aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/www
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/server/www')
-rw-r--r--src/main/java/com/juick/server/www/controllers/Help.java11
-rw-r--r--src/main/java/com/juick/server/www/controllers/Login.java13
-rw-r--r--src/main/java/com/juick/server/www/controllers/MessagesWWW.java69
-rw-r--r--src/main/java/com/juick/server/www/controllers/Settings.java24
-rw-r--r--src/main/java/com/juick/server/www/controllers/SignUp.java11
-rw-r--r--src/main/java/com/juick/server/www/controllers/SocialLogin.java9
6 files changed, 74 insertions, 63 deletions
diff --git a/src/main/java/com/juick/server/www/controllers/Help.java b/src/main/java/com/juick/server/www/controllers/Help.java
index 12abee80..909e8acb 100644
--- a/src/main/java/com/juick/server/www/controllers/Help.java
+++ b/src/main/java/com/juick/server/www/controllers/Help.java
@@ -17,11 +17,12 @@
package com.juick.server.www.controllers;
+import com.juick.User;
import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.util.UserUtils;
+import com.juick.server.www.HelpService;
import com.juick.server.www.WebApp;
import com.juick.service.MessagesService;
-import com.juick.server.www.HelpService;
+import com.juick.service.security.annotation.Visitor;
import org.commonmark.parser.Parser;
import org.commonmark.renderer.html.HtmlRenderer;
import org.springframework.stereotype.Controller;
@@ -30,8 +31,6 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import javax.inject.Inject;
-import java.io.IOException;
-import java.net.URISyntaxException;
import java.util.Locale;
import java.util.Objects;
@@ -53,12 +52,12 @@ public class Help {
@GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"})
public String showHelp(
+ @Visitor User visitor,
Locale locale,
@PathVariable(required = false, name = "lang") String lang,
@PathVariable(required = false, name = "page") String page,
@PathVariable(required = false, name = "langOrPage") String langOrPage,
- Model model) throws IOException, URISyntaxException {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ Model model) {
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
String navigation = null;
diff --git a/src/main/java/com/juick/server/www/controllers/Login.java b/src/main/java/com/juick/server/www/controllers/Login.java
index d933934e..9fca57e7 100644
--- a/src/main/java/com/juick/server/www/controllers/Login.java
+++ b/src/main/java/com/juick/server/www/controllers/Login.java
@@ -16,8 +16,9 @@
*/
package com.juick.server.www.controllers;
-import com.juick.server.util.UserUtils;
+import com.juick.User;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
@@ -34,17 +35,17 @@ public class Login {
private UserService userService;
@GetMapping("/login")
- public String getloginForm(@RequestParam(required = false, defaultValue = "true") boolean redirect) {
- com.juick.User visitor = UserUtils.getCurrentUser();
-
+ public String getloginForm(
+ @Visitor User visitor,
+ @RequestParam(required = false, defaultValue = "true") boolean redirect) {
if (!visitor.isAnonymous()) {
return redirect ? "redirect:/" : "redirect:/login/success";
}
return "views/login";
}
@GetMapping("/login/success")
- public String getSuccessLogin(ModelMap model) {
- model.addAttribute("hash", userService.getHashByUID(UserUtils.getCurrentUser().getUid()));
+ public String getSuccessLogin(@Visitor User visitor, ModelMap model) {
+ model.addAttribute("hash", userService.getHashByUID(visitor.getUid()));
return "views/login_success";
}
}
diff --git a/src/main/java/com/juick/server/www/controllers/MessagesWWW.java b/src/main/java/com/juick/server/www/controllers/MessagesWWW.java
index e1c1bed8..501c0d82 100644
--- a/src/main/java/com/juick/server/www/controllers/MessagesWWW.java
+++ b/src/main/java/com/juick/server/www/controllers/MessagesWWW.java
@@ -18,14 +18,15 @@ package com.juick.server.www.controllers;
import com.juick.Message;
import com.juick.Tag;
+import com.juick.User;
import com.juick.formatters.PlainTextFormatter;
import com.juick.server.Utils;
import com.juick.server.util.HttpForbiddenException;
import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.util.UserUtils;
import com.juick.server.util.WebUtils;
import com.juick.server.www.WebApp;
import com.juick.service.*;
+import com.juick.service.security.annotation.Visitor;
import com.juick.util.MessageUtils;
import org.apache.commons.codec.CharEncoding;
import org.apache.commons.lang3.StringUtils;
@@ -92,6 +93,7 @@ public class MessagesWWW {
@GetMapping("/")
protected String doGet(
+ @Visitor User visitor,
@RequestParam(required = false) String tag,
@RequestParam(name = "show", required = false) String paramShow,
@RequestParam(name = "search", required = false) String paramSearch,
@@ -103,8 +105,6 @@ public class MessagesWWW {
if (tag != null) {
return "redirect:/tag/" + URLEncoder.encode(tag, StandardCharsets.UTF_8);
}
- com.juick.User visitor = UserUtils.getCurrentUser();
-
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
if (paramSearch != null && paramSearch.length() > 64) {
@@ -199,6 +199,7 @@ public class MessagesWWW {
@GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade")
