aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www/controllers
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2024-09-08 22:38:11 +0300
committerGravatar Vitaly Takmazov2024-09-09 00:33:07 +0300
commitb94d06390216d645c61a27b77324a999ff1c11ef (patch)
treebed05dad9f60567626e4966a04453d8fb5ca92ff /src/main/java/com/juick/www/controllers
parentfccbba79ff9bb8795b94cae7685807cc3d7fcaf8 (diff)
Clean up social login
Diffstat (limited to 'src/main/java/com/juick/www/controllers')
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java82
1 files changed, 50 insertions, 32 deletions
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 7f8d5f73..510c7d62 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -58,6 +58,7 @@ import jakarta.inject.Inject;
import java.io.IOException;
import java.util.List;
import java.util.Map;
+import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
@@ -70,7 +71,7 @@ import java.util.stream.Collectors;
@Controller
public class SocialLogin {
- private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
+ private static final Logger logger = LoggerFactory.getLogger("Social");
public static final String AUTH_ERROR = "SocialLogin.AuthenticationError";
@@ -124,12 +125,12 @@ public class SocialLogin {
@GetMapping("/_fblogin")
protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code,
@RequestParam(required = false) String state,
- @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response,
+ HttpServletResponse response,
HttpSession session) throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
String fbstate = UUID.randomUUID().toString();
if (StringUtils.isBlank(state)) {
- state = Optional.ofNullable(referer).orElse("https://juick.com/");
+ state = UUID.randomUUID().toString();
}
userService.addFacebookState(fbstate, state);
return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
@@ -170,10 +171,12 @@ public class SocialLogin {
}
}
if (!existingFacebookUser.get().isBanned()) {
- Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid()));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:" + redirectUrl;
+ var authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices) rememberMeServices).getKey(),
+ new JuickUser(existingFacebookUser.get()), JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+ rememberMeServices.loginSuccess(request, response, authentication);
+ return "redirect:/";
} else {
session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
return "redirect:/login";
@@ -188,9 +191,9 @@ public class SocialLogin {
@GetMapping("/_twitter")
protected String doTwitterLogin(@RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- com.juick.model.User user,
- HttpServletRequest request)
+ @RequestParam(required = false) String state,
+ com.juick.model.User user,
+ HttpServletRequest request)
throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
@@ -229,14 +232,17 @@ public class SocialLogin {
@GetMapping("/_vklogin")
protected String doVKLogin(@RequestParam(required = false) String code,
@RequestParam(required = false) String state,
- @RequestHeader(value = "referer", required = false) String referer,
- @CookieValue(required = false) String vkstate, HttpServletResponse response)
+ @CookieValue(required = false) String vkstate,
+ HttpServletRequest request,
+ HttpServletResponse response,
+ HttpSession session)
throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
vkstate = UUID.randomUUID().toString();
Cookie c = new Cookie("vkstate", vkstate);
response.addCookie(c);
- return "redirect:" + vkService.getVkAuthService().getAuthorizationUrl(vkstate);
+ var redirect = "redirect:" + vkService.getVkAuthService().getAuthorizationUrl(vkstate);
+ return redirect;
}
if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
@@ -265,13 +271,19 @@ public class SocialLogin {
}
long vkID = NumberUtils.toLong(jsonUser.id(), 0);
- int uid = userService.getUIDbyVKID(vkID);
- if (uid > 0) {
- userService.updateVkUser(vkID, token.getAccessToken(), vkName, vkLink);
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
+ var user = userService.getUserByVKID(vkID);
+ if (user.isPresent()) {
+ if (!user.get().isBanned()) {
+ var authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices) rememberMeServices).getKey(),
+ new JuickUser(user.get()), JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+ rememberMeServices.loginSuccess(request, response, authentication);
+ return "redirect:/";
+ } else {
+ session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+ return "redirect:/login";
+ }
} else {
String loginhash = UUID.randomUUID().toString();
if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
@@ -290,8 +302,7 @@ public class SocialLogin {
@GetMapping("/_tglogin")
public String doDurovLogin(@RequestParam Map<String, String> params,
@RequestParam String hash,
- @RequestHeader(value = "referer", required = false) String referer,
- HttpServletRequest request, HttpServletResponse response) {
+ HttpServletRequest request, HttpServletResponse response, HttpSession session) {
String dataCheckString = params.entrySet().stream().filter(p -> !p.getKey().equals("hash"))
.sorted(Map.Entry.comparingByKey()).map(p -> p.getKey() + "=" + p.getValue())
.collect(Collectors.joining("\n"));
@@ -301,14 +312,19 @@ public class SocialLogin {
long tgUser = Long.parseLong(params.get("id"));
var user = userService.getUserByTelegramId(tgUser);
if (user.isPresent()) {
- var authentication = new RememberMeAuthenticationToken(
- ((AbstractRememberMeServices) rememberMeServices).getKey(),
- new JuickUser(user.get()), JuickUser.USER_AUTHORITY);
- SecurityContextHolder.getContext().setAuthentication(authentication);
- rememberMeServices.loginSuccess(request, response, authentication);
- return "redirect:" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
+ if (!user.get().isBanned()) {
+ var authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices) rememberMeServices).getKey(),
+ new JuickUser(user.get()), JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+ rememberMeServices.loginSuccess(request, response, authentication);
+ return "redirect:/";
+ } else {
+ session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+ return "redirect:/login";
+ }
} else {
- String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));
+ String username = Objects.toString(params.get("username"), params.get("first_name"));
List<Long> chats = telegramService.getAnonymous();
if (!chats.contains(tgUser)) {
logger.info("added chat with {}", username);
@@ -347,9 +363,11 @@ public class SocialLogin {
com.juick.model.User user = userService.getUserByEmail(email.get());
if (!user.isAnonymous()) {
if (!user.isBanned()) {
- Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
+ var authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices) rememberMeServices).getKey(),
+ new JuickUser(user), JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+ rememberMeServices.loginSuccess(request, response, authentication);
return "redirect:/";
} else {
session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");