19 lines
760 B
Text
19 lines
760 B
Text
<%@ page language="java" contentType="application/json; charset=UTF-8" pageEncoding="UTF-8"
|
|
%><%
|
|
// Security: only allow calls from trusted internal sources.
|
|
// In production, further restrict with a reverse-proxy rule so this
|
|
// path is NOT reachable from the public internet.
|
|
response.setHeader("Cache-Control", "no-store, no-cache");
|
|
response.setHeader("Pragma", "no-cache");
|
|
response.setHeader("X-Content-Type-Options", "nosniff");
|
|
|
|
Long userId = (Long) session.getAttribute("loginUser_id");
|
|
|
|
if (userId != null) {
|
|
response.setStatus(200);
|
|
out.print("{\"authenticated\":true,\"userId\":" + userId + "}");
|
|
} else {
|
|
response.setStatus(401);
|
|
out.print("{\"authenticated\":false}");
|
|
}
|
|
%>
|