimsSet.builder()
-                .issuer("altitudeweb")
+                .issuer(serverAddress)
                .claim("authorities", claimList.stream().map(PermissionClaimDto::getValue).toList())
                .issuedAt(now)
                .expiresAt(expiryTime)
--- a/backend/src/main/resources/application-beta.properties
+++ b/backend/src/main/resources/application-beta.properties
@ -5,4 +5,5 @@ database.host=${DB_HOST:localhost}
 database.user=${DB_USER:root}
 database.password=${DB_PASSWORD:root}
 cors.allowed-origins=${CORS:https://beta.alttd.com}
 server.address=${SERVER_ADDRESS:https://beta.alttd.com}
 logging.level.com.alttd.altitudeweb=DEBUG
--- a/backend/src/main/resources/application-test.properties
+++ b/backend/src/main/resources/application-test.properties
@ -5,4 +5,5 @@ database.host=${DB_HOST:localhost}
 database.user=${DB_USER:root}
 database.password=${DB_PASSWORD:root}
 cors.allowed-origins=${CORS:http://localhost:4200}
 server.address=${SERVER_ADDRESS:http://localhost}
 logging.level.com.alttd.altitudeweb=DEBUG
--- a/backend/src/main/resources/application.properties
+++ b/backend/src/main/resources/application.properties
@ -8,4 +8,5 @@ cors.allowed-origins=${CORS:https://alttd.com}
 login.secret=${LOGIN_SECRET:SET_TOKEN}
 particles.file_path=${user.home}/.altitudeweb/particles
 notification.server.url=${SERVER_IP:10.0.0.107}:${SERVER_PORT:8080}
 server.address=${SERVER_ADDRESS:https://alttd.com}
 logging.level.com.alttd.altitudeweb=INFO
--- a/database/src/main/java/com/alttd/altitudeweb/database/web_db/PrivilegedUserMapper.java
+++ b/database/src/main/java/com/alttd/altitudeweb/database/web_db/PrivilegedUserMapper.java
@ -11,13 +11,12 @@ public interface PrivilegedUserMapper {
    /**
     * Retrieves a user by their UUID along with their permissions
     * @param uuid The UUID of the user to retrieve
-     * @return The PrivilegedUser with their permissions, or null if not found
+     * @return The optional PrivilegedUser with their permissions
     */
    @Select("""
-            SELECT privileged_users.id, privileged_users.uuid, privileges.privileges as permission
+        SELECT id, uuid
        FROM privileged_users
-            LEFT JOIN privileges ON privileged_users.id = privileges.user_id
+        WHERE uuid = #{uuid}
            WHERE privileged_users.uuid = #{uuid}
        """)
    @Results({
            @Result(property = "id", column = "id"),