diff options
| author |  Vitaly Takmazov | 2021-10-18 00:40:10 +0300 |
|---|---|---|
| committer | Vitaly Takmazov | 2021-10-18 02:10:01 +0300 |
| commit | a2348e95bbacbc9a9961afcabb7bbe82f3c7fe9d (patch) | |
| tree | 7c794eba8ce72e6533a818fcbfb3c8f87e36d2f8 /src/main/java/com/juick/www/controllers | |
| parent | 6c82f3dea2c56e8d62bd2f154e2e701f96454418 (diff) | |
Display error for social login
* CrossPostService gone
Diffstat (limited to 'src/main/java/com/juick/www/controllers')
5 files changed, 68 insertions, 58 deletions
diff --git a/src/main/java/com/juick/www/controllers/Login.java b/src/main/java/com/juick/www/controllers/Login.java index 33fcc011..41d902de 100644 --- a/src/main/java/com/juick/www/controllers/Login.java +++ b/src/main/java/com/juick/www/controllers/Login.java @@ -51,6 +51,12 @@ public class Login { model.addAttribute("authErrorMessage", authEx.getLocalizedMessage()); } + String socialLoginError = (String) session.getAttribute(SocialLogin.AUTH_ERROR); + + if (socialLoginError != null) { + model.addAttribute("authErrorMessage", socialLoginError); + } + return "layouts/login"; } diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java index a9240cab..50b4ea14 100644 --- a/src/main/java/com/juick/www/controllers/Settings.java +++ b/src/main/java/com/juick/www/controllers/Settings.java @@ -70,8 +70,6 @@ public class Settings { @Inject private UserService userService; @Inject - private CrosspostService crosspostService; - @Inject private SubscriptionService subscriptionService; @Inject private EmailService emailService; @@ -111,9 +109,9 @@ public class Settings { List<String> hours = IntStream.rangeClosed(0, 23).boxed() .map(i -> StringUtils.leftPad(String.format("%d", i), 2, "0")).collect(Collectors.toList()); model.addAttribute("hours", hours); - model.addAttribute("fbstatus", crosspostService.getFbCrossPostStatus(visitor.getUid())); - model.addAttribute("twitter_name", crosspostService.getTwitterName(visitor.getUid())); - model.addAttribute("telegram_name", crosspostService.getTelegramName(visitor.getUid())); + model.addAttribute("fbstatus", userService.getFbCrossPostStatus(visitor.getUid())); + model.addAttribute("twitter_name", userService.getTwitterName(visitor.getUid())); + model.addAttribute("telegram_name", userService.getTelegramName(visitor.getUid())); model.addAttribute("notify_options", subscriptionService.getNotifyOptions(visitor)); model.addAttribute("userinfo", userService.getUserInfo(visitor)); if (page.equals("auth-email")) { @@ -232,7 +230,7 @@ public class Settings { } break; case "twitter-del": - crosspostService.deleteTwitterToken(visitor.getUid()); + userService.deleteTwitterToken(visitor.getUid()); for (Cookie cookie : request.getCookies()) { if (cookie.getName().equals("request_token")) { cookie.setMaxAge(0); @@ -250,15 +248,15 @@ public class Settings { result = "<p><a href=\"/settings\">Back</a></p>"; break; case "facebook-disable": - crosspostService.disableFBCrosspost(visitor.getUid()); + userService.disableFBCrosspost(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; case "facebook-enable": - crosspostService.enableFBCrosspost(visitor.getUid()); + userService.enableFBCrosspost(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; case "vk-del": - crosspostService.deleteVKUser(visitor.getUid()); + userService.deleteVKUser(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; default: diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java index c07374f5..9fc04dd5 100644 --- a/src/main/java/com/juick/www/controllers/SignUp.java +++ b/src/main/java/com/juick/www/controllers/SignUp.java @@ -21,7 +21,6 @@ import com.juick.util.HttpBadRequestException; import com.juick.util.HttpForbiddenException; import com.juick.util.UsernameTakenException; import com.juick.www.WebApp; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.UserService; import com.juick.service.security.annotation.Visitor; @@ -46,8 +45,6 @@ public class SignUp { @Inject private UserService userService; @Inject - private CrosspostService crosspostService; - @Inject private EmailService emailService; @Inject private WebApp webApp; @@ -65,16 +62,16 @@ public class SignUp { String account = null; switch (type) { case "fb": - account = crosspostService.getFacebookNameByHash(hash); + account = userService.getFacebookNameByHash(hash); break; case "vk": - account = crosspostService.getVKNameByHash(hash); + account = userService.getVKNameByHash(hash); break; case "xmpp": - account = crosspostService.getJIDByHash(hash); + account = userService.getJIDByHash(hash); break; case "durov": - account = crosspostService.getTelegramNameByHash(hash); + account = userService.getTelegramNameByHash(hash); break; case "email": account = emailService.getEmailByAuthCode(hash); @@ -128,11 +125,11 @@ public class SignUp { return "views/signup_result"; } - if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) - && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) - && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid())) + if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid())) && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0 - && crosspostService.setJIDUser(hash, current.getUid()))) { + && userService.setJIDUser(hash, current.getUid()))) { if (type.equals("email")) { String email = emailService.getEmailByAuthCode(hash); emailService.addEmail(current.getUid(), email); @@ -163,9 +160,9 @@ public class SignUp { return "views/signup_result"; } - if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) - && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) - && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) { + if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid()))) { if (type.equals("email")) { String email = emailService.getEmailByAuthCode(hash); emailService.addEmail(current.getUid(), email); diff --git a/src/main/java/com/juick/www/controllers/Site.java b/src/main/java/com/juick/www/controllers/Site.java index 27e84001..682ed247 100644 --- a/src/main/java/com/juick/www/controllers/Site.java +++ b/src/main/java/com/juick/www/controllers/Site.java @@ -68,8 +68,6 @@ public class Site { @Inject private PMQueriesService pmQueriesService; @Inject - private CrosspostService crosspostService; - @Inject private WebApp webApp; private void fillUserModel(ModelMap model, User user, User visitor) { @@ -517,7 +515,7 @@ public class Site { + pageUrl + "\" />\n" + "<meta property=\"og:title\" content=\"" + msg.getUser().getName() + " at Juick\" />\n" + "<meta property=\"og:description\" content=\"" + cardDescription + "\" />\n" + "<meta name=\"Description\" content=\"" + cardDescription + "\" />\n"; - String twitterName = crosspostService.getTwitterName(msg.getUser().getUid()); + String twitterName = userService.getTwitterName(msg.getUser().getUid()); if (StringUtils.isNotEmpty(twitterName)) { headers += "<meta name=\"twitter:creator\" content=\"@" + twitterName + "\" />\n"; } diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java index 5e9e8b8f..7acd6cdd 100644 --- a/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -24,7 +24,6 @@ import com.github.scribejava.core.oauth.OAuth10aService; import com.github.scribejava.core.oauth.OAuth20Service; import com.juick.model.ext.facebook.User; import com.juick.model.ext.vk.UsersResponse; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; @@ -52,6 +51,8 @@ import javax.inject.Inject; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + import java.io.IOException; import java.util.List; import java.util.Map; @@ -69,6 +70,8 @@ public class SocialLogin { private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class); + public static final String AUTH_ERROR = "SocialLogin.AuthenticationError"; + @Value("${facebook_appid:appid}") private String FACEBOOK_APPID; @Value("${facebook_secret:secret}") @@ -95,8 +98,6 @@ public class SocialLogin { @Value("${apple_app_id:appid}") private String appleApplicationId; @Inject - private CrosspostService crosspostService; - @Inject private UserService userService; @Inject private EmailService emailService; @@ -125,18 +126,18 @@ public class SocialLogin { @GetMapping("/_fblogin") protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code, @RequestParam(required = false) String state, - @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) - throws IOException, ExecutionException, InterruptedException { + @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response, + HttpSession session) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String fbstate = UUID.randomUUID().toString(); if (StringUtils.isBlank(state)) { state = Optional.ofNullable(referer).orElse("https://juick.com/"); } - crosspostService.addFacebookState(fbstate, state); + userService.addFacebookState(fbstate, state); return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); } - String redirectUrl = crosspostService.verifyFacebookState(state); + String redirectUrl = userService.verifyFacebookState(state); if (StringUtils.isEmpty(redirectUrl)) { logger.error("state is missing"); throw new HttpBadRequestException(); @@ -157,26 +158,30 @@ public class SocialLogin { throw new HttpBadRequestException(); } - int uid = crosspostService.getUIDbyFBID(fbID); - if (uid > 0) { - if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { + Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID); + if (existingFacebookUser.isPresent()) { + if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken()); throw new HttpBadRequestException(); } - Cookie c = new Cookie("hash", userService.getHashByUID(uid)); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:" + redirectUrl; - } else { - if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { - if (StringUtils.isNotEmpty(fb.getEmail())) { - logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); - Integer userId = crosspostService.getUIDbyFBID(fbID); - if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { - emailService.addEmail(userId, fb.getEmail()); - } + if (StringUtils.isNotEmpty(fb.getEmail())) { + logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); + Optional<com.juick.model.User> newFacebookUser = userService.getUserByFacebookId(fbID); + if (!emailService.getEmails(newFacebookUser.get().getUid(), false).contains(fb.getEmail())) { + emailService.addEmail(newFacebookUser.get().getUid(), fb.getEmail()); } - logger.info("email not found for facebook user {}", fb.getName()); + } + if (!existingFacebookUser.get().isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:" + redirectUrl; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } + } else { + if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { throw new HttpBadRequestException(); } return "redirect:/signup?type=fb&hash=" + state; @@ -257,7 +262,8 @@ public class SocialLogin { Response vkResponse = vkAuthService.execute(meRequest); if (vkResponse.isSuccessful()) { String graph = vkResponse.getBody(); - com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new); + com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream() + .findFirst().orElseThrow(HttpBadRequestException::new); String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName(); String vkLink = jsonUser.getScreenName(); @@ -267,7 +273,7 @@ public class SocialLogin { } long vkID = NumberUtils.toLong(jsonUser.getId(), 0); - int uid = crosspostService.getUIDbyVKID(vkID); + int uid = userService.getUIDbyVKID(vkID); if (uid > 0) { Cookie c = new Cookie("hash", userService.getHashByUID(uid)); c.setMaxAge(50 * 24 * 60 * 60); @@ -275,14 +281,14 @@ public class SocialLogin { return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY); } else { String loginhash = UUID.randomUUID().toString(); - if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { + if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { logger.error("create vk user error"); throw new HttpBadRequestException(); } return "redirect:/signup?type=vk&hash=" + loginhash; } } else { - logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); + logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); throw new HttpBadRequestException(); } } @@ -332,7 +338,7 @@ public class SocialLogin { @PostMapping("/_apple") public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, - @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException { + @RequestParam Map<String, String> body, HttpSession session) throws InterruptedException, ExecutionException, IOException { OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code")); var jsonNode = jsonMapper.readTree(token.getRawResponse()); var idToken = jsonNode.get("id_token").textValue(); @@ -341,10 +347,15 @@ public class SocialLogin { if (email.isPresent()) { com.juick.model.User user = userService.getUserByEmail(email.get()); if (!user.isAnonymous()) { - Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:/"; + if (!user.isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/"; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } } else { String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); emailService.addVerificationCode(null, email.get(), verificationCode); |