fix #724 add token

2016-10-01 15:53:49 +09:00 · 2016-10-01 15:53:49 +09:00 · b9116ec790
commit b9116ec790
parent eb8e5864dd
1 changed files with 12 additions and 8 deletions
--- a/src/main/java/org/codelibs/fess/app/web/login/LoginAction.java
+++ b/src/main/java/org/codelibs/fess/app/web/login/LoginAction.java
@ -30,17 +30,23 @@ public class LoginAction extends FessLoginAction {

    @Execute
    public HtmlResponse index() {
+        return asIndexPage(null).useForm(LoginForm.class);
+    }
+
+    private HtmlResponse asIndexPage(final LoginForm form) {
+        if (form != null) {
+            form.clearSecurityInfo();
+        }
        return asHtml(path_Login_IndexJsp).renderWith(data -> {
            RenderDataUtil.register(data, "notification", fessConfig.getNotificationLogin());
-        }).useForm(LoginForm.class);
+            saveToken();
+        });
    }

    @Execute
    public HtmlResponse login(final LoginForm form) {
-        validate(form, messages -> {}, () -> {
-            form.clearSecurityInfo();
-            return asHtml(path_Login_IndexJsp);
-        });
+        validate(form, messages -> {}, () -> asIndexPage(form));
+        verifyToken(() -> asIndexPage(form));
        final String username = form.username;
        final String password = form.password;
        form.clearSecurityInfo();
@ -50,9 +56,7 @@ public class LoginAction extends FessLoginAction {
                return getHtmlResponse();
            });
        } catch (final LoginFailureException lfe) {
-            throwValidationError(messages -> messages.addErrorsLoginError(GLOBAL), () -> {
-                return asHtml(path_Login_IndexJsp);
-            });
+            throwValidationError(messages -> messages.addErrorsLoginError(GLOBAL), () -> asIndexPage(form));
        }
        return redirect(getClass());
    }