aboutsummaryrefslogtreecommitdiff
path: root/juick-spring-www/src/main/java/com/juick/www/controllers
diff options
context:
space:
mode:
authorGravatar Alexander Alexeev2016-12-09 22:57:52 +0700
committerGravatar Alexander Alexeev2016-12-09 22:57:52 +0700
commit990ca2bf911181c3af9cd6375534553b9355b3a2 (patch)
tree4f1865a341d29d00366aa958e14b9b3216125776 /juick-spring-www/src/main/java/com/juick/www/controllers
parente2a018e998e125ee2ec983962059c4d2b733a4b4 (diff)
security settings
Diffstat (limited to 'juick-spring-www/src/main/java/com/juick/www/controllers')
-rw-r--r--juick-spring-www/src/main/java/com/juick/www/controllers/IndexController.java41
-rw-r--r--juick-spring-www/src/main/java/com/juick/www/controllers/LoginController.java43
2 files changed, 28 insertions, 56 deletions
diff --git a/juick-spring-www/src/main/java/com/juick/www/controllers/IndexController.java b/juick-spring-www/src/main/java/com/juick/www/controllers/IndexController.java
index 91efd8aa..c6de2fbf 100644
--- a/juick-spring-www/src/main/java/com/juick/www/controllers/IndexController.java
+++ b/juick-spring-www/src/main/java/com/juick/www/controllers/IndexController.java
@@ -9,6 +9,7 @@ import com.juick.util.UserUtils;
import com.juick.www.util.EncodeUtils;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
+import org.springframework.context.MessageSource;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.*;
@@ -27,32 +28,31 @@ import java.util.stream.Collectors;
*/
@Controller
public class IndexController {
-
@Inject
- UserService userService;
+ private MessageSource messageSource;
+ @Inject
+ private UserService userService;
@Inject
- MessagesService messagesService;
+ private MessagesService messagesService;
@Inject
- TagService tagService;
+ private TagService tagService;
@RequestMapping(value = "/", method = RequestMethod.GET)
- protected String doGet(
+ public String indexPage(
Principal principal,
@CookieValue("ref") Optional<String> ref,
@RequestHeader("Referer") Optional<String> referer,
@RequestParam("show") Optional<String> paramShow,
@RequestParam("tag") Optional<String> paramTagStr,
- @RequestParam(value = "before", required = false) Integer paramBefore,
+ @RequestParam(value = "before") Optional<Integer> paramBefore,
@RequestParam(value = "search", required = false) String paramSearch,
ModelMap model) throws IOException {
- if (paramTagStr.isPresent()) {
+ if (paramTagStr.isPresent())
return "redirect:/tag/" + URLEncoder.encode(paramTagStr.get(), "UTF-8");
- }
- if (StringUtils.isNotEmpty(paramSearch) && paramSearch.length() > 64) {
+ if (StringUtils.isNotEmpty(paramSearch) && paramSearch.length() > 64)
paramSearch = "";
- }
String name = UserUtils.getUsername(principal, null);
User visitor = userService.getUserByName(name);
@@ -63,34 +63,37 @@ public class IndexController {
} else {
title = "Микроблоги Juick: популярные записи";
}
+
+ int before = paramBefore.orElse(0);
+
List<Integer> mids = new ArrayList<>();
if (StringUtils.isNotEmpty(paramSearch)) {
title = "Поиск: " + StringEscapeUtils.escapeHtml4(paramSearch);
mids = messagesService.getSearch(EncodeUtils.encodeSphinx(paramSearch),
- paramBefore);
+ before);
} else if (!paramShow.isPresent()) {
- mids = messagesService.getPopular(visitor.getUid(), paramBefore);
+ mids = messagesService.getPopular(visitor.getUid(), before);
} else if (paramShow.get().equals("top")) {
return "redirect:/";
} else if (paramShow.get().equals("my") && visitor.getUid() > 0) {
title = "Моя лента";
- mids = messagesService.getMyFeed(visitor.getUid(), paramBefore);
+ mids = messagesService.getMyFeed(visitor.getUid(), before);
