Signup API

author: Vitaly Takmazov 2018-11-25 18:50:24 +0300
committer: Vitaly Takmazov 2018-11-25 18:50:24 +0300
commit: 17fa861b4426018062c509ded6897b8d37a6f59a (patch)
tree: 48235e237f10829c842e3bfb2f69b641085b55ae
parent: a9909e0faca387dd0bf54bce2341a1769513e59e (diff)
3 files changed, 40 insertions, 3 deletions
diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 9e111223..7b9b56f0 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -31,6 +31,7 @@ import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.client.json.jackson2.JacksonFactory;
+import com.juick.model.Auth;
 import com.juick.model.facebook.User;
 import com.juick.server.util.HttpBadRequestException;
 import com.juick.server.util.HttpForbiddenException;
@@ -39,6 +40,7 @@ import com.juick.service.EmailService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
 import com.juick.model.vk.UsersResponse;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.math.NumberUtils;
 import org.slf4j.Logger;
@@ -293,13 +295,38 @@ public class ApiSocialLogin {
     }
     @ResponseBody
     @PostMapping("/api/_google")
-    public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString)
+    public Auth googleSignIn(@RequestParam(name = "idToken") String idTokenString)
             throws GeneralSecurityException, IOException {
         logger.info("Token: {}", idTokenString);
         logger.info("Client: {}", googleClientId);
         GoogleIdToken idToken = verifier.verify(idTokenString);
         if (idToken != null) {
-            return idToken.getPayload();
+            String email = idToken.getPayload().getEmail();
+            if (!userService.getUserByEmail(email).isAnonymous()) {
+                String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+                emailService.addVerificationCode(null, email, verificationCode);
+                return new Auth(email, verificationCode);
+            }
+        }
+        throw new HttpForbiddenException();
+    }
+    @ResponseBody
+    @PostMapping("/api/signup")
+    public com.juick.User signupWithEmail(String username, String password, String verificationCode) {
+        if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$")
+                || password.length() < 6 || password.length() > 32) {
+            throw new HttpBadRequestException();
+        }
+
+        String verifiedEmail = emailService.getEmailByAuthCode(verificationCode);
+        if (StringUtils.isNotEmpty(verifiedEmail)) {
+            int uid = userService.createUser(username, password);
+            if (uid <= 0) {
+                throw new HttpBadRequestException();
+            }
+            emailService.addEmail(uid, verifiedEmail);
+            emailService.deleteAuthCode(verificationCode);
+            return userService.getUserByUID(uid).orElseThrow(IllegalStateException::new);
         } else {
             throw new HttpForbiddenException();
         }
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 4442d115..f53cc531 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -98,7 +98,7 @@ public class SecurityConfig {
                     .authorizeRequests()
                     .antMatchers(HttpMethod.OPTIONS).permitAll()
                     .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk",
-                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events").permitAll()
+                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/signup", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events").permitAll()
                     .anyRequest().hasRole("USER")
                     .and()
                     .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 0abce093..4b0de65d 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -1799,4 +1799,14 @@ public class ServerTests {
         messagesService.createMessage(newUserUid, "YO", "", null);
         assertThat(userService.getUserByUID(newUserUid).get().getSeen(), greaterThanOrEqualTo(now));
     }
+    @Test
+    public void signupTest() throws Exception {
+        emailService.addVerificationCode(null, "demo@email.com", "123456");
+        MvcResult result = mockMvc.perform(post("/api/signup")
+        .param("username", "testuser")
+        .param("password", "demopassword")
+        .param("verificationCode", "123456")).andExpect(status().isOk()).andReturn();
+        com.juick.User testuser = jsonMapper.readValue(result.getResponse().getContentAsString(), User.class);
+        assertThat(testuser.getName(), is("testuser"));
+    }
 }
author	Vitaly Takmazov	2018-11-25 18:50:24 +0300
committer	Vitaly Takmazov	2018-11-25 18:50:24 +0300
commit	17fa861b4426018062c509ded6897b8d37a6f59a (patch)
tree	48235e237f10829c842e3bfb2f69b641085b55ae
parent	a9909e0faca387dd0bf54bce2341a1769513e59e (diff)