aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/www/controllers')
-rw-r--r--src/main/java/com/juick/www/controllers/Login.java6
-rw-r--r--src/main/java/com/juick/www/controllers/Settings.java16
-rw-r--r--src/main/java/com/juick/www/controllers/SignUp.java25
-rw-r--r--src/main/java/com/juick/www/controllers/Site.java4
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java75
5 files changed, 68 insertions, 58 deletions
diff --git a/src/main/java/com/juick/www/controllers/Login.java b/src/main/java/com/juick/www/controllers/Login.java
index 33fcc011..41d902de 100644
--- a/src/main/java/com/juick/www/controllers/Login.java
+++ b/src/main/java/com/juick/www/controllers/Login.java
@@ -51,6 +51,12 @@ public class Login {
model.addAttribute("authErrorMessage", authEx.getLocalizedMessage());
}
+ String socialLoginError = (String) session.getAttribute(SocialLogin.AUTH_ERROR);
+
+ if (socialLoginError != null) {
+ model.addAttribute("authErrorMessage", socialLoginError);
+ }
+
return "layouts/login";
}
diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java
index a9240cab..50b4ea14 100644
--- a/src/main/java/com/juick/www/controllers/Settings.java
+++ b/src/main/java/com/juick/www/controllers/Settings.java
@@ -70,8 +70,6 @@ public class Settings {
@Inject
private UserService userService;
@Inject
- private CrosspostService crosspostService;
- @Inject
private SubscriptionService subscriptionService;
@Inject
private EmailService emailService;
@@ -111,9 +109,9 @@ public class Settings {
List<String> hours = IntStream.rangeClosed(0, 23).boxed()
.map(i -> StringUtils.leftPad(String.format("%d", i), 2, "0")).collect(Collectors.toList());
model.addAttribute("hours", hours);
- model.addAttribute("fbstatus", crosspostService.getFbCrossPostStatus(visitor.getUid()));
- model.addAttribute("twitter_name", crosspostService.getTwitterName(visitor.getUid()));
- model.addAttribute("telegram_name", crosspostService.getTelegramName(visitor.getUid()));
+ model.addAttribute("fbstatus", userService.getFbCrossPostStatus(visitor.getUid()));
+ model.addAttribute("twitter_name", userService.getTwitterName(visitor.getUid()));
+ model.addAttribute("telegram_name", userService.getTelegramName(visitor.getUid()));
model.addAttribute("notify_options", subscriptionService.getNotifyOptions(visitor));
model.addAttribute("userinfo", userService.getUserInfo(visitor));
if (page.equals("auth-email")) {
@@ -232,7 +230,7 @@ public class Settings {
}
break;
case "twitter-del":
- crosspostService.deleteTwitterToken(visitor.getUid());
+ userService.deleteTwitterToken(visitor.getUid());
for (Cookie cookie : request.getCookies()) {
if (cookie.getName().equals("request_token")) {
cookie.setMaxAge(0);
@@ -250,15 +248,15 @@ public class Settings {
result = "<p><a href=\"/settings\">Back</a></p>";
break;
case "facebook-disable":
- crosspostService.disableFBCrosspost(visitor.getUid());
+ userService.disableFBCrosspost(visitor.getUid());
result = "<p><a href=\"/settings\">Back</a></p>";
break;
case "facebook-enable":
- crosspostService.enableFBCrosspost(visitor.getUid());
+ userService.enableFBCrosspost(visitor.getUid());
result = "<p><a href=\"/settings\">Back</a></p>";
break;
case "vk-del":
- crosspostService.deleteVKUser(visitor.getUid());
+ userService.deleteVKUser(visitor.getUid());
result = "<p><a href=\"/settings\">Back</a></p>";
break;
default:
diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java
index c07374f5..9fc04dd5 100644
--- a/src/main/java/com/juick/www/controllers/SignUp.java
+++ b/src/main/java/com/juick/www/controllers/SignUp.java
@@ -21,7 +21,6 @@ import com.juick.util.HttpBadRequestException;
import com.juick.util.HttpForbiddenException;
import com.juick.util.UsernameTakenException;
import com.juick.www.WebApp;
-import com.juick.service.CrosspostService;
import com.juick.service.EmailService;
import com.juick.service.UserService;
import com.juick.service.security.annotation.Visitor;
@@ -46,8 +45,6 @@ public class SignUp {
@Inject
private UserService userService;
@Inject
- private CrosspostService crosspostService;
- @Inject
private EmailService emailService;
@Inject
private WebApp webApp;
@@ -65,16 +62,16 @@ public class SignUp {
String account = null;
switch (type) {
case "fb":
- account = crosspostService.getFacebookNameByHash(hash);
+ account = userService.getFacebookNameByHash(hash);
break;
case "vk":