protected String doGetBlog(
+ @Visitor User visitor,
@RequestParam(required = false, name = "show") String paramShow,
@RequestParam(required = false, name = "tag") String paramTagStr,
@RequestParam(required = false, name = "search") String paramSearch,
@@ -208,7 +209,6 @@ public class MessagesWWW {
@CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie,
ModelMap model) throws IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = UserUtils.getCurrentUser();
if (user.isBanned() || user.isAnonymous()) {
throw new HttpNotFoundException();
}
@@ -317,9 +317,10 @@ public class MessagesWWW {
}
@GetMapping("/{uname}/tags")
- protected String doGetTags(@PathVariable String uname, ModelMap model) {
+ protected String doGetTags(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isBanned()) {
throw new HttpNotFoundException();
}
@@ -336,9 +337,10 @@ public class MessagesWWW {
}
@GetMapping("/{uname}/friends")
- protected String doGetFriends(@PathVariable String uname, ModelMap model) {
+ protected String doGetFriends(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isBanned()) {
throw new HttpNotFoundException();
}
@@ -353,9 +355,10 @@ public class MessagesWWW {
}
@GetMapping("/{uname}/readers")
- protected String doGetReaders(@PathVariable String uname, ModelMap model) throws IOException {
+ protected String doGetReaders(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) throws IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = UserUtils.getCurrentUser();
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
model.addAttribute("title", "Читатели " + user.getName());
model.addAttribute("headers", "<meta name=\"robots\" content=\"noindex\"/>");
@@ -367,9 +370,10 @@ public class MessagesWWW {
}
@GetMapping("/{uname}/bl")
- protected String doGetBL(@PathVariable String uname, ModelMap model) throws IOException {
+ protected String doGetBL(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) throws IOException {
com.juick.User user = userService.getUserByName(uname);
- com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() != user.getUid()) {
throw new HttpForbiddenException();
}
@@ -383,12 +387,13 @@ public class MessagesWWW {
return "views/users";
}
@GetMapping("/tag/{tagName}")
- protected String tagAction(HttpServletRequest request,
- @PathVariable String tagName,
- @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie,
- @RequestParam(required = false, defaultValue = "0") int before,
- ModelMap model) throws IOException {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ protected String tagAction(
+ @Visitor User visitor,
+ HttpServletRequest request,
+ @PathVariable String tagName,
+ @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie,
+ @RequestParam(required = false, defaultValue = "0") int before,
+ ModelMap model) throws IOException {
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName);
com.juick.Tag paramTag = tagService.getTag(paramTagStr, false);
@@ -457,8 +462,7 @@ public class MessagesWWW {
return "views/index";
}
@GetMapping("/pm/inbox")
- protected String doGetInbox(ModelMap model) {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ protected String doGetInbox(@Visitor User visitor, ModelMap model) {
if (visitor.isAnonymous()) {
return "redirect:/login";
}
@@ -475,9 +479,10 @@ public class MessagesWWW {
}
@GetMapping("/pm/sent")
- protected String doGetSent(@RequestParam(required = false) String uname,
- ModelMap model) {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ protected String doGetSent(
+ @Visitor User visitor,
+ @RequestParam(required = false) String uname,
+ ModelMap model) {
if (visitor.isAnonymous()) {
return "redirect:/login";
}
@@ -497,13 +502,12 @@ public class MessagesWWW {
return "views/pm_sent";
}
@GetMapping(value = "/{uname}/{mid}", produces = MediaType.TEXT_HTML_VALUE)
- protected String threadAction(ModelMap model,
- @PathVariable String uname,
- @PathVariable int mid,
- @CookieValue(name = "sape_cookie",
- required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) {
- com.juick.User visitor = UserUtils.getCurrentUser();
-
+ protected String threadAction(
+ @Visitor User visitor,
+ ModelMap model,
+ @PathVariable String uname,
+ @PathVariable int mid,
+ @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) {
if (!messagesService.canViewThread(mid, visitor.getUid())) {
throw new HttpForbiddenException();
}
@@ -603,8 +607,9 @@ public class MessagesWWW {
}
@GetMapping("/post")
- protected String postAction(@RequestParam(required = false) String body, ModelMap model) {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ protected String postAction(
+ @Visitor User visitor,
+ @RequestParam(required = false) String body, ModelMap model) {
fillUserModel(model, visitor, visitor);
visitor.setAvatar(webApp.getAvatarWebPath(visitor));
model.addAttribute("title", "Написать");
diff --git a/src/main/java/com/juick/server/www/controllers/Settings.java b/src/main/java/com/juick/server/www/controllers/Settings.java
index d5a21d09..370c2154 100644
--- a/src/main/java/com/juick/server/www/controllers/Settings.java
+++ b/src/main/java/com/juick/server/www/controllers/Settings.java
