diff options
Diffstat (limited to 'src/main/java/com/juick/www/controllers/Settings.java')
| -rw-r--r-- | src/main/java/com/juick/www/controllers/Settings.java | 64 |
1 files changed, 37 insertions, 27 deletions
diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java index d95b21b7..11f31efb 100644 --- a/src/main/java/com/juick/www/controllers/Settings.java +++ b/src/main/java/com/juick/www/controllers/Settings.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2023, Juick + * Copyright (C) 2008-2024, Juick * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -23,7 +23,7 @@ import java.util.Locale; import java.util.ResourceBundle; import java.util.stream.IntStream; -import javax.inject.Inject; +import jakarta.inject.Inject; import com.juick.model.User; import com.juick.service.EmailService; @@ -150,14 +150,20 @@ public class Settings { visitor.setCountry(request.getParameter("country")); visitor.setUrl(request.getParameter("url")); visitor.setDescription(request.getParameter("descr")); - String avatarTmpPath = HttpUtils.receiveMultiPartFile(newAvatar, storageService.getTemporaryDirectory()).getHost(); - if (StringUtils.isNotEmpty(avatarTmpPath)) { - storageService.saveAvatar(avatarTmpPath, visitor); - } - if (userService.updateUserInfo(visitor)) { - result = String.format("<p>Your info is updated.</p><p><a href='/%s/'>Back to blog</a>.</p>", visitor.getName()); + try { + String avatarTmpPath = HttpUtils + .receiveMultiPartFile(newAvatar, storageService.getTemporaryDirectory()).getHost(); + if (StringUtils.isNotEmpty(avatarTmpPath)) { + storageService.saveAvatar(avatarTmpPath, visitor); + } + if (userService.updateUserInfo(visitor)) { + result = String.format("<p>Your info is updated.</p><p><a href='/%s/'>Back to blog</a>.</p>", + visitor.getName()); + } + applicationEventPublisher.publishEvent(new UpdateUserEvent(this, visitor)); + } catch (Exception e) { + result = "<p>" + e.getMessage() + ". <a href=\"/settings\">Back</a>.</p>"; } - applicationEventPublisher.publishEvent(new UpdateUserEvent(this, visitor)); break; case "jid-del": // FIXME: stop using ugnich-csv in parameters @@ -175,25 +181,29 @@ public class Settings { } break; case "email-add": - if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) { - String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); - if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) { - Session session = Session.getDefaultInstance(System.getProperties()); - try { - MimeMessage message = new MimeMessage(session); - message.setFrom(new InternetAddress("noreply@juick.com")); - message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account"))); - message.setSubject("Juick authorization link"); - message.setText(String.format("Follow link to attach this email to Juick account:\n" + - "http://juick.com/settings?page=auth-email&code=%s\n\n" + - "If you don't know, what this mean - just ignore this mail.\n", authCode)); - Transport.send(message); - result = "<p>Authorization link has been sent to your email. Follow it to proceed.</p>" + - "<p><a href=\"/settings\">Back</a></p>"; + if (!emailService.isValidEmail(request.getParameter("account"))) { + result = "<p>Invalid email. <a href=\"/settings\">Back</a>.</p>"; + } else { + if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) { + String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) { + Session session = Session.getDefaultInstance(System.getProperties()); + try { + MimeMessage message = new MimeMessage(session); + message.setFrom(new InternetAddress("noreply@juick.com")); + message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account"))); + message.setSubject("Juick authorization link"); + message.setText(String.format("Follow link to attach this email to Juick account:\n" + + "https://juick.com/settings?page=auth-email&code=%s\n\n" + + "If you don't know, what this mean - just ignore this mail.\n", authCode)); + Transport.send(message); + result = "<p>Authorization link has been sent to your email. Follow it to proceed.</p>" + + "<p><a href=\"/settings\">Back</a></p>"; - } catch (MessagingException ex) { - logger.error("mail exception", ex); - throw new HttpBadRequestException(); + } catch (MessagingException ex) { + logger.error("mail exception", ex); + throw new HttpBadRequestException(); + } } } } |