- account = crosspostService.getVKNameByHash(hash);
+ account = userService.getVKNameByHash(hash);
break;
case "xmpp":
- account = crosspostService.getJIDByHash(hash);
+ account = userService.getJIDByHash(hash);
break;
case "durov":
- account = crosspostService.getTelegramNameByHash(hash);
+ account = userService.getTelegramNameByHash(hash);
break;
case "email":
account = emailService.getEmailByAuthCode(hash);
@@ -128,11 +125,11 @@ public class SignUp {
return "views/signup_result";
}
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))
+ if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid()))
&& !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0
- && crosspostService.setJIDUser(hash, current.getUid()))) {
+ && userService.setJIDUser(hash, current.getUid()))) {
if (type.equals("email")) {
String email = emailService.getEmailByAuthCode(hash);
emailService.addEmail(current.getUid(), email);
@@ -163,9 +160,9 @@ public class SignUp {
return "views/signup_result";
}
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) {
+ if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid()))) {
if (type.equals("email")) {
String email = emailService.getEmailByAuthCode(hash);
emailService.addEmail(current.getUid(), email);
diff --git a/src/main/java/com/juick/www/controllers/Site.java b/src/main/java/com/juick/www/controllers/Site.java
index 27e84001..682ed247 100644
--- a/src/main/java/com/juick/www/controllers/Site.java
+++ b/src/main/java/com/juick/www/controllers/Site.java
@@ -68,8 +68,6 @@ public class Site {
@Inject
private PMQueriesService pmQueriesService;
@Inject
- private CrosspostService crosspostService;
- @Inject
private WebApp webApp;
private void fillUserModel(ModelMap model, User user, User visitor) {
@@ -517,7 +515,7 @@ public class Site {
+ pageUrl + "\" />\n" + "<meta property=\"og:title\" content=\"" + msg.getUser().getName()
+ " at Juick\" />\n" + "<meta property=\"og:description\" content=\"" + cardDescription + "\" />\n"
+ "<meta name=\"Description\" content=\"" + cardDescription + "\" />\n";
- String twitterName = crosspostService.getTwitterName(msg.getUser().getUid());
+ String twitterName = userService.getTwitterName(msg.getUser().getUid());
if (StringUtils.isNotEmpty(twitterName)) {
headers += "<meta name=\"twitter:creator\" content=\"@" + twitterName + "\" />\n";
}
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 5e9e8b8f..7acd6cdd 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -24,7 +24,6 @@ import com.github.scribejava.core.oauth.OAuth10aService;
import com.github.scribejava.core.oauth.OAuth20Service;
import com.juick.model.ext.facebook.User;
import com.juick.model.ext.vk.UsersResponse;
-import com.juick.service.CrosspostService;
import com.juick.service.EmailService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
@@ -52,6 +51,8 @@ import javax.inject.Inject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
import java.io.IOException;
import java.util.List;
import java.util.Map;
@@ -69,6 +70,8 @@ public class SocialLogin {
private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
+ public static final String AUTH_ERROR = "SocialLogin.AuthenticationError";
+
@Value("${facebook_appid:appid}")
private String FACEBOOK_APPID;
@Value("${facebook_secret:secret}")
@@ -95,8 +98,6 @@ public class SocialLogin {
@Value("${apple_app_id:appid}")
private String appleApplicationId;
@Inject
- private CrosspostService crosspostService;
- @Inject
private UserService userService;
@Inject
private EmailService emailService;
@@ -125,18 +126,18 @@ public class SocialLogin {
@GetMapping("/_fblogin")
protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code,
@RequestParam(required = false) String state,
- @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response)
- throws IOException, ExecutionException, InterruptedException {
+ @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response,
+ HttpSession session) throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
String fbstate = UUID.randomUUID().toString();
if (StringUtils.isBlank(state)) {
state = Optional.ofNullable(referer).orElse("https://juick.com/");
}
- crosspostService.addFacebookState(fbstate, state);
+ userService.addFacebookState(fbstate, state);
return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
}
- String redirectUrl = crosspostService.verifyFacebookState(state);
