diff options
Diffstat (limited to 'src/main')
-rw-r--r-- | src/main/java/com/juick/TwitterManager.java | 8 | ||||
-rw-r--r-- | src/main/java/com/juick/service/CrosspostService.java | 86 | ||||
-rw-r--r-- | src/main/java/com/juick/service/CrosspostServiceImpl.java | 282 | ||||
-rw-r--r-- | src/main/java/com/juick/service/UserService.java | 59 | ||||
-rw-r--r-- | src/main/java/com/juick/service/UserServiceImpl.java | 251 | ||||
-rw-r--r-- | src/main/java/com/juick/www/api/ApiSocialLogin.java | 44 | ||||
-rw-r--r-- | src/main/java/com/juick/www/api/Users.java | 12 | ||||
-rw-r--r-- | src/main/java/com/juick/www/controllers/Login.java | 6 | ||||
-rw-r--r-- | src/main/java/com/juick/www/controllers/Settings.java | 16 | ||||
-rw-r--r-- | src/main/java/com/juick/www/controllers/SignUp.java | 25 | ||||
-rw-r--r-- | src/main/java/com/juick/www/controllers/Site.java | 4 | ||||
-rw-r--r-- | src/main/java/com/juick/www/controllers/SocialLogin.java | 75 |
12 files changed, 407 insertions, 461 deletions
diff --git a/src/main/java/com/juick/TwitterManager.java b/src/main/java/com/juick/TwitterManager.java index 5bb26b7c..34864708 100644 --- a/src/main/java/com/juick/TwitterManager.java +++ b/src/main/java/com/juick/TwitterManager.java @@ -18,8 +18,8 @@ package com.juick; import com.juick.model.Message; import com.juick.www.api.SystemActivity; +import com.juick.service.UserService; import com.juick.service.component.*; -import com.juick.service.CrosspostService; import com.juick.util.MessageUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -38,7 +38,7 @@ public class TwitterManager implements NotificationListener { private static final Logger logger = LoggerFactory.getLogger(TwitterManager.class); @Inject - private CrosspostService crosspostService; + private UserService userService; @Value("${twitter_consumer_key:12345678}") private String twitter_consumer_key; @@ -46,7 +46,7 @@ public class TwitterManager implements NotificationListener { private String twitter_consumer_secret; void twitterPost(final Message jmsg) { - crosspostService.getTwitterToken(jmsg.getUser().getUid()).ifPresent(t -> { + userService.getTwitterToken(jmsg.getUser().getUid()).ifPresent(t -> { String status = MessageUtils.getMessageHashTags(jmsg) + StringUtils.defaultString(jmsg.getText()); if (status.length() > 253) { status = status.substring(0, 252) + "…"; @@ -75,7 +75,7 @@ public class TwitterManager implements NotificationListener { if (MessageUtils.isPM(msg) || MessageUtils.isReply(msg) || msg.isService()) { return; } - if (StringUtils.isNotEmpty(crosspostService.getTwitterName(msg.getUser().getUid()))) { + if (StringUtils.isNotEmpty(userService.getTwitterName(msg.getUser().getUid()))) { if (msg.getTags().stream().noneMatch(t -> t.getName().equals("notwitter"))) { twitterPost(msg); } diff --git a/src/main/java/com/juick/service/CrosspostService.java b/src/main/java/com/juick/service/CrosspostService.java deleted file mode 100644 index 7836cca4..00000000 --- a/src/main/java/com/juick/service/CrosspostService.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (C) 2008-2020, Juick - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -package com.juick.service; - -import com.juick.model.ExternalToken; -import com.juick.model.ApplicationStatus; -import org.apache.commons.lang3.tuple.Pair; - -import javax.annotation.Nonnull; -import java.util.Optional; - -/** - * Created by aalexeev on 11/13/16. - */ -public interface CrosspostService { - - Optional<ExternalToken> getTwitterToken(int uid); - - boolean deleteTwitterToken(Integer uid); - - void addFacebookState(String state, String redirectUri); - - void addVKState(String state, String redirectUri); - - String verifyFacebookState(String state); - - String verifyVKState(String state); - - Optional<Pair<String, String>> getFacebookTokens(int uid); - - ApplicationStatus getFbCrossPostStatus(int uid); - - boolean enableFBCrosspost(Integer uid); - - void disableFBCrosspost(Integer uid); - - @Nonnull - String getTwitterName(int uid); - - String getTelegramName(int uid); - - Optional<Pair<String, String>> getVkTokens(int uid); - - void deleteVKUser(Integer uid); - - int getUIDbyFBID(long fbID); - - boolean createFacebookUser(long fbID, String loginhash, String token, String fbName); - - boolean updateFacebookUser(long fbID, String token, String fbName); - - int getUIDbyVKID(long vkID); - - boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink); - - String getFacebookNameByHash(String hash); - - String getTelegramNameByHash(String hash); - - boolean setFacebookUser(String hash, int uid); - - String getVKNameByHash(String hash); - - boolean setVKUser(String hash, int uid); - - boolean setTelegramUser(String hash, int uid); - - String getJIDByHash(String hash); - - boolean setJIDUser(String hash, int uid); -} diff --git a/src/main/java/com/juick/service/CrosspostServiceImpl.java b/src/main/java/com/juick/service/CrosspostServiceImpl.java deleted file mode 100644 index 09ba06a9..00000000 --- a/src/main/java/com/juick/service/CrosspostServiceImpl.java +++ /dev/null @@ -1,282 +0,0 @@ -/* - * Copyright (C) 2008-2020, Juick - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -package com.juick.service; - -import com.juick.model.ExternalToken; -import com.juick.model.ApplicationStatus; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.lang3.tuple.Pair; -import org.springframework.dao.EmptyResultDataAccessException; -import org.springframework.stereotype.Repository; -import