aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www/controllers
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2023-01-04 03:38:19 +0300
committerGravatar Vitaly Takmazov2023-01-04 05:46:16 +0300
commitc471503ede9aad91193ff6f93966196e6aff15d6 (patch)
tree8c70c8f58b140465be651cd019f26eadd476711f /src/main/java/com/juick/www/controllers
parent086d9a7625bfc5a386f5b1028d364fb546c2fa9d (diff)
OAuth authentication for Mastodon and ActivityPub C2S
Diffstat (limited to 'src/main/java/com/juick/www/controllers')
-rw-r--r--src/main/java/com/juick/www/controllers/Help.java4
-rw-r--r--src/main/java/com/juick/www/controllers/Settings.java8
-rw-r--r--src/main/java/com/juick/www/controllers/SignUp.java6
-rw-r--r--src/main/java/com/juick/www/controllers/Site.java32
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java11
5 files changed, 25 insertions, 36 deletions
diff --git a/src/main/java/com/juick/www/controllers/Help.java b/src/main/java/com/juick/www/controllers/Help.java
index ae1dafbe..ae7ba9d1 100644
--- a/src/main/java/com/juick/www/controllers/Help.java
+++ b/src/main/java/com/juick/www/controllers/Help.java
@@ -20,13 +20,13 @@ package com.juick.www.controllers;
import com.juick.model.User;
import com.juick.util.HttpNotFoundException;
import com.juick.service.HelpService;
-import com.juick.service.security.annotation.Visitor;
import com.juick.www.WebApp;
import org.commonmark.parser.Parser;
import org.commonmark.renderer.html.HtmlRenderer;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import javax.inject.Inject;
@@ -49,7 +49,7 @@ public class Help {
@GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"})
public String showHelp(
- @Visitor User visitor,
+ @ModelAttribute User visitor,
Locale locale,
@PathVariable(required = false, name = "lang") String lang,
@PathVariable(required = false, name = "page") String page,
diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java
index b990bf41..4d7deece 100644
--- a/src/main/java/com/juick/www/controllers/Settings.java
+++ b/src/main/java/com/juick/www/controllers/Settings.java
@@ -35,7 +35,6 @@ import com.juick.service.TagService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
import com.juick.service.activities.UpdateUserEvent;
-import com.juick.service.security.annotation.Visitor;
import com.juick.util.HttpBadRequestException;
import com.juick.util.HttpUtils;
import com.juick.www.WebApp;
@@ -58,6 +57,7 @@ import org.springframework.context.ApplicationEventPublisher;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.multipart.MultipartFile;
@@ -89,7 +89,7 @@ public class Settings {
@GetMapping("/settings")
protected String doGet(
- @Visitor User visitor,
+ @ModelAttribute User visitor,
Locale locale,
@RequestParam(required = false, defaultValue = "main") String page,
@RequestParam(required = false) String code, ModelMap model) throws IOException {
@@ -126,7 +126,7 @@ public class Settings {
@PostMapping("/settings")
protected String doPost(
- @Visitor User visitor,
+ @ModelAttribute User visitor,
HttpServletRequest request, HttpServletResponse response,
@RequestParam(required = false) MultipartFile avatar,
ModelMap model)
@@ -272,7 +272,7 @@ public class Settings {
}
@PostMapping("/settings/unsubscribe")
public String unsubscribeOneClick(
- @Visitor User user,
+ @ModelAttribute User user,
@RequestParam(name = "List-Unsubscribe") String unsubscribe,
ModelMap model) {
if (!user.isAnonymous()) {
diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java
index 9fc04dd5..8318dabd 100644
--- a/src/main/java/com/juick/www/controllers/SignUp.java
+++ b/src/main/java/com/juick/www/controllers/SignUp.java
@@ -23,13 +23,13 @@ import com.juick.util.UsernameTakenException;
import com.juick.www.WebApp;
import com.juick.service.EmailService;
import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
import com.juick.service.security.entities.JuickUser;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
@@ -52,7 +52,7 @@ public class SignUp {
@GetMapping("/signup")
protected String doGet(
- @Visitor User visitor,
+ @ModelAttribute User visitor,
@RequestParam String type, @RequestParam String hash, ModelMap model) {
if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
|| !hash.matches("^[a-zA-Z0-9\\-]+$")) {
@@ -91,7 +91,7 @@ public class SignUp {
@PostMapping("/signup")
protected String doPost(
- @Visitor User visitor,
+ @ModelAttribute User visitor,
@RequestParam String type,
@RequestParam String hash,
@RequestParam String action,
diff --git a/src/main/java/com/juick/www/controllers/Site.java b/src/main/java/com/juick/www/controllers/Site.java
index f45fe8f2..e8acc650 100644
--- a/src/main/java/com/juick/www/controllers/Site.java
+++ b/src/main/java/com/juick/www/controllers/Site.java
@@ -30,7 +30,6 @@ import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import com.juick.service.*;
-import com.juick.service.security.annotation.Visitor;
import com.juick.util.MessageUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
@@ -43,12 +42,7 @@ import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.WebAttributes;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestHeader;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
import javax.inject.Inject;
import java.net.URLEncoder;
@@ -99,7 +93,7 @@ public class Site {
}
@GetMapping("/login")
- public String getloginForm(@Visitor User visitor,
+ public String getloginForm(@ModelAttribute User visitor,
@RequestParam(name = "retpath", required = false, defaultValue = "/") String retPath,
HttpSession session,
ModelMap model) {
@@ -125,7 +119,7 @@ public class Site {
}
@GetMapping("/")