+ String redirectUrl = userService.verifyFacebookState(state);
if (StringUtils.isEmpty(redirectUrl)) {
logger.error("state is missing");
throw new HttpBadRequestException();
@@ -157,26 +158,30 @@ public class SocialLogin {
throw new HttpBadRequestException();
}
- int uid = crosspostService.getUIDbyFBID(fbID);
- if (uid > 0) {
- if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
+ Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID);
+ if (existingFacebookUser.isPresent()) {
+ if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken());
throw new HttpBadRequestException();
}
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:" + redirectUrl;
- } else {
- if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
- if (StringUtils.isNotEmpty(fb.getEmail())) {
- logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
- Integer userId = crosspostService.getUIDbyFBID(fbID);
- if (!emailService.getEmails(userId, false).contains(fb.getEmail())) {
- emailService.addEmail(userId, fb.getEmail());
- }
+ if (StringUtils.isNotEmpty(fb.getEmail())) {
+ logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
+ Optional<com.juick.model.User> newFacebookUser = userService.getUserByFacebookId(fbID);
+ if (!emailService.getEmails(newFacebookUser.get().getUid(), false).contains(fb.getEmail())) {
+ emailService.addEmail(newFacebookUser.get().getUid(), fb.getEmail());
}
- logger.info("email not found for facebook user {}", fb.getName());
+ }
+ if (!existingFacebookUser.get().isBanned()) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid()));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:" + redirectUrl;
+ } else {
+ session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+ return "redirect:/login";
+ }
+ } else {
+ if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
throw new HttpBadRequestException();
}
return "redirect:/signup?type=fb&hash=" + state;
@@ -257,7 +262,8 @@ public class SocialLogin {
Response vkResponse = vkAuthService.execute(meRequest);
if (vkResponse.isSuccessful()) {
String graph = vkResponse.getBody();
- com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new);
+ com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream()
+ .findFirst().orElseThrow(HttpBadRequestException::new);
String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
String vkLink = jsonUser.getScreenName();
@@ -267,7 +273,7 @@ public class SocialLogin {
}
long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
- int uid = crosspostService.getUIDbyVKID(vkID);
+ int uid = userService.getUIDbyVKID(vkID);
if (uid > 0) {
Cookie c = new Cookie("hash", userService.getHashByUID(uid));
c.setMaxAge(50 * 24 * 60 * 60);
@@ -275,14 +281,14 @@ public class SocialLogin {
return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
} else {
String loginhash = UUID.randomUUID().toString();
- if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
+ if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
logger.error("create vk user error");
throw new HttpBadRequestException();
}
return "redirect:/signup?type=vk&hash=" + loginhash;
}
} else {
- logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody());
+ logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody());
throw new HttpBadRequestException();
}
}
@@ -332,7 +338,7 @@ public class SocialLogin {
@PostMapping("/_apple")
public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response,
- @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException {
+ @RequestParam Map<String, String> body, HttpSession session) throws InterruptedException, ExecutionException, IOException {
OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code"));
var jsonNode = jsonMapper.readTree(token.getRawResponse());
var idToken = jsonNode.get("id_token").textValue();
@@ -341,10 +347,15 @@ public class SocialLogin {
if (email.isPresent()) {
com.juick.model.User user = userService.getUserByEmail(email.get());
if (!user.isAnonymous()) {
- Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/";
+ if (!user.isBanned()) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:/";
+ } else {
+ session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+ return "redirect:/login";
+ }
} else {
String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
emailService.addVerificationCode(null, email.get(), verificationCode);
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-03 10:22:56 +0000