fix remmeber me (#2184)

* fix remmeber me * remove uselss comment * Update translation files (#2185) Signed-off-by: GitHub Action <action@github.com> Co-authored-by: GitHub Action <action@github.com> --------- Signed-off-by: GitHub Action <action@github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: GitHub Action <action@github.com>
2025-07-04 01:18:22 +02:00 · 2024-11-05 14:31:31 +00:00 · 2024-11-05 14:31:31 +00:00 · 0c0f61aa0d
commit 0c0f61aa0d
parent 40ffb6559d
8 changed files with 24 additions and 15 deletions
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@ -156,10 +156,14 @@ public class SecurityConfiguration {
            http.rememberMe(
                    rememberMeConfigurer ->
                            rememberMeConfigurer // Use the configurator directly
-                                    .key("uniqueAndSecret")
                                    .tokenRepository(persistentTokenRepository())
-                                    .tokenValiditySeconds(1209600) // 2 weeks
-                    );
+                                    .tokenValiditySeconds(14 * 24 * 60 * 60) // 14 days
+                                    .userDetailsService(
+                                            userDetailsService) // Your existing UserDetailsService
+                                    .useSecureCookie(true) // Enable secure cookie
+                                    .rememberMeParameter("remember-me") // Form parameter name
+                                    .rememberMeCookieName("remember-me") // Cookie name
+                                    .alwaysRemember(false));
            http.authorizeHttpRequests(
                    authz ->
                            authz.requestMatchers(
--- a/src/main/java/stirling/software/SPDF/repository/JPATokenRepositoryImpl.java
+++ b/src/main/java/stirling/software/SPDF/repository/JPATokenRepositoryImpl.java
@ -5,6 +5,7 @@ import java.util.Date;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
+import org.springframework.transaction.annotation.Transactional;

 import stirling.software.SPDF.model.PersistentLogin;

@ -13,6 +14,7 @@ public class JPATokenRepositoryImpl implements PersistentTokenRepository {
    @Autowired private PersistentLoginRepository persistentLoginRepository;

    @Override
+    @Transactional
    public void createNewToken(PersistentRememberMeToken token) {
        PersistentLogin newToken = new PersistentLogin();
        newToken.setSeries(token.getSeries());
@ -23,6 +25,7 @@ public class JPATokenRepositoryImpl implements PersistentTokenRepository {
    }

    @Override
+    @Transactional
    public void updateToken(String series, String tokenValue, Date lastUsed) {
        PersistentLogin existingToken = persistentLoginRepository.findById(series).orElse(null);
        if (existingToken != null) {
@ -43,11 +46,11 @@ public class JPATokenRepositoryImpl implements PersistentTokenRepository {
    }

    @Override
+    @Transactional
    public void removeUserTokens(String username) {
-        for (PersistentLogin token : persistentLoginRepository.findAll()) {
-            if (token.getUsername().equals(username)) {
-                persistentLoginRepository.delete(token);
-            }
+        try {
+            persistentLoginRepository.deleteByUsername(username);
+        } catch (Exception e) {
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/repository/PersistentLoginRepository.java
+++ b/src/main/java/stirling/software/SPDF/repository/PersistentLoginRepository.java
@ -6,4 +6,6 @@ import org.springframework.stereotype.Repository;
 import stirling.software.SPDF.model.PersistentLogin;

@Repository
-public interface PersistentLoginRepository extends JpaRepository<PersistentLogin, String> {}
+public interface PersistentLoginRepository extends JpaRepository<PersistentLogin, String> {
+    void deleteByUsername(String username);
+}
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@ -90,8 +90,8 @@
          </div>

          <div class="form-check m-2 mb-3">
-            <input type="checkbox" id="remember" value="remember-me">
-            <label for="remember" th:text="#{login.rememberme}"></label>
+            <input type="checkbox" name="remember-me" id="remember-me">
+            <label for="remember-me" th:text="#{login.rememberme}"></label>
          </div>
          <button class="w-100 btn btn-lg btn-primary" type="submit" th:text="#{login.signin}">Sign in</button>
        </form>