From 9ececaff6bff9e0da0348b3390f13aaaf1f5fac7 Mon Sep 17 00:00:00 2001 From: ronen4822 Date: Wed, 28 Aug 2024 07:46:21 +0300 Subject: [PATCH] -add csrf_token --- .../utils/PostgresHandler.java | 20 +++++++++++-------- .../user_query_handling/web/UserDetails.java | 1 + 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/leetcoders/user_query_handling/utils/PostgresHandler.java b/src/main/java/com/leetcoders/user_query_handling/utils/PostgresHandler.java index 404fbe9..820550b 100644 --- a/src/main/java/com/leetcoders/user_query_handling/utils/PostgresHandler.java +++ b/src/main/java/com/leetcoders/user_query_handling/utils/PostgresHandler.java @@ -23,6 +23,7 @@ IF NOT EXISTS (SELECT FROM information_schema.tables WHERE table_schema = 'publi CREATE TABLE user_details ( name varchar(255) PRIMARY KEY, access_key varchar(1024), + csrf_token varchar(1024), companies text ARRAY, solved_questions int, time_to_update timestamp, @@ -33,12 +34,13 @@ access_key varchar(1024), END $$; """; private static final String UPDATE_USER_DETAILS = """ - INSERT INTO user_details (name, access_key, companies, solved_questions, time_to_update, access_key_expiration, being_processed) + INSERT INTO user_details (name, access_key, csrf_token, companies, solved_questions, time_to_update, access_key_expiration, being_processed) VALUES ( ?, ?, ?, + ?, 0, now() AT TIME ZONE 'UTC', ?, @@ -47,7 +49,7 @@ INSERT INTO user_details (name, access_key, companies, solved_questions, time_to ON CONFLICT (name) DO UPDATE - SET name=?, access_key=?, companies=?, time_to_update=now() AT TIME ZONE 'UTC', access_key_expiration=?, being_processed=FALSE; + SET name=?, access_key=?, csrf_token=?, companies=?, time_to_update=now() AT TIME ZONE 'UTC', access_key_expiration=?, being_processed=FALSE; """; private static final Logger logger = LoggerFactory.getLogger(PostgresHandler.class); private static final String DB_NAME = "leetcode-rs"; @@ -85,14 +87,16 @@ public boolean updateUserDetails(UserDetails userDetails) { try (Connection connection = ds.getConnection(); var statement = connection.prepareStatement(UPDATE_USER_DETAILS)) { statement.setString(1, userDetails.name()); - statement.setString(5, userDetails.name()); + statement.setString(6, userDetails.name()); statement.setString(2, userDetails.token()); - statement.setString(6, userDetails.token()); - statement.setTimestamp(4, timestamp); - statement.setTimestamp(8, timestamp); + statement.setString(7, userDetails.token()); + statement.setString(3, userDetails.csrfToken()); + statement.setString(8, userDetails.csrfToken()); java.sql.Array companiesArray = connection.createArrayOf("text", userDetails.companies().toArray()); - statement.setArray(3, companiesArray); - statement.setArray(7, companiesArray); + statement.setArray(4, companiesArray); + statement.setArray(9, companiesArray); + statement.setTimestamp(5, timestamp); + statement.setTimestamp(10, timestamp); statement.execute(); logger.info("User successfully updated"); diff --git a/src/main/java/com/leetcoders/user_query_handling/web/UserDetails.java b/src/main/java/com/leetcoders/user_query_handling/web/UserDetails.java index 2449135..d67c76b 100644 --- a/src/main/java/com/leetcoders/user_query_handling/web/UserDetails.java +++ b/src/main/java/com/leetcoders/user_query_handling/web/UserDetails.java @@ -8,6 +8,7 @@ public record UserDetails( @NonNull @NotEmpty String name, @NonNull @NotEmpty String token, + @NonNull @NotEmpty String csrfToken, @NonNull @NotEmpty String expirationTime, @NonNull @NotEmpty List companies) { }