aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www/controllers/SignUp.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/www/controllers/SignUp.java')
-rw-r--r--src/main/java/com/juick/www/controllers/SignUp.java175
1 files changed, 175 insertions, 0 deletions
diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java
new file mode 100644
index 00000000..4e74d4c4
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/SignUp.java
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.juick.www.controllers;
+
+import com.juick.model.User;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.www.WebApp;
+import com.juick.service.CrosspostService;
+import com.juick.service.EmailService;
+import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import com.juick.service.security.entities.JuickUser;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class SignUp {
+
+ @Inject
+ private UserService userService;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private WebApp webApp;
+
+
+ @GetMapping("/signup")
+ protected String doGet(
+ @Visitor User visitor,
+ @RequestParam String type, @RequestParam String hash, ModelMap model) {
+ if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
+ || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+ throw new HttpBadRequestException();
+ }
+
+ String account = null;
+ switch (type) {
+ case "fb":
+ account = crosspostService.getFacebookNameByHash(hash);
+ break;
+ case "vk":
+ account = crosspostService.getVKNameByHash(hash);
+ break;
+ case "xmpp":
+ account = crosspostService.getJIDByHash(hash);
+ break;
+ case "durov":
+ account = crosspostService.getTelegramNameByHash(hash);
+ break;
+ case "email":
+ account = emailService.getEmailByAuthCode(hash);
+ }
+ if (account == null) {
+ throw new HttpBadRequestException();
+ }
+
+ model.addAttribute("title", "Новый пользователь");
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("account", account);
+ model.addAttribute("type", type);
+ model.addAttribute("hash", hash);
+ return "views/signup";
+ }
+
+ @PostMapping("/signup")
+ protected String doPost(
+ @Visitor User visitor,
+ @RequestParam String type,
+ @RequestParam String hash,
+ @RequestParam String action,
+ @RequestParam(required = false) String username,
+ @RequestParam(required = false) String password,
+ ModelMap modelMap) {
+ User current;
+
+ if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+ throw new HttpBadRequestException();
+ }
+
+ if (action.charAt(0) == 'l') {
+
+ if (visitor.isAnonymous()) {
+ if (username.length() > 32) {
+ throw new HttpBadRequestException();
+ }
+ current = userService.checkPassword(username, password).orElseThrow(HttpForbiddenException::new);
+ } else {
+ current = visitor;
+ }
+
+ if (current.getUid() <= 0) {
+ throw new HttpForbiddenException();
+ }
+
+ if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0
+ && crosspostService.setJIDUser(hash, current.getUid()))) {
+ if (type.equals("email")) {
+ String email = emailService.getEmailByAuthCode(hash);
+ emailService.addEmail(current.getUid(), email);
+ emailService.deleteAuthCode(hash);
+ } else {
+ if (type.equals("xmpp")) {
+ modelMap.addAttribute("visitor", visitor);
+ modelMap.addAttribute("result", "XMPP support is disabled for new users");
+ return "views/settings_result";
+ }
+ throw new HttpBadRequestException();
+ }
+ }
+
+ } else { // Create new account
+ if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
+ throw new HttpBadRequestException();
+ }
+
+ current = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new);
+
+ if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) {
+ if (type.equals("email")) {
+ String email = emailService.getEmailByAuthCode(hash);
+ emailService.addEmail(current.getUid(), email);
+ emailService.deleteAuthCode(hash);
+ } else {
+ if (type.equals("xmpp")) {
+ modelMap.addAttribute("visitor", visitor);
+ modelMap.addAttribute("result", "XMPP support is disabled for new users");
+ return "views/settings_result";
+ }
+ throw new HttpBadRequestException();
+ }
+ }
+ }
+
+ if (visitor.isAnonymous()) {
+ UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
+ new UsernamePasswordAuthenticationToken(new JuickUser(current), password, JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
+ }
+ return "redirect:/";
+ }
+}