org.springframework.transaction.annotation.Transactional; - -import java.util.List; -import java.util.Optional; - -/** - * Created by aalexeev on 11/13/16. - */ -@Repository -public class CrosspostServiceImpl extends BaseJdbcService implements CrosspostService { - - @Transactional(readOnly = true) - @Override - public Optional<ExternalToken> getTwitterToken(final int uid) { - List<ExternalToken> list = getJdbcTemplate().query( - "SELECT uname, access_token, access_token_secret FROM twitter WHERE user_id = ? AND crosspost = 1", - (rs, num) -> new ExternalToken(rs.getString(1), "twitter", - rs.getString(2), rs.getString(3)), - uid); - - return list.isEmpty() ? - Optional.empty() : Optional.of(list.get(0)); - } - - @Transactional - @Override - public boolean deleteTwitterToken(Integer uid) { - return getJdbcTemplate().update("DELETE FROM twitter WHERE user_id=?", uid) > 0; - } - - @Override - public void addFacebookState(String state, String redirectUri) { - jdbcTemplate.update("INSERT INTO facebook(loginhash, fb_link) VALUES(?, ?)", state, redirectUri); - } - - @Override - public void addVKState(String state, String redirectUri) { - jdbcTemplate.update("INSERT INTO vk(loginhash, vk_link) VALUES(?, ?)", state, redirectUri); - } - - @Override - public String verifyFacebookState(String state) { - try { - return jdbcTemplate.queryForObject("SELECT fb_link FROM facebook WHERE loginhash=?", - String.class, state); - } catch (EmptyResultDataAccessException e) { - return StringUtils.EMPTY; - } - } - - @Override - public String verifyVKState(String state) { - try { - return jdbcTemplate.queryForObject("SELECT vk_link FROM vk WHERE loginhash=?", - String.class, state); - } catch (EmptyResultDataAccessException e) { - return StringUtils.EMPTY; - } - } - - @Transactional(readOnly = true) - @Override - public Optional<Pair<String, String>> getFacebookTokens(final int uid) { - List<Optional<Pair<String, String>>> list = getJdbcTemplate().query( - "SELECT fb_id, access_token FROM facebook WHERE user_id = ? AND access_token IS NOT NULL AND crosspost = 1", - (rs, num) -> Optional.of(Pair.of(rs.getString(1), rs.getString(2))), - uid); - return list.isEmpty() ? - Optional.empty() : list.get(0); - } - - @Transactional(readOnly = true) - @Override - public ApplicationStatus getFbCrossPostStatus(final int uid) { - List<ApplicationStatus> list = getJdbcTemplate().query( - "SELECT 1, crosspost FROM facebook WHERE user_id = ? LIMIT 1", - (rs, num) -> { - ApplicationStatus status = new ApplicationStatus(); - - status.setConnected(rs.getInt(1) > 0); - status.setCrosspostEnabled(rs.getBoolean(2)); - - return status; - }, - uid); - - return list.isEmpty() ? - new ApplicationStatus() : list.get(0); - } - - @Transactional - @Override - public boolean enableFBCrosspost(Integer uid) { - return getJdbcTemplate().update("UPDATE facebook SET crosspost=1 WHERE user_id=?", uid) > 0; - } - - @Transactional - @Override - public void disableFBCrosspost(Integer uid) { - getJdbcTemplate().update("UPDATE facebook SET crosspost=0 WHERE user_id=?", uid); - } - - @Transactional(readOnly = true) - @Override - public String getTwitterName(final int uid) { - List<String> list = getJdbcTemplate().queryForList( - "SELECT uname FROM twitter WHERE user_id = ?", - String.class, - uid); - - return list.isEmpty() ? - StringUtils.EMPTY : list.get(0); - } - - @Transactional(readOnly = true) - @Override - public String getTelegramName(final int uid) { - List<String> list = getJdbcTemplate().queryForList( - "SELECT tg_name FROM telegram WHERE user_id = ?", - String.class, - uid); - - return list.isEmpty() ? - StringUtils.EMPTY : list.get(0); - } - - @Transactional(readOnly = true) - @Override - public Optional<Pair<String, String>> getVkTokens(final int uid) { - List<Optional<Pair<String, String>>> list = getJdbcTemplate().query( - "SELECT vk_id, access_token FROM vk WHERE user_id = ? AND crosspost = 1", - (rs, num) -> Optional.of(Pair.of(rs.getString(1), rs.getString(2))), - uid); - - return list.isEmpty() ? - Optional.empty() : list.get(0); - } - - @Transactional - @Override - public void deleteVKUser(Integer uid) { - getJdbcTemplate().update("DELETE FROM vk WHERE user_id=?", uid); - } - - @Transactional(readOnly = true) - @Override - public int getUIDbyFBID(long fbID) { - try { - return getJdbcTemplate().queryForObject("SELECT user_id FROM facebook WHERE fb_id=? AND user_id IS NOT NULL", - Integer.class, fbID); - } catch (EmptyResultDataAccessException e) { - return 0; - } - } - - @Transactional - @Override - public boolean createFacebookUser(long fbID, String loginhash, String token, String fbName) { - return getJdbcTemplate().update("UPDATE facebook SET fb_id=?, access_token=?, fb_name=? WHERE loginhash=?", - fbID, token, fbName, loginhash) > 0; - } - - @Transactional - @Override - public boolean updateFacebookUser(long fbID, String token, String fbName) { - return getJdbcTemplate().update("UPDATE facebook SET access_token=?,fb_name=? WHERE fb_id=?", - token, fbName, fbID) > 0; - } - - @Transactional(readOnly = true) - @Override - public int getUIDbyVKID(long vkID) { - try { - return getJdbcTemplate().queryForObject("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL", Integer.class, vkID); - } catch (EmptyResultDataAccessException e) { - return 0; - } - } - - @Transactional - @Override - public boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink) { - return