diff options
Diffstat (limited to 'src/main/java/com/juick/www/controllers/SocialLogin.java')
-rw-r--r-- | src/main/java/com/juick/www/controllers/SocialLogin.java | 75 |
1 files changed, 43 insertions, 32 deletions
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java index 5e9e8b8f..7acd6cdd 100644 --- a/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -24,7 +24,6 @@ import com.github.scribejava.core.oauth.OAuth10aService; import com.github.scribejava.core.oauth.OAuth20Service; import com.juick.model.ext.facebook.User; import com.juick.model.ext.vk.UsersResponse; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; @@ -52,6 +51,8 @@ import javax.inject.Inject; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + import java.io.IOException; import java.util.List; import java.util.Map; @@ -69,6 +70,8 @@ public class SocialLogin { private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class); + public static final String AUTH_ERROR = "SocialLogin.AuthenticationError"; + @Value("${facebook_appid:appid}") private String FACEBOOK_APPID; @Value("${facebook_secret:secret}") @@ -95,8 +98,6 @@ public class SocialLogin { @Value("${apple_app_id:appid}") private String appleApplicationId; @Inject - private CrosspostService crosspostService; - @Inject private UserService userService; @Inject private EmailService emailService; @@ -125,18 +126,18 @@ public class SocialLogin { @GetMapping("/_fblogin") protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code, @RequestParam(required = false) String state, - @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) - throws IOException, ExecutionException, InterruptedException { + @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response, + HttpSession session) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String fbstate = UUID.randomUUID().toString(); if (StringUtils.isBlank(state)) { state = Optional.ofNullable(referer).orElse("https://juick.com/"); } - crosspostService.addFacebookState(fbstate, state); + userService.addFacebookState(fbstate, state); return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); } - String redirectUrl = crosspostService.verifyFacebookState(state); + String redirectUrl = userService.verifyFacebookState(state); if (StringUtils.isEmpty(redirectUrl)) { logger.error("state is missing"); throw new HttpBadRequestException(); @@ -157,26 +158,30 @@ public class SocialLogin { throw new HttpBadRequestException(); } - int uid = crosspostService.getUIDbyFBID(fbID); - if (uid > 0) { - if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { + Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID); + if (existingFacebookUser.isPresent()) { + if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken()); throw new HttpBadRequestException(); } - Cookie c = new Cookie("hash", userService.getHashByUID(uid)); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:" + redirectUrl; - } else { - if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { - if (StringUtils.isNotEmpty(fb.getEmail())) { - logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); - Integer userId = crosspostService.getUIDbyFBID(fbID); - if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { - emailService.addEmail(userId, fb.getEmail()); - } + if (StringUtils.isNotEmpty(fb.getEmail())) { + logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); + Optional<com.juick.model.User> newFacebookUser = userService.getUserByFacebookId(fbID); + if (!emailService.getEmails(newFacebookUser.get().getUid(), false).contains(fb.getEmail())) { + emailService.addEmail(newFacebookUser.get().getUid(), fb.getEmail()); } - logger.info("email not found for facebook user {}", fb.getName()); + } + if (!existingFacebookUser.get().isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:" + redirectUrl; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } + } else { + if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { throw new HttpBadRequestException(); } return "redirect:/signup?type=fb&hash=" + state; @@ -257,7 +262,8 @@ public class SocialLogin { Response vkResponse = vkAuthService.execute(meRequest); if (vkResponse.isSuccessful()) { String graph = vkResponse.getBody(); - com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new); + com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream() + .findFirst().orElseThrow(HttpBadRequestException::new); String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName(); String vkLink = jsonUser.getScreenName(); @@ -267,7 +273,7 @@ public class SocialLogin { } long vkID = NumberUtils.toLong(jsonUser.getId(), 0); - int uid = crosspostService.getUIDbyVKID(vkID); + int uid = userService.getUIDbyVKID(vkID); if (uid > 0) { Cookie c = new Cookie("hash", userService.getHashByUID(uid)); c.setMaxAge(50 * 24 * 60 * 60); @@ -275,14 +281,14 @@ public class SocialLogin { return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY); } else { String loginhash = UUID.randomUUID().toString(); - if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { + if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { logger.error("create vk user error"); throw new HttpBadRequestException(); } return "redirect:/signup?type=vk&hash=" + loginhash; } } else { - logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); + logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); throw new HttpBadRequestException(); } } @@ -332,7 +338,7 @@ public class SocialLogin { @PostMapping("/_apple") public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, - @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException { + @RequestParam Map<String, String> body, HttpSession session) throws InterruptedException, ExecutionException, IOException { OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code")); var jsonNode = jsonMapper.readTree(token.getRawResponse()); var idToken = jsonNode.get("id_token").textValue(); @@ -341,10 +347,15 @@ public class SocialLogin { if (email.isPresent()) { com.juick.model.User user = userService.getUserByEmail(email.get()); if (!user.isAnonymous()) { - Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:/"; + if (!user.isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/"; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } } else { String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); emailService.addVerificationCode(null, email.get(), verificationCode); |