diff options
Diffstat (limited to 'src/main/java/com/juick/server/www/controllers')
6 files changed, 74 insertions, 63 deletions
diff --git a/src/main/java/com/juick/server/www/controllers/Help.java b/src/main/java/com/juick/server/www/controllers/Help.java index 12abee80..909e8acb 100644 --- a/src/main/java/com/juick/server/www/controllers/Help.java +++ b/src/main/java/com/juick/server/www/controllers/Help.java @@ -17,11 +17,12 @@ package com.juick.server.www.controllers; +import com.juick.User; import com.juick.server.util.HttpNotFoundException; -import com.juick.server.util.UserUtils; +import com.juick.server.www.HelpService; import com.juick.server.www.WebApp; import com.juick.service.MessagesService; -import com.juick.server.www.HelpService; +import com.juick.service.security.annotation.Visitor; import org.commonmark.parser.Parser; import org.commonmark.renderer.html.HtmlRenderer; import org.springframework.stereotype.Controller; @@ -30,8 +31,6 @@ import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import javax.inject.Inject; -import java.io.IOException; -import java.net.URISyntaxException; import java.util.Locale; import java.util.Objects; @@ -53,12 +52,12 @@ public class Help { @GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"}) public String showHelp( + @Visitor User visitor, Locale locale, @PathVariable(required = false, name = "lang") String lang, @PathVariable(required = false, name = "page") String page, @PathVariable(required = false, name = "langOrPage") String langOrPage, - Model model) throws IOException, URISyntaxException { - com.juick.User visitor = UserUtils.getCurrentUser(); + Model model) { visitor.setAvatar(webApp.getAvatarWebPath(visitor)); String navigation = null; diff --git a/src/main/java/com/juick/server/www/controllers/Login.java b/src/main/java/com/juick/server/www/controllers/Login.java index d933934e..9fca57e7 100644 --- a/src/main/java/com/juick/server/www/controllers/Login.java +++ b/src/main/java/com/juick/server/www/controllers/Login.java @@ -16,8 +16,9 @@ */ package com.juick.server.www.controllers; -import com.juick.server.util.UserUtils; +import com.juick.User; import com.juick.service.UserService; +import com.juick.service.security.annotation.Visitor; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; @@ -34,17 +35,17 @@ public class Login { private UserService userService; @GetMapping("/login") - public String getloginForm(@RequestParam(required = false, defaultValue = "true") boolean redirect) { - com.juick.User visitor = UserUtils.getCurrentUser(); - + public String getloginForm( + @Visitor User visitor, + @RequestParam(required = false, defaultValue = "true") boolean redirect) { if (!visitor.isAnonymous()) { return redirect ? "redirect:/" : "redirect:/login/success"; } return "views/login"; } @GetMapping("/login/success") - public String getSuccessLogin(ModelMap model) { - model.addAttribute("hash", userService.getHashByUID(UserUtils.getCurrentUser().getUid())); + public String getSuccessLogin(@Visitor User visitor, ModelMap model) { + model.addAttribute("hash", userService.getHashByUID(visitor.getUid())); return "views/login_success"; } } diff --git a/src/main/java/com/juick/server/www/controllers/MessagesWWW.java b/src/main/java/com/juick/server/www/controllers/MessagesWWW.java index e1c1bed8..501c0d82 100644 --- a/src/main/java/com/juick/server/www/controllers/MessagesWWW.java +++ b/src/main/java/com/juick/server/www/controllers/MessagesWWW.java @@ -18,14 +18,15 @@ package com.juick.server.www.controllers; import com.juick.Message; import com.juick.Tag; +import com.juick.User; import com.juick.formatters.PlainTextFormatter; import com.juick.server.Utils; import com.juick.server.util.HttpForbiddenException; import com.juick.server.util.HttpNotFoundException; -import com.juick.server.util.UserUtils; import com.juick.server.util.WebUtils; import com.juick.server.www.WebApp; import com.juick.service.*; +import com.juick.service.security.annotation.Visitor; import com.juick.util.MessageUtils; import org.apache.commons.codec.CharEncoding; import org.apache.commons.lang3.StringUtils; @@ -92,6 +93,7 @@ public class MessagesWWW { @GetMapping("/") protected String doGet( + @Visitor User visitor, @RequestParam(required = false) String tag, @RequestParam(name = "show", required = false) String paramShow, @RequestParam(name = "search", required = false) String paramSearch, @@ -103,8 +105,6 @@ public class MessagesWWW { if (tag != null) { return "redirect:/tag/" + URLEncoder.encode(tag, StandardCharsets.UTF_8); } - com.juick.User visitor = UserUtils.getCurrentUser(); - visitor.setAvatar(webApp.getAvatarWebPath(visitor)); if (paramSearch != null && paramSearch.length() > 64) { @@ -199,6 +199,7 @@ public class MessagesWWW { @GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade") protected String doGetBlog( + @Visitor User visitor, @RequestParam(required = false, name = "show") String paramShow, @RequestParam(required = false, name = "tag") String paramTagStr, @RequestParam(required = false, name = "search") String paramSearch, @@ -208,7 +209,6 @@ public class MessagesWWW { @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie, ModelMap