Erweiterungen

src/main/java/de/assecutor/votianlt/pages/view/LoginView.java

@@ -25,6 +25,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 import com.vaadin.flow.server.VaadinSession;
+import org.springframework.beans.factory.annotation.Value;
 
 @Route("login")
 @PageTitle("Bei VotianLT anmelden")
@@ -42,6 +43,9 @@ public class LoginView extends VerticalLayout implements BeforeEnterObserver, Af
     @Autowired
     private AuthenticationManager authenticationManager;
 
+    @Value("${app.security.two-factor.enabled:false}")
+    private boolean twoFactorEnabled;
+
     private Authentication pendingAuth;
 
     public LoginView() { 
@@ -96,13 +100,27 @@ public class LoginView extends VerticalLayout implements BeforeEnterObserver, Af
 
     private void handlePasswordLogin(String username, String password) {
         try {
-            // Prüfe Benutzername/Passwort, aber setze Benutzer noch nicht in den SecurityContext
+            // Prüfe Benutzername/Passwort
             Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
-            this.pendingAuth = auth;
-            twoFaField.setVisible(true);
-            verify2faButton.setVisible(true);
-            twoFactorService.initiateTwoFactorFor(username);
-            Notification.show("2FA-Code per E-Mail gesendet.", 3000, Notification.Position.BOTTOM_CENTER);
+            
+            if (twoFactorEnabled) {
+                // 2FA aktiviert: Benutzer noch nicht in SecurityContext setzen
+                this.pendingAuth = auth;
+                twoFaField.setVisible(true);
+                verify2faButton.setVisible(true);
+                twoFactorService.initiateTwoFactorFor(username);
+                Notification.show("2FA-Code per E-Mail gesendet.", 3000, Notification.Position.BOTTOM_CENTER);
+            } else {
+                // 2FA deaktiviert: Direkt anmelden
+                SecurityContextHolder.getContext().setAuthentication(auth);
+                var vaadinSession = VaadinSession.getCurrent();
+                if (vaadinSession != null) {
+                    var wrappedSession = vaadinSession.getSession();
+                    wrappedSession.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
+                            SecurityContextHolder.getContext());
+                }
+                UI.getCurrent().getPage().setLocation("/dashboard");
+            }
         } catch (Exception ex) {
             loginForm.setError(true);
             this.pendingAuth = null;

src/main/resources/application-prod.properties

@@ -0,0 +1,8 @@
+# Production Configuration
+# 2FA Configuration - Aktiviert für Produktion
+app.security.two-factor.enabled=true
+
+# Production-specific settings
+logging.level.root=WARN
+logging.level.de.assecutor.votianlt=INFO
+

src/main/resources/application.properties

@@ -29,4 +29,7 @@ spring.websocket.servlet.max-binary-message-buffer-size=8192
 spring.websocket.stomp.enabled=true
 # STOMP heartbeat settings (in milliseconds)
 spring.websocket.stomp.heartbeat.outgoing=10000
-spring.websocket.stomp.heartbeat.incoming=10000
+spring.websocket.stomp.heartbeat.incoming=10000
+
+# 2FA Configuration
+app.security.two-factor.enabled=false