diff options
author | Vitaly Takmazov | 2024-12-12 12:50:07 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2024-12-12 13:20:47 +0300 |
commit | 89d6c18cb82f8ba24ec291e3d3fb031ea0b2c01e (patch) | |
tree | a522e69110b847df733f1f14eefd2e9be409b1f1 | |
parent | 738898d647cc170763f963f8484d1d636c69069a (diff) |
API: restore Google login and email signup
-rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 2 | ||||
-rw-r--r-- | src/main/java/com/juick/www/api/ApiSocialLogin.java | 89 |
2 files changed, 90 insertions, 1 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index ac61f8f69..6608a658a 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -201,7 +201,7 @@ public class SecurityConfig { "/api/swagger-ui/**", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", - "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon", "/api/_vk", + "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon", "/api/_vk", "/api/_google", "/api/skypebotendpoint", "/api/signup", "/api/inbox", "/api/events", "/api/u/", "/u/**", "/n/**", diff --git a/src/main/java/com/juick/www/api/ApiSocialLogin.java b/src/main/java/com/juick/www/api/ApiSocialLogin.java new file mode 100644 index 000000000..5b48c52be --- /dev/null +++ b/src/main/java/com/juick/www/api/ApiSocialLogin.java @@ -0,0 +1,89 @@ +/* + * Copyright (C) 2008-2024, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.www.api; + +import com.github.scribejava.apis.GoogleTokenVerifier; +import com.juick.model.AuthResponse; +import com.juick.service.EmailService; +import com.juick.service.UserService; +import com.juick.util.HttpBadRequestException; +import com.juick.util.HttpForbiddenException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Controller; +import org.springframework.util.StringUtils; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; +import jakarta.inject.Inject; +import java.util.Optional; + +@Controller +public class ApiSocialLogin { + + private static final Logger logger = LoggerFactory.getLogger(ApiSocialLogin.class); + + @Value("${google_client_id:}") + private String googleClientId; + + @Inject + private UserService userService; + @Inject + private EmailService emailService; + @Inject + private Users users; + @ResponseBody + @PostMapping("/api/signup") + public com.juick.model.User signupWithEmail(String username, String password, String verificationCode) { + if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") + || password.length() < 6 || password.length() > 32) { + throw new HttpBadRequestException(); + } + + String verifiedEmail = emailService.getEmailByAuthCode(verificationCode); + if (StringUtils.hasText(verifiedEmail)) { + com.juick.model.User newUser = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new); + emailService.addEmail(newUser.getUid(), verifiedEmail); + emailService.deleteAuthCode(verificationCode); + return newUser; + } else { + throw new HttpForbiddenException(); + } + } + @ResponseBody + @PostMapping("/api/_google") + public AuthResponse googleSignIn(@RequestParam(name = "idToken") String idTokenString) { + logger.info("Token: {}", idTokenString); + logger.info("Client: {}", googleClientId); + Optional<String> verifiedEmail = GoogleTokenVerifier.validateToken(googleClientId, idTokenString); + if (verifiedEmail.isPresent()) { + String email = verifiedEmail.get(); + com.juick.model.User visitor = userService.getUserByEmail(email); + if (visitor.isAnonymous()) { + String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + emailService.addVerificationCode(null, email, verificationCode); + return new AuthResponse(null, email, verificationCode); + } else { + return new AuthResponse(users.getMe(visitor), null, null); + } + } + throw new HttpForbiddenException(); + } +} |