} else if (paramShow.get().equals("private") && visitor.getUid() > 0) {
title = "Приватные";
- mids = messagesService.getPrivate(visitor.getUid(), paramBefore);
+ mids = messagesService.getPrivate(visitor.getUid(), before);
} else if (paramShow.get().equals("discuss") && visitor.getUid() > 0) {
title = "Обсуждения";
- mids = messagesService.getDiscussions(visitor.getUid(), paramBefore);
+ mids = messagesService.getDiscussions(visitor.getUid(), before);
} else if (paramShow.get().equals("recommended") && visitor.getUid() > 0) {
title = "Рекомендации";
- mids = messagesService.getRecommended(visitor.getUid(), paramBefore);
+ mids = messagesService.getRecommended(visitor.getUid(), before);
} else if (paramShow.get().equals("photos")) {
title = "Фотографии";
- mids = messagesService.getPhotos(visitor.getUid(), paramBefore);
+ mids = messagesService.getPhotos(visitor.getUid(), before);
} else if (paramShow.get().equals("all")) {
title = "Все сообщения";
- mids = messagesService.getAll(visitor.getUid(), paramBefore);
+ mids = messagesService.getAll(visitor.getUid(), before);
}
model.addAttribute("title", title);
model.addAttribute("visitor", visitor);
@@ -116,6 +119,6 @@ public class IndexController {
model.addAttribute("nextpage", nextpage);
}
//model.addAttribute("isModerator", userService.getModerators().contains(visitor.getUid()));
- return "blog/index";
+ return "index";
}
}
diff --git a/juick-spring-www/src/main/java/com/juick/www/controllers/LoginController.java b/juick-spring-www/src/main/java/com/juick/www/controllers/LoginController.java
index 8a474c9b..8827d948 100644
--- a/juick-spring-www/src/main/java/com/juick/www/controllers/LoginController.java
+++ b/juick-spring-www/src/main/java/com/juick/www/controllers/LoginController.java
@@ -1,23 +1,15 @@
package com.juick.www.controllers;
import com.juick.User;
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpForbiddenException;
import com.juick.service.UserService;
import com.juick.util.UserUtils;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
import javax.inject.Inject;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletResponse;
-import java.net.URI;
import java.security.Principal;
-import java.util.Optional;
/**
* Created by vitalyster on 09.12.2016.
@@ -25,41 +17,18 @@ import java.util.Optional;
@Controller
public class LoginController {
@Inject
- UserService userService;
+ private UserService userService;
@Inject
- Environment env;
+ private Environment env;
@RequestMapping(value = "/login", method = RequestMethod.GET)
- public String doGetLoginForm(Principal principal) {
+ public String getLoginForm(Principal principal) {
String name = UserUtils.getUsername(principal, null);
User visitor = userService.getUserByName(name);
- if (visitor.getUid() > 0) {
+
+ if (visitor.getUid() > 0)
return "redirect:/login";
- }
- return "views/login";
- }
- @RequestMapping(value = "/login", method = RequestMethod.POST)
- protected String doPostLogin(
- @RequestParam("username") Optional<String> username,
- @RequestParam("password") Optional<String> password,
- @RequestHeader("Referer") Optional<String> referer,
- HttpServletResponse response) {
- if (!username.isPresent() && password.isPresent()) {
- throw new HttpBadRequestException();
- }
- int uid = userService.checkPassword(username.get(), password.get());
- if (uid > 0) {
- if (referer.isPresent()) {
- URI refererURI = URI.create(referer.get());
- if (refererURI.getHost().equals(env.getProperty("web_domain"))
- && !refererURI.getPath().equals("/login")) {
- return "redirect:" + referer.get();
- } else {
- return "redirect:/";
- }
- }
- }
- throw new HttpForbiddenException();
+ return "views/login";
}
}