hide session management inside UserService

2026-03-21 21:37:29 +00:00 · 2014-08-15 12:46:52 +02:00
parent 9701af0736
commit 943bde7eed
6 changed files with 68 additions and 42 deletions
--- a/src/main/java/com/commafeed/frontend/resource/UserREST.java
+++ b/src/main/java/com/commafeed/frontend/resource/UserREST.java
@@ -239,9 +239,8 @@ public class UserREST {
 	@UnitOfWork
 	@ApiOperation(value = "Login and create a session")
 	public Response login(@ApiParam(required = true) LoginRequest req, @Session HttpSession session) {
-		Optional<User> user = userService.login(req.getName(), req.getPassword());
+		Optional<User> user = userService.login(req.getName(), req.getPassword(), session);
 		if (user.isPresent()) {
-			session.setAttribute(CommaFeedApplication.SESSION_USER, user.get());
 			return Response.ok().build();
 		} else {
 			return Response.status(Response.Status.UNAUTHORIZED).entity("wrong username or password").build();