diff options
Diffstat (limited to 'src/main/java/com/juick/server/api')
-rw-r--r-- | src/main/java/com/juick/server/api/ApiSocialLogin.java | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java index 9e111223..7b9b56f0 100644 --- a/src/main/java/com/juick/server/api/ApiSocialLogin.java +++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java @@ -31,6 +31,7 @@ import com.google.api.client.http.HttpTransport; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.JsonFactory; import com.google.api.client.json.jackson2.JacksonFactory; +import com.juick.model.Auth; import com.juick.model.facebook.User; import com.juick.server.util.HttpBadRequestException; import com.juick.server.util.HttpForbiddenException; @@ -39,6 +40,7 @@ import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; import com.juick.model.vk.UsersResponse; +import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; import org.slf4j.Logger; @@ -293,13 +295,38 @@ public class ApiSocialLogin { } @ResponseBody @PostMapping("/api/_google") - public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString) + public Auth googleSignIn(@RequestParam(name = "idToken") String idTokenString) throws GeneralSecurityException, IOException { logger.info("Token: {}", idTokenString); logger.info("Client: {}", googleClientId); GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { - return idToken.getPayload(); + String email = idToken.getPayload().getEmail(); + if (!userService.getUserByEmail(email).isAnonymous()) { + String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + emailService.addVerificationCode(null, email, verificationCode); + return new Auth(email, verificationCode); + } + } + throw new HttpForbiddenException(); + } + @ResponseBody + @PostMapping("/api/signup") + public com.juick.User signupWithEmail(String username, String password, String verificationCode) { + if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") + || password.length() < 6 || password.length() > 32) { + throw new HttpBadRequestException(); + } + + String verifiedEmail = emailService.getEmailByAuthCode(verificationCode); + if (StringUtils.isNotEmpty(verifiedEmail)) { + int uid = userService.createUser(username, password); + if (uid <= 0) { + throw new HttpBadRequestException(); + } + emailService.addEmail(uid, verifiedEmail); + emailService.deleteAuthCode(verificationCode); + return userService.getUserByUID(uid).orElseThrow(IllegalStateException::new); } else { throw new HttpForbiddenException(); } |