model) throws IOException { com.juick.User user = userService.getUserByName(uname); - com.juick.User visitor = UserUtils.getCurrentUser(); if (user.isBanned() || user.isAnonymous()) { throw new HttpNotFoundException(); } @@ -317,9 +317,10 @@ public class MessagesWWW { } @GetMapping("/{uname}/tags") - protected String doGetTags(@PathVariable String uname, ModelMap model) { + protected String doGetTags( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { com.juick.User user = userService.getUserByName(uname); - com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.isBanned()) { throw new HttpNotFoundException(); } @@ -336,9 +337,10 @@ public class MessagesWWW { } @GetMapping("/{uname}/friends") - protected String doGetFriends(@PathVariable String uname, ModelMap model) { + protected String doGetFriends( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { com.juick.User user = userService.getUserByName(uname); - com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.isBanned()) { throw new HttpNotFoundException(); } @@ -353,9 +355,10 @@ public class MessagesWWW { } @GetMapping("/{uname}/readers") - protected String doGetReaders(@PathVariable String uname, ModelMap model) throws IOException { + protected String doGetReaders( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) throws IOException { com.juick.User user = userService.getUserByName(uname); - com.juick.User visitor = UserUtils.getCurrentUser(); visitor.setAvatar(webApp.getAvatarWebPath(visitor)); model.addAttribute("title", "Читатели " + user.getName()); model.addAttribute("headers", "<meta name=\"robots\" content=\"noindex\"/>"); @@ -367,9 +370,10 @@ public class MessagesWWW { } @GetMapping("/{uname}/bl") - protected String doGetBL(@PathVariable String uname, ModelMap model) throws IOException { + protected String doGetBL( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) throws IOException { com.juick.User user = userService.getUserByName(uname); - com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() != user.getUid()) { throw new HttpForbiddenException(); } @@ -383,12 +387,13 @@ public class MessagesWWW { return "views/users"; } @GetMapping("/tag/{tagName}") - protected String tagAction(HttpServletRequest request, - @PathVariable String tagName, - @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie, - @RequestParam(required = false, defaultValue = "0") int before, - ModelMap model) throws IOException { - com.juick.User visitor = UserUtils.getCurrentUser(); + protected String tagAction( + @Visitor User visitor, + HttpServletRequest request, + @PathVariable String tagName, + @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie, + @RequestParam(required = false, defaultValue = "0") int before, + ModelMap model) throws IOException { visitor.setAvatar(webApp.getAvatarWebPath(visitor)); String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName); com.juick.Tag paramTag = tagService.getTag(paramTagStr, false); @@ -457,8 +462,7 @@ public class MessagesWWW { return "views/index"; } @GetMapping("/pm/inbox") - protected String doGetInbox(ModelMap model) { - com.juick.User visitor = UserUtils.getCurrentUser(); + protected String doGetInbox(@Visitor User visitor, ModelMap model) { if (visitor.isAnonymous()) { return "redirect:/login"; } @@ -475,9 +479,10 @@ public class MessagesWWW { } @GetMapping("/pm/sent") - protected String doGetSent(@RequestParam(required = false) String uname, - ModelMap model) { - com.juick.User visitor = UserUtils.getCurrentUser(); + protected String doGetSent( + @Visitor User visitor, + @RequestParam(required = false) String uname, + ModelMap model) { if (visitor.isAnonymous()) { return "redirect:/login"; } @@ -497,13 +502,12 @@ public class MessagesWWW { return "views/pm_sent"; } @GetMapping(value = "/{uname}/{mid}", produces = MediaType.TEXT_HTML_VALUE) - protected String threadAction(ModelMap model, - @PathVariable String uname, - @PathVariable int mid, - @CookieValue(name = "sape_cookie", - required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) { - com.juick.User visitor = UserUtils.getCurrentUser(); - + protected String threadAction( + @Visitor User visitor, + ModelMap model, + @PathVariable String uname, + @PathVariable int mid, + @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) { if (!messagesService.canViewThread(mid, visitor.getUid())) { throw new HttpForbiddenException(); } @@ -603,8 +607,9 @@ public class MessagesWWW { } @GetMapping("/post") - protected String postAction(@RequestParam(required = false) String body, ModelMap model) { - com.juick.User visitor = UserUtils.getCurrentUser(); + protected String postAction( + @Visitor User visitor, + @RequestParam(required = false) String body, ModelMap model) { fillUserModel(model, visitor, visitor); visitor.setAvatar(webApp.getAvatarWebPath(visitor)); model.addAttribute("title", "Написать"); diff --git a/src/main/java/com/juick/server/www/controllers/Settings.java b/src/main/java/com/juick/server/www/controllers/Settings.java index d5a21d09..370c2154 100644 --- a/src/main/java/com/juick/server/www/controllers/Settings.java +++ b/src/main/java/com/juick/server/www/controllers/Settings.java @@ -20,9 +20,9 @@ import com.juick.User; import com.juick.model.NotifyOpts; import com.juick.server.util.HttpBadRequestException; import com.juick.server.util.HttpUtils; -import com.juick.server.util.UserUtils; import com.juick.server.www.WebApp; import com.juick.service.