@@ -20,9 +20,9 @@ import com.juick.User;
import com.juick.model.NotifyOpts;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpUtils;
-import com.juick.server.util.UserUtils;
import com.juick.server.www.WebApp;
import com.juick.service.*;
+import com.juick.service.security.annotation.Visitor;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@@ -79,8 +79,10 @@ public class Settings {
private WebApp webApp;
@GetMapping("/settings")
- protected String doGet(HttpServletRequest request, HttpServletResponse response, ModelMap model) throws IOException {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ protected String doGet(
+ @Visitor User visitor,
+ HttpServletRequest request,
+ HttpServletResponse response, ModelMap model) throws IOException {
if (visitor.isAnonymous()) {
response.sendRedirect("/login");
}
@@ -119,11 +121,12 @@ public class Settings {
}
@PostMapping("/settings")
- protected String doPost(HttpServletRequest request, HttpServletResponse response,
- @RequestParam(required = false) MultipartFile avatar,
- ModelMap model)
+ protected String doPost(
+ @Visitor User visitor,
+ HttpServletRequest request, HttpServletResponse response,
+ @RequestParam(required = false) MultipartFile avatar,
+ ModelMap model)
throws IOException {
- com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isAnonymous()) {
throw new HttpBadRequestException();
}
@@ -261,9 +264,10 @@ public class Settings {
return "views/settings_result";
}
@PostMapping("/settings/unsubscribe")
- public String unsubscribeOneClick(@RequestParam(name = "List-Unsubscribe") String unsubscribe,
- ModelMap model) {
- User user = UserUtils.getCurrentUser();
+ public String unsubscribeOneClick(
+ @Visitor User user,
+ @RequestParam(name = "List-Unsubscribe") String unsubscribe,
+ ModelMap model) {
if (!user.isAnonymous()) {
if (unsubscribe.equals("One-Click")) {
emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY);
diff --git a/src/main/java/com/juick/server/www/controllers/SignUp.java b/src/main/java/com/juick/server/www/controllers/SignUp.java
index 30223952..8793478a 100644
--- a/src/main/java/com/juick/server/www/controllers/SignUp.java
+++ b/src/main/java/com/juick/server/www/controllers/SignUp.java
@@ -16,13 +16,14 @@
*/
package com.juick.server.www.controllers;
+import com.juick.User;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpForbiddenException;
-import com.juick.server.util.UserUtils;
import com.juick.server.www.WebApp;
import com.juick.service.CrosspostService;
import com.juick.service.EmailService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
@@ -51,9 +52,9 @@ public class SignUp {
@GetMapping("/signup")
- protected String doGet(@RequestParam String type, @RequestParam String hash, ModelMap model) {
- com.juick.User visitor = UserUtils.getCurrentUser();
-
+ protected String doGet(
+ @Visitor User visitor,
+ @RequestParam String type, @RequestParam String hash, ModelMap model) {
if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
|| !hash.matches("^[a-zA-Z0-9\\-]+$")) {
throw new HttpBadRequestException();
@@ -91,6 +92,7 @@ public class SignUp {
@PostMapping("/signup")
protected String doPost(
+ @Visitor User visitor,
HttpServletResponse response,
@RequestParam String type,
@RequestParam String hash,
@@ -98,7 +100,6 @@ public class SignUp {
@RequestParam(required = false) String username,
@RequestParam(required = false) String password,
ModelMap modelMap) {
- com.juick.User visitor = UserUtils.getCurrentUser();
int uid = 0;
if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
diff --git a/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
index 35d3c1f8..8081c54b 100644
--- a/src/main/java/com/juick/server/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
@@ -25,14 +25,14 @@ import com.github.scribejava.core.model.*;
import com.github.scribejava.core.oauth.OAuth10aService;
import com.github.scribejava.core.oauth.OAuth20Service;
import com.juick.model.facebook.User;
+import com.juick.model.vk.UsersResponse;
import com.juick.server.Utils;
import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.UserUtils;
import com.juick.service.CrosspostService;
import com.juick.service.EmailService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
-import com.juick.model.vk.UsersResponse;
+import com.juick.service.security.annotation.Visitor;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.HmacAlgorithms;
import org.apache.commons.codec.digest.HmacUtils;
@@ -180,7 +180,9 @@ public class SocialLogin {
}
}
@GetMapping("/_twitter")
- protected void doTwitterLogin(HttpServletRequest request, HttpServletResponse response)
+ protected void doTwitterLogin(
+ @Visitor com.juick.User user,
+ HttpServletRequest request, HttpServletResponse response)
throws IOException, ExecutionException, InterruptedException {
String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
String verifier = request.getParameter("oauth_verifier");
@@ -196,7 +198,6 @@ public class SocialLogin {
request_token_secret = cookie.getValue();
}
}
- com.juick.User user = UserUtils.getCurrentUser();
OAuth10aService oAuthService = twitterBuilder
.apiSecret(twitterConsumerSecret)
.callback("https://juick.com/_twitter")