1 files changed, 16 insertions, 6 deletions

diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 3d8e7027..66747df2 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -27,6 +27,7 @@ import com.juick.model.ext.vk.UsersResponse;
 import com.juick.service.EmailService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
+import com.juick.service.security.entities.JuickUser;
 import com.juick.util.HttpBadRequestException;
 
 import jakarta.annotation.PostConstruct;
@@ -44,6 +45,10 @@ import org.apache.commons.lang3.math.NumberUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.util.UriComponentsBuilder;
@@ -102,6 +107,8 @@ public class SocialLogin {
     private TelegramService telegramService;
     @Inject
     private AppleClientSecretGenerator clientSecretGenerator;
+    @Inject
+    private RememberMeServices rememberMeServices;
 
     @PostConstruct
     public void init() {
@@ -292,7 +299,8 @@ public class SocialLogin {
 
     @GetMapping("/_tglogin")
     public String doDurovLogin(@RequestParam Map<String, String> params,
-            @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) {
+                               @RequestHeader(value = "referer", required = false) String referer,
+                               HttpServletRequest request, HttpServletResponse response) {
         String dataCheckString = params.entrySet().stream().filter(p -> !p.getKey().equals("hash"))
                 .sorted(Map.Entry.comparingByKey()).map(p -> p.getKey() + "=" + p.getValue())
                 .collect(Collectors.joining("\n"));
@@ -301,11 +309,13 @@ public class SocialLogin {
         String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString);
         if (hash.equals(resultString)) {
             long tgUser = Long.parseLong(params.get("id"));
-            int uid = telegramService.getUser(tgUser);
-            if (uid > 0) {
-                Cookie c = new Cookie("hash", userService.getHashByUID(uid));
-                c.setMaxAge(50 * 24 * 60 * 60);
-                response.addCookie(c);
+            var user = userService.getUserByTelegramId(tgUser);
+            if (user.isPresent()) {
+                var authentication = new RememberMeAuthenticationToken(
+                        ((AbstractRememberMeServices) rememberMeServices).getKey(),
+                        new JuickUser(user.get()), JuickUser.USER_AUTHORITY);
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+                rememberMeServices.loginSuccess(request, response, authentication);
                 return "redirect:" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
             } else {
                 String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));