*; +import com.juick.service.security.annotation.Visitor; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -79,8 +79,10 @@ public class Settings { private WebApp webApp; @GetMapping("/settings") - protected String doGet(HttpServletRequest request, HttpServletResponse response, ModelMap model) throws IOException { - com.juick.User visitor = UserUtils.getCurrentUser(); + protected String doGet( + @Visitor User visitor, + HttpServletRequest request, + HttpServletResponse response, ModelMap model) throws IOException { if (visitor.isAnonymous()) { response.sendRedirect("/login"); } @@ -119,11 +121,12 @@ public class Settings { } @PostMapping("/settings") - protected String doPost(HttpServletRequest request, HttpServletResponse response, - @RequestParam(required = false) MultipartFile avatar, - ModelMap model) + protected String doPost( + @Visitor User visitor, + HttpServletRequest request, HttpServletResponse response, + @RequestParam(required = false) MultipartFile avatar, + ModelMap model) throws IOException { - com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.isAnonymous()) { throw new HttpBadRequestException(); } @@ -261,9 +264,10 @@ public class Settings { return "views/settings_result"; } @PostMapping("/settings/unsubscribe") - public String unsubscribeOneClick(@RequestParam(name = "List-Unsubscribe") String unsubscribe, - ModelMap model) { - User user = UserUtils.getCurrentUser(); + public String unsubscribeOneClick( + @Visitor User user, + @RequestParam(name = "List-Unsubscribe") String unsubscribe, + ModelMap model) { if (!user.isAnonymous()) { if (unsubscribe.equals("One-Click")) { emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY); diff --git a/src/main/java/com/juick/server/www/controllers/SignUp.java b/src/main/java/com/juick/server/www/controllers/SignUp.java index 30223952..8793478a 100644 --- a/src/main/java/com/juick/server/www/controllers/SignUp.java +++ b/src/main/java/com/juick/server/www/controllers/SignUp.java @@ -16,13 +16,14 @@ */ package com.juick.server.www.controllers; +import com.juick.User; import com.juick.server.util.HttpBadRequestException; import com.juick.server.util.HttpForbiddenException; -import com.juick.server.util.UserUtils; import com.juick.server.www.WebApp; import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.UserService; +import com.juick.service.security.annotation.Visitor; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; @@ -51,9 +52,9 @@ public class SignUp { @GetMapping("/signup") - protected String doGet(@RequestParam String type, @RequestParam String hash, ModelMap model) { - com.juick.User visitor = UserUtils.getCurrentUser(); - + protected String doGet( + @Visitor User visitor, + @RequestParam String type, @RequestParam String hash, ModelMap model) { if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { throw new HttpBadRequestException(); @@ -91,6 +92,7 @@ public class SignUp { @PostMapping("/signup") protected String doPost( + @Visitor User visitor, HttpServletResponse response, @RequestParam String type, @RequestParam String hash, @@ -98,7 +100,6 @@ public class SignUp { @RequestParam(required = false) String username, @RequestParam(required = false) String password, ModelMap modelMap) { - com.juick.User visitor = UserUtils.getCurrentUser(); int uid = 0; if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { diff --git a/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/src/main/java/com/juick/server/www/controllers/SocialLogin.java index 35d3c1f8..8081c54b 100644 --- a/src/main/java/com/juick/server/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/server/www/controllers/SocialLogin.java @@ -25,14 +25,14 @@ import com.github.scribejava.core.model.*; import com.github.scribejava.core.oauth.OAuth10aService; import com.github.scribejava.core.oauth.OAuth20Service; import com.juick.model.facebook.User; +import com.juick.model.vk.UsersResponse; import com.juick.server.Utils; import com.juick.server.util.HttpBadRequestException; -import com.juick.server.util.UserUtils; import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; -import com.juick.model.vk.UsersResponse; +import com.juick.service.security.annotation.Visitor; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.codec.digest.HmacAlgorithms; import org.apache.commons.codec.digest.HmacUtils; @@ -180,7 +180,9 @@ public class SocialLogin { } } @GetMapping("/_twitter") - protected void doTwitterLogin(HttpServletRequest request, HttpServletResponse response) + protected void doTwitterLogin( + @Visitor com.juick.User user, + HttpServletRequest request, HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY; String verifier = request.getParameter("oauth_verifier"); @@ -196,7 +198,6 @@ public class SocialLogin { request_token_secret = cookie.getValue(); } } - com.juick.User user = UserUtils.getCurrentUser(); OAuth10aService oAuthService = twitterBuilder .apiSecret(twitterConsumerSecret) .callback("https://juick.com/_twitter") |