reorganize project

1 files changed, 258 insertions, 0 deletions

diff --git a/juick-www/src/main/java/com/juick/www/SignUp.java b/juick-www/src/main/java/com/juick/www/SignUp.java
new file mode 100644
index 00000000..bba1d34e
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/SignUp.java
@@ -0,0 +1,258 @@
+/*
+ * Juick
+ * Copyright (C) 2008-2013, Ugnich Anton
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.juick.www;
+
+import com.juick.server.UserQueries;
+import org.apache.commons.lang3.tuple.Pair;
+import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.List;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+public class SignUp {
+
+    protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        com.juick.User visitor = Utils.getVisitorUser(sql, request, response);
+
+        String type = request.getParameter("type");
+        String hash = request.getParameter("hash");
+        if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+            return;
+        }
+
+        String account = null;
+        if (type.equals("fb")) {
+            account = getFacebookNameByHash(sql, hash);
+        } else if (type.equals("vk")) {
+            account = getVKNameByHash(sql, hash);
+        } else if (type.equals("xmpp")) {
+            account = getJIDByHash(sql, hash);
+        } else if (type.equals("durov")) {
+            account = getTelegramNameByHash(sql, hash);
+        }
+        if (account == null) {
+            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+            return;
+        }
+
+        response.setContentType("text/html; charset=UTF-8");
+        try (PrintWriter out = response.getWriter()) {
+            PageTemplates.pageHead(out, "Новый пользователь", null);
+            PageTemplates.pageNavigation(out, visitor, null);
+
+            out.println("<section id=\"content\">");
+
+            out.print("<h1 class=\"signup-h1\">");
+            if (type.charAt(0) == 'f') {
+                out.print("<img src=\"//static.juick.com/settings/facebook.png\" alt=\"Facebook\"/>");
+            } else if (type.charAt(0) == 'v') {
+                out.print("<img src=\"//static.juick.com/settings/vk.png\" alt=\"VKontakte\"/>");
+            } else if (type.charAt(0) == 'x') {
+                out.print("<img src=\"//static.juick.com/settings/xmpp.png\" alt=\"XMPP\"/>");
+            } else if (type.charAt(0) == 'd') {
+                out.print("<img src=\"//telegram.org/favicon.ico?3\" alt=\"Telegram\"/>");
+            }
+            out.println(account + "</h1>");
+
+            out.println("<h2 class=\"signup-h2\">Связать с существующим аккаунтом Juick</h2>");
+            out.println("<form action=\"/signup\" method=\"post\">");
+            out.println("<input type=\"hidden\" name=\"action\" value=\"link\"/>");
+            out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>");
+            out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>");
+            if (visitor != null) {
+                out.println("<input type=\"submit\" value=\"Связать с этим аккаунтом\"/>");
+            } else {
+                out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>");
+                out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>");
+                out.println("<p><input type=\"submit\" value=\"    OK    \"/></p>");
+            }
+            out.println("</form>");
+
+            out.println("<hr class=\"signup-hr\"/>");
+
+            out.println("<h2 class=\"signup-h2\">Создать новый аккаунт Juick</h2>");
+            out.println("<form action=\"/signup\" method=\"post\">");
+            out.println("<input type=\"hidden\" name=\"action\" value=\"new\"/>");
+            out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>");
+            out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>");
+            out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\" id=\"username\" onblur=\"checkUsername()\"/><br/><i>(От 2-х до 16-и латинских символов и/или цифр, дефис)</i></p>");
+            out.println("<p>Пароль: <input type=\"password\" name=\"password\"/><br/><i>(от 6-и до 32-х символов)</i></p>");
+            out.println("<p><input type=\"submit\" value=\"    OK    \"/></p>");
+            out.println("</form>");
+
+            out.println("</section>");
+
+            PageTemplates.pageFooter(request, out, visitor, false);
+            PageTemplates.pageEnd(out);
+        }
+    }
+
+    protected void doPost(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        com.juick.User visitor = Utils.getVisitorUser(sql, request, response);
+        int uid = 0;
+
+        String type = request.getParameter("type");
+        String hash = request.getParameter("hash");
+        if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+            return;
+        }
+
+        String action = request.getParameter("action");
+        if (action.charAt(0) == 'l') {