getJdbcTemplate().update("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)", - vkID, loginhash, token, vkName, vkLink) > 0; - } - - @Transactional(readOnly = true) - @Override - public String getFacebookNameByHash(String hash) { - try { - List<Pair<String, String>> fb = getJdbcTemplate().query("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?", - (rs, num) -> Pair.of(rs.getString(1), rs.getString(2)), hash); - if (fb.size() > 0) { - return "<a href=\"" + fb.get(0).getRight() + "\" rel=\"nofollow\">" + fb.get(0).getLeft() + "</a>"; - } - return null; - } catch (EmptyResultDataAccessException e) { - return null; - } - } - - @Transactional - @Override - public String getTelegramNameByHash(String hash) { - try { - String name = getJdbcTemplate().queryForObject("SELECT tg_name FROM telegram WHERE loginhash=?", String.class, hash); - return "<a href=\"https://telegram.me/" + name + "\" rel=\"nofollow\">" + name + "</a>"; - } catch (EmptyResultDataAccessException e) { - return null; - } - } - - @Transactional - @Override - public boolean setFacebookUser(String hash, int uid) { - return getJdbcTemplate().update("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; - } - - @Transactional - @Override - public String getVKNameByHash(String hash) { - List<Pair<String, String>> logins = getJdbcTemplate().query("SELECT vk_name,vk_link FROM vk WHERE loginhash=?", - (rs, num) -> Pair.of(rs.getString(1), rs.getString(2)), hash); - if (logins.size() > 0) { - return "<a href=\"http://vk.com/" + logins.get(0).getRight() + "\" rel=\"nofollow\">" + logins.get(0).getLeft() + "</a>"; - } - return null; - } - - @Transactional - @Override - public boolean setVKUser(String hash, int uid) { - return getJdbcTemplate().update("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; - } - - @Transactional - @Override - public boolean setTelegramUser(String hash, int uid) { - return getJdbcTemplate().update("UPDATE telegram SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; - } - - @Transactional(readOnly = true) - @Override - public String getJIDByHash(String hash) { - try { - return getJdbcTemplate().queryForObject("SELECT jid FROM jids WHERE loginhash=?", String.class, hash); - } catch (EmptyResultDataAccessException e) { - return null; - } - } - - @Transactional - @Override - public boolean setJIDUser(String hash, int uid) { - return getJdbcTemplate().update("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; - } -} diff --git a/src/main/java/com/juick/service/UserService.java b/src/main/java/com/juick/service/UserService.java index e1f53abb..dc879821 100644 --- a/src/main/java/com/juick/service/UserService.java +++ b/src/main/java/com/juick/service/UserService.java @@ -19,9 +19,13 @@ package com.juick.service; import com.juick.model.Message; import com.juick.model.User; +import com.juick.model.ApplicationStatus; import com.juick.model.AuthResponse; +import com.juick.model.ExternalToken; import com.juick.util.UsernameTakenException; +import org.apache.commons.lang3.tuple.Pair; + import javax.annotation.Nonnull; import java.util.Collection; import java.util.List; @@ -128,4 +132,59 @@ public interface UserService { boolean isAdminUser(User user); boolean isServiceUser(User user); + + Optional<ExternalToken> getTwitterToken(int uid); + + boolean deleteTwitterToken(Integer uid); + + void addFacebookState(String state, String redirectUri); + + void addVKState(String state, String redirectUri); + + String verifyFacebookState(String state); + + String verifyVKState(String state); + + Optional<Pair<String, String>> getFacebookTokens(int uid); + + ApplicationStatus getFbCrossPostStatus(int uid); + + boolean enableFBCrosspost(Integer uid); + + void disableFBCrosspost(Integer uid); + + @Nonnull + String getTwitterName(int uid); + + String getTelegramName(int uid); + + Optional<Pair<String, String>> getVkTokens(int uid); + + void deleteVKUser(Integer uid); + + Optional<User> getUserByFacebookId(long facebookId); + + boolean createFacebookUser(long fbID, String loginhash, String token, String fbName); + + boolean updateFacebookUser(long fbID, String token, String fbName); + + int getUIDbyVKID(long vkID); + + boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink); + + String getFacebookNameByHash(String hash); + + String getTelegramNameByHash(String hash); + + boolean setFacebookUser(String hash, int uid); + + String getVKNameByHash(String hash); + + boolean setVKUser(String hash, int uid); + + boolean setTelegramUser(String hash, int uid); + + String getJIDByHash(String hash); + + boolean setJIDUser(String hash, int uid); } diff --git a/src/main/java/com/juick/service/UserServiceImpl.java b/src/main/java/com/juick/service/UserServiceImpl.java index 1594936a..9762802f 100644 --- a/src/main/java/com/juick/service/UserServiceImpl.java +++ b/src/main/java/com/juick/service/UserServiceImpl.java @@ -18,13 +18,16 @@ package com.juick.service; import com.juick.model.AnonymousUser; +import com.juick.model.ApplicationStatus; import com.juick.model.AuthResponse; +import com.juick.model.ExternalToken; import com.juick.model.Message; import com.juick.model.User; import com.juick.util.UsernameTakenException; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang3.tuple.Pair; import org.springframework.beans.factory.annotation.Value; import org.springframework.dao.DuplicateKeyException; import org.springframework.dao.EmptyResultDataAccessException; @@ -671,4 +674,252 @@ public class UserServiceImpl extends BaseJdbcService implements UserService { public boolean