diff options
Diffstat (limited to 'src/main/java/com/juick')
-rw-r--r-- | src/main/java/com/juick/server/api/ApiSocialLogin.java | 31 | ||||
-rw-r--r-- | src/main/java/com/juick/server/configuration/SecurityConfig.java | 2 |
2 files changed, 30 insertions, 3 deletions
diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java index 9e111223..7b9b56f0 100644 --- a/src/main/java/com/juick/server/api/ApiSocialLogin.java +++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java @@ -31,6 +31,7 @@ import com.google.api.client.http.HttpTransport; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.JsonFactory; import com.google.api.client.json.jackson2.JacksonFactory; +import com.juick.model.Auth; import com.juick.model.facebook.User; import com.juick.server.util.HttpBadRequestException; import com.juick.server.util.HttpForbiddenException; @@ -39,6 +40,7 @@ import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; import com.juick.model.vk.UsersResponse; +import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; import org.slf4j.Logger; @@ -293,13 +295,38 @@ public class ApiSocialLogin { } @ResponseBody @PostMapping("/api/_google") - public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString) + public Auth googleSignIn(@RequestParam(name = "idToken") String idTokenString) throws GeneralSecurityException, IOException { logger.info("Token: {}", idTokenString); logger.info("Client: {}", googleClientId); GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { - return idToken.getPayload(); + String email = idToken.getPayload().getEmail(); + if (!userService.getUserByEmail(email).isAnonymous()) { + String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + emailService.addVerificationCode(null, email, verificationCode); + return new Auth(email, verificationCode); + } + } + throw new HttpForbiddenException(); + } + @ResponseBody + @PostMapping("/api/signup") + public com.juick.User signupWithEmail(String username, String password, String verificationCode) { + if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") + || password.length() < 6 || password.length() > 32) { + throw new HttpBadRequestException(); + } + + String verifiedEmail = emailService.getEmailByAuthCode(verificationCode); + if (StringUtils.isNotEmpty(verifiedEmail)) { + int uid = userService.createUser(username, password); + if (uid <= 0) { + throw new HttpBadRequestException(); + } + emailService.addEmail(uid, verifiedEmail); + emailService.deleteAuthCode(verificationCode); + return userService.getUserByUID(uid).orElseThrow(IllegalStateException::new); } else { throw new HttpForbiddenException(); } diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java index 4442d115..f53cc531 100644 --- a/src/main/java/com/juick/server/configuration/SecurityConfig.java +++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java @@ -98,7 +98,7 @@ public class SecurityConfig { .authorizeRequests() .antMatchers(HttpMethod.OPTIONS).permitAll() .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk", - "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events").permitAll() + "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/signup", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events").permitAll() .anyRequest().hasRole("USER") .and() .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY) |