mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-14 10:34:06 +02:00
cleanup: trim oversized comments across recent SaaS fixes
Reduce multi-paragraph comment blocks to short two-line notes and drop history-style references; no behaviour changes.
This commit is contained in:
+2
-6
@@ -39,12 +39,8 @@ public class EnhancedJwtAuthenticationToken extends JwtAuthenticationToken {
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared proprietary/core code authorizes with {@code principal instanceof User} (e.g. {@code
|
||||
* FileStorageService.requireAuthenticatedUser}, {@code FolderService}), which the default
|
||||
* {@link JwtAuthenticationToken} principal — the decoded {@link Jwt} — can never satisfy, so
|
||||
* every such endpoint 401'd valid Supabase sessions. When the filter resolved a local {@link
|
||||
* User}, expose it as the principal so those checks behave exactly as under form login; fall
|
||||
* back to the Jwt when no User was attached (anonymous sessions, converter-built tokens).
|
||||
* Returns the resolved local {@link User} when available so shared {@code principal instanceof
|
||||
* User} authorization works under JWT auth; falls back to the decoded Jwt.
|
||||
*/
|
||||
@Override
|
||||
public Object getPrincipal() {
|
||||
|
||||
+2
-4
@@ -155,10 +155,8 @@ public class SupabaseAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
User user = getOrCreateUser(jwt);
|
||||
|
||||
// Attach the resolved User as the token principal for full accounts so shared
|
||||
// `principal instanceof User` authorization (storage services, account data)
|
||||
// works under JWT auth. Anonymous sessions keep the raw Jwt principal and stay
|
||||
// locked out of those User-gated APIs, matching pre-existing behaviour.
|
||||
// Full accounts carry the resolved User as principal for shared
|
||||
// instanceof-User authorization; anonymous sessions keep the raw Jwt.
|
||||
EnhancedJwtAuthenticationToken authToken =
|
||||
new EnhancedJwtAuthenticationToken(
|
||||
jwt,
|
||||
|
||||
Reference in New Issue
Block a user