+
+            if (visitor == null) {
+                String username = request.getParameter("username");
+                String password = request.getParameter("password");
+                if (username == null || password == null || username.length() > 32 || password.isEmpty()) {
+                    response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+                    return;
+                }
+                uid = com.juick.server.UserQueries.checkPassword(sql, username, password);
+            } else {
+                uid = visitor.getUID();
+            }
+
+            if (uid <= 0) {
+                response.sendError(HttpServletResponse.SC_FORBIDDEN);
+                return;
+            }
+
+            if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) {
+                response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                return;
+            }
+
+        } else { // Create new account
+            String username = request.getParameter("username");
+            String password = request.getParameter("password");
+            if (username == null || password == null || username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
+                response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+                return;
+            }
+
+            // CHECK USERNAME
+
+            uid = UserQueries.createUser(sql, username, password);
+            if (uid <= 0) {
+                response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                return;
+            }
+
+            if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid))
+                    && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) {
+                response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                return;
+            }
+
+            int ref = 0;
+            String sRef = Utils.getCookie(request, "ref");
+            if (sRef != null) {
+                try {
+                    ref = Integer.parseInt(sRef);
+                } catch (Exception e) {
+                }
+            }
+
+            if (ref > 0) {
+                setUserRef(sql, uid, ref);
+            }
+
+            visitor = null;
+        }
+
+        if (visitor == null) {
+            hash = com.juick.server.UserQueries.getHashByUID(sql, uid);
+            Cookie c = new Cookie("hash", hash);
+            c.setMaxAge(365 * 24 * 60 * 60);
+            response.addCookie(c);
+        }
+
+        response.sendRedirect("/");
+    }
+
+    private boolean setUserRef(JdbcTemplate sql, int uid, int ref) {
+        return sql.update("INSERT INTO users_refs(user_id,ref) VALUES (?,?)", uid, ref) > 0;
+    }
+
+    private String getFacebookNameByHash(JdbcTemplate sql, String hash) {
+        try {
+            return sql.queryForObject("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?", String.class, hash);
+        } catch (EmptyResultDataAccessException e) {
+            return null;
+        }
+    }
+    private String getTelegramNameByHash(JdbcTemplate sql, String hash) {
+        try {
+            String name = sql.queryForObject("SELECT tg_name FROM telegram WHERE loginhash=?", String.class, hash);
+            return "<a href=\"https://telegram.me/" + name + "\" rel=\"nofollow\">" + name + "</a>";
+        } catch (EmptyResultDataAccessException e) {
+            return null;
+        }
+    }
+
+    private boolean setFacebookUser(JdbcTemplate sql, String hash, int uid) {
+        return sql.update("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0;
+    }
+
+    private String getVKNameByHash(JdbcTemplate sql, String hash) {
+        List<Pair<String, String>> logins = sql.query("SELECT vk_name,vk_link FROM vk WHERE loginhash=?",
+                (rs, num) -> {
+                    return Pair.of(rs.getString(1), rs.getString(2));
+                }, hash);
+        if (logins.size() > 0) {
+            return "<a href=\"http://vk.com/" + logins.get(0).getRight() + "\" rel=\"nofollow\">" + logins.get(0).getLeft() + "</a>";
+        }
+        return null;
+    }
+
+    private boolean setVKUser(JdbcTemplate sql, String hash, int uid) {
+        return sql.update("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0;
+    }
+    private boolean setTelegramUser(JdbcTemplate sql, String hash, int uid) {
+        return sql.update("UPDATE telegram SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0;
+    }
+
+    private String getJIDByHash(JdbcTemplate sql, String hash) {
+        try {
+            return sql.queryForObject("SELECT jid FROM jids WHERE loginhash=?", String.class, hash);
+        } catch (EmptyResultDataAccessException e) {
+            return null;
+        }
+    }
+
+    private boolean setJIDUser(JdbcTemplate sql, String hash, int uid) {
+        return sql.update("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0;
+    }
+}