Erweiterungen

2025-09-11 10:25:34 +02:00
parent cb95857f58
commit 127eee4e73
3 changed files with 36 additions and 7 deletions
--- a/src/main/java/de/assecutor/votianlt/pages/view/LoginView.java
+++ b/src/main/java/de/assecutor/votianlt/pages/view/LoginView.java
@@ -25,6 +25,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 import com.vaadin.flow.server.VaadinSession;
+import org.springframework.beans.factory.annotation.Value;

@Route("login")
@PageTitle("Bei VotianLT anmelden")
@@ -42,6 +43,9 @@ public class LoginView extends VerticalLayout implements BeforeEnterObserver, Af
    @Autowired
    private AuthenticationManager authenticationManager;

+    @Value("${app.security.two-factor.enabled:false}")
+    private boolean twoFactorEnabled;
+
    private Authentication pendingAuth;

    public LoginView() { 
@@ -96,13 +100,27 @@ public class LoginView extends VerticalLayout implements BeforeEnterObserver, Af

    private void handlePasswordLogin(String username, String password) {
        try {
-            // Prüfe Benutzername/Passwort, aber setze Benutzer noch nicht in den SecurityContext
+            // Prüfe Benutzername/Passwort
            Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
-            this.pendingAuth = auth;
-            twoFaField.setVisible(true);
-            verify2faButton.setVisible(true);
-            twoFactorService.initiateTwoFactorFor(username);
-            Notification.show("2FA-Code per E-Mail gesendet.", 3000, Notification.Position.BOTTOM_CENTER);
+            
+            if (twoFactorEnabled) {
+                // 2FA aktiviert: Benutzer noch nicht in SecurityContext setzen
+                this.pendingAuth = auth;
+                twoFaField.setVisible(true);
+                verify2faButton.setVisible(true);
+                twoFactorService.initiateTwoFactorFor(username);
+                Notification.show("2FA-Code per E-Mail gesendet.", 3000, Notification.Position.BOTTOM_CENTER);
+            } else {
+                // 2FA deaktiviert: Direkt anmelden
+                SecurityContextHolder.getContext().setAuthentication(auth);
+                var vaadinSession = VaadinSession.getCurrent();
+                if (vaadinSession != null) {
+                    var wrappedSession = vaadinSession.getSession();
+                    wrappedSession.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
+                            SecurityContextHolder.getContext());
+                }
+                UI.getCurrent().getPage().setLocation("/dashboard");
+            }
        } catch (Exception ex) {
            loginForm.setError(true);
            this.pendingAuth = null;