diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/conf/MANIFEST.MF | 2 | ||||
-rw-r--r-- | src/java/com/juick/api/Main.java | 145 | ||||
-rw-r--r-- | src/java/com/juick/api/Users.java | 70 | ||||
-rw-r--r-- | src/java/com/juick/api/Utils.java | 130 |
4 files changed, 347 insertions, 0 deletions
diff --git a/src/conf/MANIFEST.MF b/src/conf/MANIFEST.MF new file mode 100644 index 00000000..59499bce --- /dev/null +++ b/src/conf/MANIFEST.MF @@ -0,0 +1,2 @@ +Manifest-Version: 1.0 + diff --git a/src/java/com/juick/api/Main.java b/src/java/com/juick/api/Main.java new file mode 100644 index 00000000..d32a00aa --- /dev/null +++ b/src/java/com/juick/api/Main.java @@ -0,0 +1,145 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.api; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.SQLException; +import java.util.Properties; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +@WebServlet(name = "Main", urlPatterns = {"/"}) +public class Main extends HttpServlet { + + Connection sql; + Connection sqlSearch; + Users users; + + @Override + public void init() throws ServletException { + super.init(); + try { + Properties conf = new Properties(); + conf.load(new FileInputStream("/etc/juick/api.conf")); + + Class.forName("com.mysql.jdbc.Driver"); + sql = DriverManager.getConnection("jdbc:mysql://localhost/juick?autoReconnect=true&user=" + conf.getProperty("mysql_username", "") + "&password=" + conf.getProperty("mysql_password", "")); + sqlSearch = DriverManager.getConnection("jdbc:mysql://127.0.0.1:9306/juick?autoReconnect=true&characterEncoding=utf8&maxAllowedPacket=512000&relaxAutoCommit=true&user=root&password="); + + users = new Users(sql); + } catch (Exception e) { + log(null, e); + } + } + + @Override + public void destroy() { + super.destroy(); + if (sql != null) { + try { + sql.close(); + sql = null; + } catch (SQLException e) { + log(null, e); + } + } + if (sqlSearch != null) { + try { + sqlSearch.close(); + sqlSearch = null; + } catch (SQLException e) { + log(null, e); + } + } + } + + /** + * Handles the HTTP <code>GET</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + + int vuid = Utils.getHttpAuthUID(sql, request); + + String uri = request.getRequestURI(); + if (uri.equals("/users/read")) { + users.doGetUserRead(request, response, vuid); + } else if (uri.equals("/users/readers")) { + users.doGetUserReaders(request, response, vuid); + } else { + response.sendError(404); + } + } + + /** + * Handles the HTTP <code>POST</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String uri = request.getRequestURI(); + if (uri.equals("/post")) { + } else { + response.sendError(405); + } + } + + public static void replyJSON(HttpServletRequest request, HttpServletResponse response, String json) throws IOException { + response.setContentType("application/json; charset=UTF-8"); + response.setHeader("Access-Control-Allow-Origin", "*"); + + String callback = request.getParameter("callback"); + if (callback.length() > 64 || !callback.matches("a-zA-Z0-9\\-")) { + callback = null; + } + + PrintWriter out = response.getWriter(); + try { + if (callback != null) { + out.print(callback + "("); + out.print(json); + out.print(")"); + } else { + out.print(json); + } + } finally { + out.close(); + } + } +} diff --git a/src/java/com/juick/api/Users.java b/src/java/com/juick/api/Users.java new file mode 100644 index 00000000..5810ddba --- /dev/null +++ b/src/java/com/juick/api/Users.java @@ -0,0 +1,70 @@ +package com.juick.api; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author ugnich + */ +public class Users { + + Connection sql; + + public Users(Connection sql) { + this.sql = sql; + } + + public void doGetUserRead(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException { + int uid = vuid; + String paramUID = request.getParameter("user_id"); + if (paramUID != null) { + try { + uid = Integer.parseInt(paramUID); + } catch (NumberFormatException e) { + } + } + + if (uid > 0) { + ArrayList<Integer> uids = UserQueries.getUserRead(sql, vuid); + if (uids.size() > 0) { + ArrayList<com.juick.User> users = UserQueries.getUsersByID(sql, uids); + if (users.size() > 0) { + String json = com.juick.json.Users.arrayToString(users); + Main.replyJSON(request, response, json); + return; + } + } + } + response.sendError(404); + } + + public void doGetUserReaders(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException { + int uid = vuid; + String paramUID = request.getParameter("user_id"); + if (paramUID != null) { + try { + uid = Integer.parseInt(paramUID); + } catch (NumberFormatException e) { + } + } + + if (uid > 0) { + ArrayList<Integer> uids = UserQueries.getUserReaders(sql, vuid); + if (uids.size() > 0) { + ArrayList<com.juick.User> users = UserQueries.getUsersByID(sql, uids); + if (users.size() > 0) { + String json = com.juick.json.Users.arrayToString(users); + Main.replyJSON(request, response, json); + return; + } + } + } + response.sendError(404); + } +} diff --git a/src/java/com/juick/api/Utils.java b/src/java/com/juick/api/Utils.java new file mode 100644 index 00000000..b325b19a --- /dev/null +++ b/src/java/com/juick/api/Utils.java @@ -0,0 +1,130 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.api; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import sun.misc.BASE64Decoder; + +/** + * + * @author Ugnich Anton + */ +public class Utils { + + public static String getCookie(HttpServletRequest request, String name) { + Cookie cookies[] = request.getCookies(); + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals(name)) { + return cookies[i].getValue(); + } + } + } + return null; + } + + public static com.juick.User getVisitorUser(Connection sql, HttpServletRequest request) { + String hash = getCookie(request, "hash"); + if (hash != null) { + return com.juick.server.UserQueries.getUserByHash(sql, hash); + } else { + return null; + } + } + + public static int getVisitorUID(Connection sql, HttpServletRequest request) { + Cookie cookies[] = request.getCookies(); + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals("hash")) { + String hash = cookies[i].getValue(); + return com.juick.server.UserQueries.getUIDbyHash(sql, hash); + } + } + } + return 0; + } + + public static int getHttpAuthUID(Connection sql, HttpServletRequest request) { + String auth = request.getHeader("HTTP_AUTHORIZATION"); + if (auth != null && auth.length() > 8) { + try { + BASE64Decoder dec = new BASE64Decoder(); + String loginpassw[] = new String(dec.decodeBuffer(auth.substring(6))).split(":", 2); + if (loginpassw.length == 2 && loginpassw[0].length() > 1 && loginpassw[0].length() < 16 && loginpassw[0].matches("a-zA-Z0-9\\-") && !loginpassw[1].isEmpty()) { + return UserQueries.checkPassword(sql, loginpassw[0], loginpassw[1]); + } + } catch (IOException e) { + } + } + return 0; + } + + public static void sendPermanentRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); + response.setHeader("Location", location); + } + + public static void finishSQL(ResultSet rs, Statement stmt) { + if (rs != null) { + try { + rs.close(); + } catch (SQLException e) { + } + } + if (stmt != null) { + try { + stmt.close(); + } catch (SQLException e) { + } + } + } + + public static String convertArray2String(ArrayList<Integer> mids) { + String q = ""; + for (int i = 0; i < mids.size(); i++) { + if (i > 0) { + q += ","; + } + q += mids.get(i); + } + return q; + } + + public static String encodeHTML(String str) { + String ret = str; + ret = ret.replaceAll("<", "<"); + ret = ret.replaceAll(">", ">"); + return str; + } + + public static String encodeSphinx(String str) { + String ret = str; + ret = ret.replaceAll("@", "\\\\@"); + return ret; + } +} |