From 06ce1ff07f5b519a131f23858becdec393398ce3 Mon Sep 17 00:00:00 2001
From: KKlochko <KKlochko@protonmail.com>
Date: Fri, 1 Dec 2023 21:00:58 +0200
Subject: [PATCH] Add AuthorizedInterceptor to control the access for a role.

---
 .../interceptors/AuthorizedInterceptor.java   | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 src/main/java/space/kklochko/spring_rest_example/interceptors/AuthorizedInterceptor.java

diff --git a/src/main/java/space/kklochko/spring_rest_example/interceptors/AuthorizedInterceptor.java b/src/main/java/space/kklochko/spring_rest_example/interceptors/AuthorizedInterceptor.java
new file mode 100644
index 0000000..146ada9
--- /dev/null
+++ b/src/main/java/space/kklochko/spring_rest_example/interceptors/AuthorizedInterceptor.java
@@ -0,0 +1,44 @@
+package space.kklochko.spring_rest_example.interceptors;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+import space.kklochko.spring_rest_example.security.access.AuthorizedValidator;
+
+public class AuthorizedInterceptor implements HandlerInterceptor {
+    @Autowired
+    AuthorizedValidator authorizedValidator;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (request.getMethod().equals(HttpMethod.GET.name())) {
+            return true;
+        }
+
+        String token = request.getHeader("Authorization");
+
+        Boolean accessStatus;
+
+        if (request.getMethod().equals(HttpMethod.DELETE.name())) {
+            accessStatus = authorizedValidator.isAdmin(token);
+        }else {
+            accessStatus = authorizedValidator.isUser(token);
+        }
+
+        if(accessStatus == null) {
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authorizedValidator.noToken());
+            return false;
+        }
+
+        if(!accessStatus) {
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authorizedValidator.accessDeniedNoPermission());
+            return false;
+        }
+
+        return true;
+    }
+}
+