aboutsummaryrefslogtreecommitdiff
path: root/juick-www/src/main/java/com/juick/www/controllers
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2017-03-29 14:11:46 +0300
committerGravatar Vitaly Takmazov2017-03-29 14:11:46 +0300
commit9f770c26d1e4f392d591bf35886e3dcc7371d64f (patch)
tree5fccb22b5c01b40d81a111de61e5fbf27f55a18f /juick-www/src/main/java/com/juick/www/controllers
parent889a5e543d33e3305bccd77e52722da695e068f7 (diff)
juick-www: Spring Security
Diffstat (limited to 'juick-www/src/main/java/com/juick/www/controllers')
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Help.java3
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Home.java3
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Login.java44
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/NewMessage.java9
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/PM.java7
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Settings.java4
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/SignUp.java5
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Tags.java3
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/User.java9
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/UserThread.java3
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java3
11 files changed, 31 insertions, 62 deletions
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Help.java b/juick-www/src/main/java/com/juick/www/controllers/Help.java
index 361d5efc..8256b4be 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Help.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Help.java
@@ -2,6 +2,7 @@ package com.juick.www.controllers;
import com.juick.server.util.HttpNotFoundException;
import com.juick.service.MessagesService;
+import com.juick.util.UserUtils;
import com.juick.www.HelpService;
import com.juick.www.WebApp;
import org.springframework.stereotype.Controller;
@@ -39,7 +40,7 @@ public class Help {
@PathVariable("page") Optional<String> pageParam,
@PathVariable("langOrPage") Optional<String> langOrPageParam,
Model model) throws IOException, URISyntaxException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
String page = pageParam.orElse("index");
String lang = langParam.orElse(locale.getLanguage());
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Home.java b/juick-www/src/main/java/com/juick/www/controllers/Home.java
index 405a4bd6..4f597d5a 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Home.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Home.java
@@ -20,6 +20,7 @@ package com.juick.www.controllers;
import com.juick.service.AdsService;
import com.juick.service.MessagesService;
import com.juick.service.UserService;
+import com.juick.util.UserUtils;
import com.juick.util.WebUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
@@ -100,7 +101,7 @@ public class Home {
if (tag != null) {
Utils.sendPermanentRedirect(response, "/tag/" + URLEncoder.encode(tag, CharEncoding.UTF_8));
}
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
int paramBefore = NumberUtils.toInt(request.getParameter("before"), 0);
String paramSearch = request.getParameter("search");
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Login.java b/juick-www/src/main/java/com/juick/www/controllers/Login.java
index c9056f22..2d41d9b4 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Login.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Login.java
@@ -18,6 +18,7 @@
package com.juick.www.controllers;
import com.juick.service.UserService;
+import com.juick.util.UserUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
import org.springframework.stereotype.Controller;
@@ -60,7 +61,7 @@ public class Login {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}
}
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() > 0) {
Utils.sendTemporaryRedirect(response, "/");
return;
@@ -209,45 +210,4 @@ public class Login {
out.println("</html>");
}
}
-
- @RequestMapping(value = "/login", method = RequestMethod.POST)
- protected void doPostLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
- String username = request.getParameter("username");
- String password = request.getParameter("password");
- if (username == null || password == null || username.length() > 32 || password.isEmpty()) {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST);
- return;
- }
-
- int uid = userService.checkPassword(username, password);
- if (uid > 0) {
- String hash = userService.getHashByUID(uid);
- Cookie c = new Cookie("hash", hash);
- c.setMaxAge(365 * 24 * 60 * 60);
- response.addCookie(c);
-
- String referer = request.getHeader("Referer");
- if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) {
- response.sendRedirect(referer);
- } else {
- response.sendRedirect("/");
- }
- } else {
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- }
- }
-
- @RequestMapping(value = "/logout", method = RequestMethod.GET)
- protected void doGetLogout(HttpServletRequest request, HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
- if (visitor.getUid() > 0) {
- userService.logout(visitor.getUid());
- }
-
- Cookie c2 = new Cookie("hash", "-");
- c2.setMaxAge(0);
- response.addCookie(c2);
-
- response.sendRedirect("/");
- }
}
diff --git a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
index 1993737b..fcd27710 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
@@ -22,6 +22,7 @@ import com.juick.server.helpers.TagStats;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpUtils;
import com.juick.service.*;
+import com.juick.util.UserUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
import org.apache.commons.io.FilenameUtils;
@@ -87,7 +88,7 @@ public class NewMessage {
@RequestMapping(value = "/post", method = RequestMethod.GET)
protected void doGetNewMessage(HttpServletRequest request, HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
Utils.sendTemporaryRedirect(response, "/login");
return;
@@ -184,7 +185,7 @@ public class NewMessage {
public void doPostMessage(HttpServletRequest request, HttpServletResponse response,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
@@ -317,7 +318,7 @@ public class NewMessage {
public void doPostComment(HttpServletRequest request, HttpServletResponse response,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
@@ -433,7 +434,7 @@ public class NewMessage {
@RequestMapping(value = "/like", method = RequestMethod.POST)
public void doPostRecomm(HttpServletRequest request, HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
diff --git a/juick-www/src/main/java/com/juick/www/controllers/PM.java b/juick-www/src/main/java/com/juick/www/controllers/PM.java
index 028feabc..9cc29129 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/PM.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/PM.java
@@ -22,6 +22,7 @@ import com.juick.service.PMQueriesService;
import com.juick.service.TagService;
import com.juick.service.UserService;
import com.juick.util.MessageUtils;
+import com.juick.util.UserUtils;
import com.juick.util.WebUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
@@ -62,7 +63,7 @@ public class PM {
@RequestMapping(value = "/pm/inbox", method = RequestMethod.GET)