- protected String doGet(@Visitor User visitor, Locale locale, @RequestParam(required = false) String tag,
+ protected String doGet(@ModelAttribute User visitor, Locale locale, @RequestParam(required = false) String tag,
@RequestParam(name = "show", required = false) String paramShow,
@RequestParam(name = "search", required = false) String paramSearch,
@RequestParam(name = "before", required = false, defaultValue = "0") Integer paramBefore,
@@ -217,7 +211,7 @@ public class Site {
}
@GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade")
- protected String doGetBlog(@Visitor User visitor, @RequestParam(required = false, name = "show") String paramShow,
+ protected String doGetBlog(@ModelAttribute User visitor, @RequestParam(required = false, name = "show") String paramShow,
@RequestParam(required = false, name = "tag") String paramTagStr,
@RequestParam(required = false, name = "search") String paramSearch,
@RequestParam(required = false, name = "page", defaultValue = "0") Integer page, @PathVariable String uname,
@@ -324,7 +318,7 @@ public class Site {
}
@GetMapping("/{uname}/tags")
- protected String doGetTags(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+ protected String doGetTags(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
User user = userService.getUserByName(uname);
if (visitor.isBanned()) {
throw new HttpNotFoundException();
@@ -344,7 +338,7 @@ public class Site {
}
@GetMapping("/{uname}/friends")
- protected String doGetFriends(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+ protected String doGetFriends(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
User user = userService.getUserByName(uname);
if (visitor.isBanned()) {
throw new HttpNotFoundException();
@@ -360,7 +354,7 @@ public class Site {
}
@GetMapping("/{uname}/readers")
- protected String doGetReaders(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+ protected String doGetReaders(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
User user = userService.getUserByName(uname);
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
model.addAttribute("title", "Читатели " + user.getName());
@@ -373,7 +367,7 @@ public class Site {
}
@GetMapping("/{uname}/bl")
- protected String doGetBL(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+ protected String doGetBL(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
User user = userService.getUserByName(uname);
if (visitor.getUid() != user.getUid()) {
throw new HttpForbiddenException();
@@ -389,7 +383,7 @@ public class Site {
}
@GetMapping("/tag/{tagName}")
- protected String tagAction(@Visitor User visitor, HttpServletRequest request, @PathVariable String tagName,
+ protected String tagAction(@ModelAttribute User visitor, HttpServletRequest request, @PathVariable String tagName,
@RequestParam(required = false, defaultValue = "0") int before, ModelMap model) {
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName);
@@ -452,7 +446,7 @@ public class Site {
}
@GetMapping("/pm/inbox")
- protected String doGetInbox(@Visitor User visitor, ModelMap model) {
+ protected String doGetInbox(@ModelAttribute User visitor, ModelMap model) {
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
String title = "PM: Inbox";
List<Message> msgs = chatService.getInbox(visitor.getUid());
@@ -466,7 +460,7 @@ public class Site {
}
@GetMapping("/pm/sent")
- protected String doGetSent(@Visitor User visitor, @RequestParam(required = false) String uname, ModelMap model) {
+ protected String doGetSent(@ModelAttribute User visitor, @RequestParam(required = false) String uname, ModelMap model) {
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
String title = "PM: Sent";
List<Message> msgs = chatService.getOutbox(visitor.getUid());
@@ -485,7 +479,7 @@ public class Site {
@GetMapping(value = "/{uname}/{mid}", produces = { MediaType.TEXT_HTML_VALUE, Context.ACTIVITY_MEDIA_TYPE,
Context.LD_JSON_MEDIA_TYPE })
- protected String threadAction(@Visitor User visitor, ModelMap model, @PathVariable String uname,
+ protected String threadAction(@ModelAttribute User visitor, ModelMap model, @PathVariable String uname,
@PathVariable int mid,
@RequestHeader(name = HttpHeaders.ACCEPT, required = false) String acceptHeader,
@CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) {
@@ -589,7 +583,7 @@ public class Site {
}
@GetMapping("/post")
- protected String postAction(@Visitor User visitor, @RequestParam(required = false) String body, ModelMap model) {
+ protected String postAction(@ModelAttribute User visitor, @RequestParam(required = false) String body, ModelMap model) {
fillUserModel(model, visitor, visitor);
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
model.addAttribute("title", "Написать");
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index c9611543..24bf97f6 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -27,7 +27,6 @@ import com.juick.model.ext.vk.UsersResponse;
import com.juick.service.EmailService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
import com.juick.util.HttpBadRequestException;
import jakarta.annotation.PostConstruct;
@@ -46,11 +45,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
import org.springframework.web.util.UriComponentsBuilder;
import javax.inject.Inject;
@@ -191,8 +186,8 @@ public class SocialLogin {
}
@GetMapping("/_twitter")
- protected void doTwitterLogin(@Visitor com.juick.model.User user, HttpServletRequest request,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ protected void doTwitterLogin(@ModelAttribute com.juick.model.User user, HttpServletRequest request,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
String verifier = request.getParameter("oauth_verifier");
Cookie[] cookies = request.getCookies();