isServiceUser(User user) { return user.getName().equals(serviceUser); } + + @Transactional(readOnly = true) + @Override + public Optional<ExternalToken> getTwitterToken(final int uid) { + List<ExternalToken> list = getJdbcTemplate().query( + "SELECT uname, access_token, access_token_secret FROM twitter WHERE user_id = ? AND crosspost = 1", + (rs, num) -> new ExternalToken(rs.getString(1), "twitter", + rs.getString(2), rs.getString(3)), + uid); + + return list.isEmpty() ? + Optional.empty() : Optional.of(list.get(0)); + } + + @Transactional + @Override + public boolean deleteTwitterToken(Integer uid) { + return getJdbcTemplate().update("DELETE FROM twitter WHERE user_id=?", uid) > 0; + } + + @Override + public void addFacebookState(String state, String redirectUri) { + jdbcTemplate.update("INSERT INTO facebook(loginhash, fb_link) VALUES(?, ?)", state, redirectUri); + } + + @Override + public void addVKState(String state, String redirectUri) { + jdbcTemplate.update("INSERT INTO vk(loginhash, vk_link) VALUES(?, ?)", state, redirectUri); + } + + @Override + public String verifyFacebookState(String state) { + try { + return jdbcTemplate.queryForObject("SELECT fb_link FROM facebook WHERE loginhash=?", + String.class, state); + } catch (EmptyResultDataAccessException e) { + return StringUtils.EMPTY; + } + } + + @Override + public String verifyVKState(String state) { + try { + return jdbcTemplate.queryForObject("SELECT vk_link FROM vk WHERE loginhash=?", + String.class, state); + } catch (EmptyResultDataAccessException e) { + return StringUtils.EMPTY; + } + } + + @Transactional(readOnly = true) + @Override + public Optional<Pair<String, String>> getFacebookTokens(final int uid) { + List<Optional<Pair<String, String>>> list = getJdbcTemplate().query( + "SELECT fb_id, access_token FROM facebook WHERE user_id = ? AND access_token IS NOT NULL AND crosspost = 1", + (rs, num) -> Optional.of(Pair.of(rs.getString(1), rs.getString(2))), + uid); + return list.isEmpty() ? + Optional.empty() : list.get(0); + } + + @Transactional(readOnly = true) + @Override + public ApplicationStatus getFbCrossPostStatus(final int uid) { + List<ApplicationStatus> list = getJdbcTemplate().query( + "SELECT 1, crosspost FROM facebook WHERE user_id = ? LIMIT 1", + (rs, num) -> { + ApplicationStatus status = new ApplicationStatus(); + + status.setConnected(rs.getInt(1) > 0); + status.setCrosspostEnabled(rs.getBoolean(2)); + + return status; + }, + uid); + + return list.isEmpty() ? + new ApplicationStatus() : list.get(0); + } + + @Transactional + @Override + public boolean enableFBCrosspost(Integer uid) { + return getJdbcTemplate().update("UPDATE facebook SET crosspost=1 WHERE user_id=?", uid) > 0; + } + + @Transactional + @Override + public void disableFBCrosspost(Integer uid) { + getJdbcTemplate().update("UPDATE facebook SET crosspost=0 WHERE user_id=?", uid); + } + + @Transactional(readOnly = true) + @Override + public String getTwitterName(final int uid) { + List<String> list = getJdbcTemplate().queryForList( + "SELECT uname FROM twitter WHERE user_id = ?", + String.class, + uid); + + return list.isEmpty() ? + StringUtils.EMPTY : list.get(0); + } + + @Transactional(readOnly = true) + @Override + public String getTelegramName(final int uid) { + List<String> list = getJdbcTemplate().queryForList( + "SELECT tg_name FROM telegram WHERE user_id = ?", + String.class, + uid); + + return list.isEmpty() ? + StringUtils.EMPTY : list.get(0); + } + + @Transactional(readOnly = true) + @Override + public Optional<Pair<String, String>> getVkTokens(final int uid) { + List<Optional<Pair<String, String>>> list = getJdbcTemplate().query( + "SELECT vk_id, access_token FROM vk WHERE user_id = ? AND crosspost = 1", + (rs, num) -> Optional.of(Pair.of(rs.getString(1), rs.getString(2))), + uid); + + return list.isEmpty() ? + Optional.empty() : list.get(0); + } + + @Transactional + @Override + public void deleteVKUser(Integer uid) { + getJdbcTemplate().update("DELETE FROM vk WHERE user_id=?", uid); + } + + @Transactional(readOnly = true) + @Override + public Optional<User> getUserByFacebookId(long facebookId) { + List<User> list = getJdbcTemplate().query( + "SELECT DISTINCT u.id, u.nick, u.passw, u.banned, u.last_seen, " + + "COALESCE(f.fb_id, vk.vk_id, t.tg_id, e.user_id, 0) AS verified " + + "FROM users u LEFT JOIN facebook f ON f.user_id = u.id " + + "LEFT JOIN vk ON u.id = vk.user_id LEFT JOIN telegram t ON u.id = t.user_id " + + "LEFT JOIN emails e ON e.user_id = u.id WHERE f.fb_id = ?", new UserMapper(), facebookId); + + return list.isEmpty() ? Optional.empty() : Optional.of(list.get(0)); + } + + @Transactional + @Override + public boolean createFacebookUser(long fbID, String loginhash, String token, String fbName) { + return getJdbcTemplate().update("UPDATE facebook SET fb_id=?, access_token=?, fb_name=? WHERE loginhash=?", + fbID, token, fbName, loginhash) > 0; + } + + @Transactional + @Override + public boolean updateFacebookUser(long fbID, String token, String fbName) { + return getJdbcTemplate().update("UPDATE facebook SET access_token=?,fb_name=? WHERE fb_id=?", + token, fbName, fbID) > 0; + } + + @Transactional(readOnly = true) + @Override + public int getUIDbyVKID(long vkID) { + try { + return getJdbcTemplate().queryForObject("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL", Integer.class, vkID); + } catch (EmptyResultDataAccessException e) { + return 0; + } + } + + @Transactional + @Override + public boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink) { + return getJdbcTemplate().update("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)", + vkID, loginhash, token, vkName, vkLink) > 0; + } + + @Transactional(readOnly = true) + @Override + public String getFacebookNameByHash(String hash) { + try { + List<Pair<String, String>> fb = getJdbcTemplate().query("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?", + (rs, num) -> Pair.of(rs.getString(1), rs.getString(2)), hash); + if (fb.size() > 0) { + return "<a href=\"" + fb.get(0).getRight() + "\" rel=\"nofollow\">" + fb.get(0).getLeft() + "</a>"; + } + return null; + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + @Transactional + @Override + public String getTelegramNameByHash(String hash) { + try { + String name = getJdbcTemplate().queryForObject("SELECT tg_name FROM telegram WHERE loginhash=?", String.class, hash); + return "<a href=\"https://telegram.me/" + name + "\" rel=\"nofollow\">" + name + "</a>"; + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + @Transactional + @Override + public boolean setFacebookUser(String hash, int uid) { + return getJdbcTemplate().update("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + @Transactional + @Override + public String getVKNameByHash(String hash) { + List<Pair<String, String>> logins = getJdbcTemplate().query("SELECT vk_name,vk_link FROM vk WHERE loginhash=?", + (rs, num) -> Pair.of(rs.getString(1), rs.getString(2)), hash); + if (logins.size() > 0) { + return "<a href=\"http://vk.com/" + logins.get(0).getRight() + "\" rel=\"nofollow\">" + logins.get(0).getLeft() + "</a>"; + } + return null; + } + + @Transactional + @Override + public boolean setVKUser(String hash, int uid) { + return getJdbcTemplate().update("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + @Transactional + @Override + public boolean setTelegramUser(String hash, int uid) { + return getJdbcTemplate().update("UPDATE telegram SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + @Transactional(readOnly = true) + @Override + public String getJIDByHash(String hash) { + try { + return getJdbcTemplate().queryForObject("SELECT jid FROM jids WHERE loginhash=?", String.class, hash); + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + @Transactional + @Override + public boolean setJIDUser(String hash, int uid) { + return getJdbcTemplate().update("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } } diff --git a/src/main/java/com/juick/www/api/ApiSocialLogin.java b/src/main/java/com/juick/www/api/ApiSocialLogin.java index 4b57ce89..ecd5ac1b 100644 --- a/src/main/java/com/juick/www/api/ApiSocialLogin.java +++ b/src/main/java/com/juick/www/api/ApiSocialLogin.java @@ -30,7 +30,6 @@ import com.github.scribejava.core.oauth.OAuth20Service; import com.juick.model.AuthResponse; import com.juick.model.ext.facebook.User; import com.juick.model.ext.vk.UsersResponse; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.UserService; import com.juick.util.HttpBadRequestException; @@ -94,8 +93,6 @@ public class ApiSocialLogin { private String baseUri; @Inject - private CrosspostService crosspostService; - @Inject private UserService userService; @Inject private EmailService emailService; @@ -133,11 +130,11 @@ public class ApiSocialLogin { @RequestParam(required = false) String state) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String fbstate = UUID.randomUUID().toString(); - crosspostService.addFacebookState(fbstate, state); + userService.addFacebookState(fbstate, state); return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); } - String redirectUrl = crosspostService.verifyFacebookState(state); + String redirectUrl = userService.verifyFacebookState(state); if (StringUtils.isEmpty(redirectUrl)) { logger.error("state is missing"); @@ -158,26 +155,25 @@ public class ApiSocialLogin { throw new HttpBadRequestException(); } - int uid = crosspostService.getUIDbyFBID(fbID); - if (uid > 0) { - if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { + Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID); + if (existingFacebookUser.isPresent()) { + if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken()); throw new HttpBadRequestException(); } + if (StringUtils.isNotEmpty(fb.getEmail())) { + logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); + Integer userId = existingFacebookUser.get().getUid(); + if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { + emailService.addEmail(userId, fb.getEmail()); + } + } UriComponentsBuilder uriComponentsBuilder = UriComponentsBuilder.fromUriString(redirectUrl); - uriComponentsBuilder.queryParam("hash", userService.getHashByUID(uid)); + uriComponentsBuilder.queryParam("hash", userService.getHashByUID(existingFacebookUser.get().getUid())); uriComponentsBuilder.queryParam("retpath", redirectUrl); return "redirect:" + uriComponentsBuilder.build().toUriString(); } else { - if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { - if (StringUtils.isNotEmpty(fb.getEmail())) { - logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); - Integer userId = crosspostService.getUIDbyFBID(fbID); - if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { - emailService.addEmail(userId, fb.getEmail()); - } - } - logger.info("email not found for facebook user {}", fb.getName()); + if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { throw new HttpBadRequestException(); } return "redirect:/signup?type=fb&hash=" + state; @@ -188,11 +184,11 @@ public class