protected String doGetInbox(HttpServletRequest request, HttpServletResponse response, ModelMap model) {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
Utils.sendTemporaryRedirect(response, "/login");
}
@@ -79,7 +80,7 @@ public class PM {
@RequestMapping(value = "/pm/sent", method = RequestMethod.GET)
protected String doGetSent(HttpServletRequest request, HttpServletResponse response, ModelMap model) {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
Utils.sendTemporaryRedirect(response, "/login");
}
@@ -102,7 +103,7 @@ public class PM {
@RequestMapping(value = "/pm/send", method = RequestMethod.POST)
public void doPostPM(HttpServletRequest request, HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0 || visitor.isBanned()) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Settings.java b/juick-www/src/main/java/com/juick/www/controllers/Settings.java
index 053a014e..43215c62 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Settings.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Settings.java
@@ -86,7 +86,7 @@ public class Settings {
@RequestMapping(value = "/settings", method = RequestMethod.GET)
protected String doGet(HttpServletRequest request, HttpServletResponse response, ModelMap model) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
response.sendRedirect("/login");
}
@@ -129,7 +129,7 @@ public class Settings {
@RequestParam(required = false) MultipartFile avatar,
ModelMap model)
throws IOException, ServletException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
throw new HttpBadRequestException();
}
diff --git a/juick-www/src/main/java/com/juick/www/controllers/SignUp.java b/juick-www/src/main/java/com/juick/www/controllers/SignUp.java
index ad148265..4c20e513 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/SignUp.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/SignUp.java
@@ -22,6 +22,7 @@ import com.juick.server.util.HttpForbiddenException;
import com.juick.service.CrosspostService;
import com.juick.service.MessagesService;
import com.juick.service.UserService;
+import com.juick.util.UserUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
import org.springframework.stereotype.Controller;
@@ -53,7 +54,7 @@ public class SignUp {
@RequestMapping(value = "/signup", method = RequestMethod.GET)
protected String doGet(HttpServletRequest request, HttpServletResponse response, ModelMap model) {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
String type = request.getParameter("type");
String hash = request.getParameter("hash");
@@ -92,7 +93,7 @@ public class SignUp {
@RequestMapping(value = "/signup", method = RequestMethod.POST)
protected String doPost(HttpServletRequest request, HttpServletResponse response) {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
int uid = 0;
String type = request.getParameter("type");
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Tags.java b/juick-www/src/main/java/com/juick/www/controllers/Tags.java
index 73813179..a0682a45 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Tags.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Tags.java
@@ -20,6 +20,7 @@ package com.juick.www.controllers;
import com.juick.service.AdsService;
import com.juick.service.MessagesService;
import com.juick.service.TagService;
+import com.juick.util.UserUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
import org.apache.commons.lang3.CharEncoding;
@@ -61,7 +62,7 @@ public class Tags {
@PathVariable String tagName,
@RequestParam(required = false, defaultValue = "0") int before,
HttpServletResponse response) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName);
com.juick.Tag paramTag = tagService.getTag(paramTagStr, false);
diff --git a/juick-www/src/main/java/com/juick/www/controllers/User.java b/juick-www/src/main/java/com/juick/www/controllers/User.java
index e84c8913..28a91298 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/User.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/User.java
@@ -21,6 +21,7 @@ import com.juick.server.helpers.TagStats;
import com.juick.service.MessagesService;
import com.juick.service.TagService;
import com.juick.service.UserService;
+import com.juick.util.UserUtils;
import com.juick.www.Utils;
import com.juick.www.WebApp;
import org.apache.commons.lang3.CharEncoding;
@@ -66,7 +67,7 @@ public class User {
@PathVariable String uname,
@RequestParam(required = false, defaultValue = "0") Integer before) throws IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (user.isBanned()) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
@@ -180,7 +181,7 @@ public class User {
protected void doGetTags(HttpServletRequest request, HttpServletResponse response,
@PathVariable String uname) throws IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isBanned()) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
@@ -206,7 +207,7 @@ public class User {
protected void doGetFriends(HttpServletRequest request, HttpServletResponse response,
@PathVariable String uname) throws ServletException, IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isBanned()) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
@@ -244,7 +245,7 @@ public class User {
protected void doGetReaders(HttpServletRequest request, HttpServletResponse response,
@PathVariable String uname) throws ServletException, IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isBanned()) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
diff --git a/juick-www/src/main/java/com/juick/www/controllers/UserThread.java b/juick-www/src/main/java/com/juick/www/controllers/UserThread.java
index 7d3894a8..27788d9b 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/UserThread.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/UserThread.java
@@ -24,6 +24,7 @@ import com.juick.service.MessagesService;
import com.juick.service.TagService;
import com.juick.service.UserService;
import com.juick.util.MessageUtils;
+import com.juick.util.UserUtils;
import com.juick.www.WebApp;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@@ -64,7 +65,7 @@ public class UserThread {
protected void doGetThread(HttpServletRequest request, HttpServletResponse response,
@PathVariable String uname,
@PathVariable int mid) throws ServletException, IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (!messagesService.canViewThread(mid, visitor.getUid())) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
diff --git a/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java b/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java
index f64907b2..f4b8717a 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java
@@ -3,6 +3,7 @@ package com.juick.www.controllers;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpUtils;
import com.juick.service.TagService;
+import com.juick.util.UserUtils;
import com.juick.www.WebApp;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@@ -41,7 +42,7 @@ public class XMPPPost {
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
- com.juick.User visitor = webApp.getVisitorUser(request, response);
+ com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0 || visitor.isBanned()) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 03:11:36 +0000