1 files changed, 19 insertions, 15 deletions

diff --git a/src/main/java/com/juick/server/api/Post.java b/src/main/java/com/juick/server/api/Post.java
index b575cef8..10e19faf 100644
--- a/src/main/java/com/juick/server/api/Post.java
+++ b/src/main/java/com/juick/server/api/Post.java
@@ -21,12 +21,16 @@ import com.juick.Message;
 import com.juick.Reaction;
 import com.juick.Status;
 import com.juick.User;
-import com.juick.server.CommandsManager;
 import com.juick.model.CommandResult;
-import com.juick.server.util.*;
+import com.juick.server.CommandsManager;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.server.util.HttpUtils;
 import com.juick.service.MessagesService;
 import com.juick.service.SubscriptionService;
 import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -66,10 +70,10 @@ public class Post {
     @RequestMapping(value = "/api/post", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
     @ResponseStatus(value = HttpStatus.OK)
     public CommandResult doPostMessage(
+            @Visitor User visitor,
             @RequestParam(required = false, defaultValue = StringUtils.EMPTY) String body,
             @RequestParam(required = false) String img,
             @RequestParam(required = false) MultipartFile attach) throws Exception {
-        User visitor = UserUtils.getCurrentUser();
         body = body.replace("\r", StringUtils.EMPTY);
 
         URI attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
@@ -97,13 +101,13 @@ public class Post {
 
     @RequestMapping(value = "/api/comment", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
     public CommandResult doPostComment(
+            @Visitor User visitor,
             @RequestParam(defaultValue = "0") int mid,
             @RequestParam(defaultValue = "0") int rid,
             @RequestParam(required = false, defaultValue = StringUtils.EMPTY) final String body,
             @RequestParam(required = false) String img,
             @RequestParam(required = false) MultipartFile attach)
             throws Exception {
-        User visitor = UserUtils.getCurrentUser();
         if (mid == 0) {
             throw new HttpBadRequestException();
         }
@@ -149,8 +153,7 @@ public class Post {
 
     @PostMapping("/api/like")
     @ResponseStatus(value = HttpStatus.OK)
-    public Status doPostRecomm(@RequestParam Integer mid) throws Exception {
-        com.juick.User visitor = UserUtils.getCurrentUser();
+    public Status doPostRecomm(@Visitor User visitor, @RequestParam Integer mid) throws Exception {
         Optional<com.juick.Message> message = messagesService.getMessage(mid);
         if (!message.isPresent()) {
             throw new HttpNotFoundException();
@@ -166,8 +169,8 @@ public class Post {
 
     @PostMapping("/api/subscribe")
     @ResponseStatus(value = HttpStatus.OK)
-    public Status doPostSubscribe(@RequestParam Integer mid) throws Exception {
-        com.juick.User visitor = UserUtils.getCurrentUser();
+    public Status doPostSubscribe(@Visitor User visitor,
+                                  @RequestParam Integer mid) throws Exception {
         Optional<com.juick.Message> message = messagesService.getMessage(mid);
         if (!message.isPresent()) {
             throw new HttpNotFoundException();
@@ -189,11 +192,12 @@ public class Post {
 
     @PostMapping("/api/react")
     @ResponseStatus(value = HttpStatus.OK)
-    public Status doPostReact(@RequestParam Integer mid,@RequestParam @NotNull int reactionId,
-                              @RequestParam (required = false, defaultValue = "1") int count) {
+    public Status doPostReact(
+            @Visitor User visitor,
+            @RequestParam Integer mid, @RequestParam @NotNull int reactionId,
+            @RequestParam(required = false, defaultValue = "1") int count) {
 
         logger.info("got reaction with type: {}", reactionId);
-        com.juick.User visitor = UserUtils.getCurrentUser();
         Optional<com.juick.Message> message = messagesService.getMessage(mid);
         if (!message.isPresent()) {
             throw new HttpNotFoundException();
@@ -211,10 +215,10 @@ public class Post {
     }
 
     @PostMapping("/api/update")
-    public CommandResult updateMessage(@RequestParam Integer mid,
-                                 @RequestParam(required = false, defaultValue = "0") Integer rid,
-                                 @RequestParam String body) {
-        User visitor = UserUtils.getCurrentUser();
+    public CommandResult updateMessage(@Visitor User visitor,
+                                       @RequestParam Integer mid,
+                                       @RequestParam(required = false, defaultValue = "0") Integer rid,
+                                       @RequestParam String body) {
         User author = rid == 0 ? messagesService.getMessageAuthor(mid) : messagesService.getReply(mid, rid).getUser();
         if (visitor.equals(author)) {
             if (messagesService.updateMessage(mid, rid, body)) {