ApiSocialLogin { @RequestParam String state) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String vkstate = UUID.randomUUID().toString(); - crosspostService.addVKState(vkstate, state); + userService.addVKState(vkstate, state); return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate); } - String redirectUrl = crosspostService.verifyVKState(state); + String redirectUrl = userService.verifyVKState(state); if (StringUtils.isBlank(redirectUrl)) { logger.error("state is missing"); throw new HttpBadRequestException(); @@ -213,7 +209,7 @@ public class ApiSocialLogin { } long vkID = NumberUtils.toLong(jsonUser.getId(), 0); - int uid = crosspostService.getUIDbyVKID(vkID); + int uid = userService.getUIDbyVKID(vkID); if (uid > 0) { UriComponentsBuilder uriComponentsBuilder = UriComponentsBuilder.fromUriString(redirectUrl); uriComponentsBuilder.queryParam("hash", userService.getHashByUID(uid)); @@ -221,7 +217,7 @@ public class ApiSocialLogin { return "redirect:" + uriComponentsBuilder.build().toUriString(); } else { String loginhash = UUID.randomUUID().toString(); - if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { + if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { logger.error("create vk user error"); throw new HttpBadRequestException(); } @@ -270,7 +266,7 @@ public class ApiSocialLogin { public String doAppleLogin(@RequestParam(required = false) String code, @RequestParam String state) { if (StringUtils.isBlank(code)) { String astate = UUID.randomUUID().toString(); - crosspostService.addVKState(astate, state); + userService.addVKState(astate, state); return "redirect:" + appleSignInService.getAuthorizationUrl(astate); } throw new HttpBadRequestException(); @@ -287,7 +283,7 @@ public class ApiSocialLogin { if (email.isPresent()) { com.juick.model.User user = userService.getUserByEmail(email.get()); if (!user.isAnonymous()) { - String redirectUrl = crosspostService.verifyVKState(body.get("state")); + String redirectUrl = userService.verifyVKState(body.get("state")); if (StringUtils.isBlank(redirectUrl)) { logger.error("state is missing"); throw new HttpBadRequestException(); diff --git a/src/main/java/com/juick/www/api/Users.java b/src/main/java/com/juick/www/api/Users.java index 06d040ff..0294ec53 100644 --- a/src/main/java/com/juick/www/api/Users.java +++ b/src/main/java/com/juick/www/api/Users.java @@ -55,8 +55,6 @@ public class Users { @Inject private MessagesService messagesService; @Inject - private CrosspostService crosspostService; - @Inject private TelegramService telegramService; @Inject private EmailService emailService; @@ -151,10 +149,10 @@ public class Users { if (StringUtils.isNotEmpty(accountToDelete)) { switch (accountToDelete) { case "twitter": - crosspostService.deleteTwitterToken(visitor.getUid()); + userService.deleteTwitterToken(visitor.getUid()); break; case "vk": - crosspostService.deleteVKUser(visitor.getUid()); + userService.deleteVKUser(visitor.getUid()); break; case "durov": telegramService.deleteTelegramUser(visitor.getUid()); @@ -267,13 +265,13 @@ public class Users { return emailService.getNotificationsEmail(this.getUid()); } public String getTwitterName() { - return crosspostService.getTwitterName(this.getUid()); + return userService.getTwitterName(this.getUid()); } public String getTelegramName() { - return crosspostService.getTelegramName(this.getUid()); + return userService.getTelegramName(this.getUid()); } public ApplicationStatus getFacebookStatus() { - return crosspostService.getFbCrossPostStatus(this.getUid()); + return userService.getFbCrossPostStatus(this.getUid()); } } } diff --git a/src/main/java/com/juick/www/controllers/Login.java b/src/main/java/com/juick/www/controllers/Login.java index 33fcc011..41d902de 100644 --- a/src/main/java/com/juick/www/controllers/Login.java +++ b/src/main/java/com/juick/www/controllers/Login.java @@ -51,6 +51,12 @@ public class Login { model.addAttribute("authErrorMessage", authEx.getLocalizedMessage()); } + String socialLoginError = (String) session.getAttribute(SocialLogin.AUTH_ERROR); + + if (socialLoginError != null) { + model.addAttribute("authErrorMessage", socialLoginError); + } + return "layouts/login"; } diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java index a9240cab..50b4ea14 100644 --- a/src/main/java/com/juick/www/controllers/Settings.java +++ b/src/main/java/com/juick/www/controllers/Settings.java @@ -70,8 +70,6 @@ public class Settings { @Inject private UserService userService; @Inject - private CrosspostService crosspostService; - @Inject private SubscriptionService subscriptionService; @Inject private EmailService emailService; @@ -111,9 +109,9 @@ public class Settings { List<String> hours = IntStream.rangeClosed(0, 23).boxed() .map(i -> StringUtils.leftPad(String.format("%d", i), 2, "0")).collect(Collectors.toList()); model.addAttribute("hours", hours); - model.addAttribute("fbstatus", crosspostService.getFbCrossPostStatus(visitor.getUid())); - model.addAttribute("twitter_name", crosspostService.getTwitterName(visitor.getUid())); - model.addAttribute("telegram_name", crosspostService.getTelegramName(visitor.getUid())); + model.addAttribute("fbstatus", userService.getFbCrossPostStatus(visitor.getUid())); + model.addAttribute("twitter_name", userService.getTwitterName(visitor.getUid())); + model.addAttribute("telegram_name", userService.getTelegramName(visitor.getUid())); model.addAttribute("notify_options", subscriptionService.getNotifyOptions(visitor)); model.addAttribute("userinfo", userService.getUserInfo(visitor)); if (page.equals("auth-email")) { @@ -232,7 +230,7 @@ public class Settings { } break; case "twitter-del": - crosspostService.deleteTwitterToken(visitor.getUid()); + userService.deleteTwitterToken(visitor.getUid()); for (Cookie cookie : request.getCookies()) { if (cookie.getName().equals("request_token")) { cookie.setMaxAge(0); @@ -250,15 +248,15 @@ public class Settings { result = "<p><a href=\"/settings\">Back</a></p>"; break; case "facebook-disable": - crosspostService.disableFBCrosspost(visitor.getUid()); + userService.disableFBCrosspost(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; case "facebook-enable": - crosspostService.enableFBCrosspost(visitor.getUid()); + userService.enableFBCrosspost(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; case "vk-del": - crosspostService.deleteVKUser(visitor.getUid()); + userService.deleteVKUser(visitor.getUid()); result = "<p><a href=\"/settings\">Back</a></p>"; break; default: diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java index c07374f5..9fc04dd5 100644 --- a/src/main/java/com/juick/www/controllers/SignUp.java +++ b/src/main/java/com/juick/www/controllers/SignUp.java @@ -21,7 +21,6 @@ import com.juick.util.HttpBadRequestException; import com.juick.util.HttpForbiddenException; import com.juick.util.UsernameTakenException; import com.juick.www.WebApp; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.UserService; import com.juick.service.security.annotation.Visitor; @@ -46,8 +45,6 @@ public class SignUp { @Inject private UserService userService; @Inject - private CrosspostService crosspostService; - @Inject private EmailService emailService; @Inject private WebApp webApp; @@ -65,16 +62,16 @@ public class SignUp { String account = null; switch (type) { case "fb": - account = crosspostService.getFacebookNameByHash(hash); + account = userService.getFacebookNameByHash(hash); break; case "vk": - account = crosspostService.getVKNameByHash(hash); + account = userService.getVKNameByHash(hash); break; case "xmpp": - account = crosspostService.getJIDByHash(hash); + account = userService.getJIDByHash(hash); break; case "durov": - account = crosspostService.getTelegramNameByHash(hash); + account = userService.getTelegramNameByHash(hash); break; case "email": account = emailService.getEmailByAuthCode(hash); @@ -128,11 +125,11 @@ public class SignUp { return "views/signup_result"; } - if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) - && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) - && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid())) + if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid())) && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0 - && crosspostService.setJIDUser(hash, current.getUid()))) { + && userService.setJIDUser(hash, current.getUid()))) { if (type.equals("email")) { String email = emailService.getEmailByAuthCode(hash); emailService.addEmail(current.getUid(), email); @@ -163,9 +160,9 @@ public class SignUp { return "views/signup_result"; } - if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) - && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) - && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) { + if (!(type.charAt(0) == 'f' && userService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && userService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && userService.setTelegramUser(hash, current.getUid()))) { if (type.equals("email")) { String email = emailService.getEmailByAuthCode(hash); emailService.addEmail(current.getUid(), email); diff --git a/src/main/java/com/juick/www/controllers/Site.java b/src/main/java/com/juick/www/controllers/Site.java index 27e84001..682ed247 100644 --- a/src/main/java/com/juick/www/controllers/Site.java +++ b/src/main/java/com/juick/www/controllers/Site.java @@ -68,8 +68,6 @@ public class Site { @Inject private PMQueriesService pmQueriesService; @Inject - private CrosspostService crosspostService; - @Inject private WebApp webApp; private void fillUserModel(ModelMap model, User user, User visitor) { @@ -517,7 +515,7 @@ public class Site { + pageUrl + "\" />\n" + "<meta property=\"og:title\" content=\"" + msg.getUser().getName() + " at Juick\" />\n" + "<meta property=\"og:description\" content=\"" + cardDescription + "\" />\n" + "<meta name=\"Description\" content=\"" + cardDescription + "\" />\n"; - String twitterName = crosspostService.getTwitterName(msg.getUser().getUid()); + String twitterName = userService.getTwitterName(msg.getUser().getUid()); if (StringUtils.isNotEmpty(twitterName)) { headers += "<meta name=\"twitter:creator\" content=\"@" + twitterName + "\" />\n"; } diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java index 5e9e8b8f..7acd6cdd 100644 --- a/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -24,7 +24,6 @@ import com.github.scribejava.core.oauth.OAuth10aService; import com.github.scribejava.core.oauth.OAuth20Service; import com.juick.model.ext.facebook.User; import com.juick.model.ext.vk.UsersResponse; -import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; @@ -52,6 +51,8 @@ import javax.inject.Inject; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + import java.io.IOException; import java.util.List; import java.util.Map; @@ -69,6 +70,8 @@ public class SocialLogin { private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class); + public static final String AUTH_ERROR = "SocialLogin.AuthenticationError"; + @Value("${facebook_appid:appid}") private String FACEBOOK_APPID; @Value("${facebook_secret:secret}") @@ -95,8 +98,6 @@ public class SocialLogin { @Value("${apple_app_id:appid}") private String appleApplicationId; @Inject - private CrosspostService crosspostService; - @Inject private UserService userService; @Inject private EmailService emailService; @@ -125,18 +126,18 @@ public class SocialLogin { @GetMapping("/_fblogin") protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code, @RequestParam(required = false) String state, - @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) - throws IOException, ExecutionException, InterruptedException { + @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response, + HttpSession session) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String fbstate = UUID.randomUUID().toString(); if (StringUtils.isBlank(state)) { state = Optional.ofNullable(referer).orElse("https://juick.com/"); } - crosspostService.addFacebookState(fbstate, state); + userService.addFacebookState(fbstate, state); return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); } - String redirectUrl = crosspostService.verifyFacebookState(state); + String redirectUrl = userService.verifyFacebookState(state); if (StringUtils.isEmpty(redirectUrl)) { logger.error("state is missing"); throw new HttpBadRequestException(); @@ -157,26 +158,30 @@ public class SocialLogin { throw new HttpBadRequestException(); } - int uid = crosspostService.getUIDbyFBID(fbID); - if (uid > 0) { - if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { + Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID); + if (existingFacebookUser.isPresent()) { + if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken()); throw new HttpBadRequestException(); } - Cookie c = new Cookie("hash", userService.getHashByUID(uid)); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:" + redirectUrl; - } else { - if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { - if (StringUtils.isNotEmpty(fb.getEmail())) { - logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); - Integer userId = crosspostService.getUIDbyFBID(fbID); - if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { - emailService.addEmail(userId, fb.getEmail()); - } + if (StringUtils.isNotEmpty(fb.getEmail())) { + logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); + Optional<com.juick.model.User> newFacebookUser = userService.getUserByFacebookId(fbID); + if (!emailService.getEmails(newFacebookUser.get().getUid(), false).contains(fb.getEmail())) { + emailService.addEmail(newFacebookUser.get().getUid(), fb.getEmail()); } - logger.info("email not found for facebook user {}", fb.getName()); + } + if (!existingFacebookUser.get().isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:" + redirectUrl; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } + } else { + if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { throw new HttpBadRequestException(); } return "redirect:/signup?type=fb&hash=" + state; @@ -257,7 +262,8 @@ public class SocialLogin { Response vkResponse = vkAuthService.execute(meRequest); if (vkResponse.isSuccessful()) { String graph = vkResponse.getBody(); - com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new); + com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream() + .findFirst().orElseThrow(HttpBadRequestException::new); String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName(); String vkLink = jsonUser.getScreenName(); @@ -267,7 +273,7 @@ public class SocialLogin { } long vkID = NumberUtils.toLong(jsonUser.getId(), 0); - int uid = crosspostService.getUIDbyVKID(vkID); + int uid = userService.getUIDbyVKID(vkID); if (uid > 0) { Cookie c = new Cookie("hash", userService.getHashByUID(uid)); c.setMaxAge(50 * 24 * 60 * 60); @@ -275,14 +281,14 @@ public class SocialLogin { return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY); } else { String loginhash = UUID.randomUUID().toString(); - if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { + if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { logger.error("create vk user error"); throw new HttpBadRequestException(); } return "redirect:/signup?type=vk&hash=" + loginhash; } } else { - logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); + logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody()); throw new HttpBadRequestException(); } } @@ -332,7 +338,7 @@ public class SocialLogin { @PostMapping("/_apple") public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, - @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException { + @RequestParam Map<String, String> body, HttpSession session) throws InterruptedException, ExecutionException, IOException { OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code")); var jsonNode = jsonMapper.readTree(token.getRawResponse()); var idToken = jsonNode.get("id_token").textValue(); @@ -341,10 +347,15 @@ public class SocialLogin { if (email.isPresent()) { com.juick.model.User user = userService.getUserByEmail(email.get()); if (!user.isAnonymous()) { - Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); - return "redirect:/"; + if (!user.isBanned()) { + Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/"; + } else { + session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled"); + return "redirect:/login"; + } } else { String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); emailService.addVerificationCode(null, email.get(), verificationCode); |