pages = Arrays.asList("main", "password", "about", "email", "email-add", "email-del",
- "email-subscr", "auth-email", "privacy", "jid-del", "twitter-del", "telegram-del", "facebook-disable",
- "facebook-enable", "vk-del");
- String page = request.getParameter("page");
- if (StringUtils.isEmpty(page) || !pages.contains(page)) {
- throw new HttpBadRequestException();
- }
- String result = StringUtils.EMPTY;
- switch (page) {
- case "password":
- if (userService.updatePassword(visitor, request.getParameter("password"))) {
- result = "Password has been changed.
";
- String hash = userService.getHashByUID(visitor.getUid());
- Cookie c = new Cookie("hash", hash);
- c.setMaxAge(365 * 24 * 60 * 60);
- response.addCookie(c);
- }
- break;
- case "main":
- NotifyOpts opts = new NotifyOpts();
- opts.setRepliesEnabled(StringUtils.isNotEmpty(request.getParameter("jnotify")));
- opts.setSubscriptionsEnabled(StringUtils.isNotEmpty(request.getParameter("subscr_notify")));
- opts.setRecommendationsEnabled(StringUtils.isNotEmpty(request.getParameter("recomm")));
- if (subscriptionService.setNotifyOptions(visitor, opts)) {
- result = "Notification options has been updated
";
- }
- break;
- case "about":
- visitor.setFullName(request.getParameter("fullname"));
- visitor.setCountry(request.getParameter("country"));
- visitor.setUrl(request.getParameter("url"));
- visitor.setDescription(request.getParameter("descr"));
- String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost();
- if (StringUtils.isNotEmpty(avatarTmpPath)) {
- imagesService.saveAvatar(avatarTmpPath, visitor.getUid());
- }
- if (userService.updateUserInfo(visitor)) {
- result = String.format("Your info is updated.
Back to blog.
", visitor.getName());
- }
- break;
- case "jid-del":
- // FIXME: stop using ugnich-csv in parameters
- String[] params = request.getParameter("delete").split(";", 2);
- boolean res = false;
- if (params[0].equals("xmpp")) {
- res = userService.deleteJID(visitor.getUid(), params[1]);
- } else if (params[0].equals("xmpp-unauth")) {
- res = userService.unauthJID(visitor.getUid(), params[1]);
- }
- if (res) {
- result = "Deleted. Back.
";
- } else {
- result = "Error
";
- }
- break;
- case "email-add":
- if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) {
- String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
- if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) {
- Session session = Session.getDefaultInstance(System.getProperties());
- try {
- MimeMessage message = new MimeMessage(session);
- message.setFrom(new InternetAddress("noreply@juick.com"));
- message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account")));
- message.setSubject("Juick authorization link");
- message.setText(String.format("Follow link to attach this email to Juick account:\n" +
- "http://juick.com/settings?page=auth-email&code=%s\n\n" +
- "If you don't know, what this mean - just ignore this mail.\n", authCode));
- Transport.send(message);
- result = "Authorization link has been sent to your email. Follow it to proceed.
" +
- "Back
";
-
- } catch (MessagingException ex) {
- logger.error("mail exception", ex);
- throw new HttpBadRequestException();
- }
- }
- }
- break;
- case "email-del":
- if (emailService.deleteEmail(visitor.getUid(), request.getParameter("account"))) {
- result = "Deleted. Back.
";
- } else {
- result = "An error occured while deleting.
";
- }
- break;
- case "email-subscr":
- if (emailService.setNotificationsEmail(visitor.getUid(), request.getParameter("account"))) {
- result = String.format("Saved! Will send notifications to %s." +
- "
Back
", request.getParameter("account"));
- } else {
- result = "Disabled.
Back
";
- }
- break;
- case "twitter-del":
- crosspostService.deleteTwitterToken(visitor.getUid());
- for (Cookie cookie : request.getCookies()) {
- if (cookie.getName().equals("request_token")) {
- cookie.setMaxAge(0);
- response.addCookie(cookie);
- }
- if (cookie.getName().equals("request_token_secret")) {
- cookie.setMaxAge(0);
- response.addCookie(cookie);
- }
- }
- result = "Back
";
- break;
- case "telegram-del":
- telegramService.deleteTelegramUser(visitor.getUid());
- result = "Back
";
- break;
- case "facebook-disable":
- crosspostService.disableFBCrosspost(visitor.getUid());
- result = "Back
";
- break;
- case "facebook-enable":
- crosspostService.enableFBCrosspost(visitor.getUid());
- result = "Back
";
- break;
- case "vk-del":
- crosspostService.deleteVKUser(visitor.getUid());
- result = "Back
";
- break;
- default:
- throw new HttpBadRequestException();
- }
-
- model.addAttribute("title", "Настройки");
- model.addAttribute("visitor", visitor);
- model.addAttribute("result", result);
- return "views/settings_result";
- }
- @PostMapping("/settings/unsubscribe")
- public String unsubscribeOneClick(
- @Visitor User user,
- @RequestParam(name = "List-Unsubscribe") String unsubscribe,
- ModelMap model) {
- if (!user.isAnonymous()) {
- if (unsubscribe.equals("One-Click")) {
- emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY);
- model.addAttribute("title", "Настройки");
- model.addAttribute("visitor", user);
- model.addAttribute("result", "Unsubscribed");
- return "views/settings_result";
- }
- }
- throw new HttpBadRequestException();
- }
-}
diff --git a/src/main/java/com/juick/server/www/controllers/SignUp.java b/src/main/java/com/juick/server/www/controllers/SignUp.java
deleted file mode 100644
index cc2101a3..00000000
--- a/src/main/java/com/juick/server/www/controllers/SignUp.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright (C) 2008-2019, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package com.juick.server.www.controllers;
-
-import com.juick.model.User;
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpForbiddenException;
-import com.juick.server.www.WebApp;
-import com.juick.service.CrosspostService;
-import com.juick.service.EmailService;
-import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
-import com.juick.service.security.entities.JuickUser;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.ModelMap;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-
-import javax.inject.Inject;
-
-/**
- *
- * @author Ugnich Anton
- */
-@Controller
-public class SignUp {
-
- @Inject
- private UserService userService;
- @Inject
- private CrosspostService crosspostService;
- @Inject
- private EmailService emailService;
- @Inject
- private WebApp webApp;
-
-
- @GetMapping("/signup")
- protected String doGet(
- @Visitor User visitor,
- @RequestParam String type, @RequestParam String hash, ModelMap model) {
- if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
- || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
- throw new HttpBadRequestException();
- }
-
- String account = null;
- switch (type) {
- case "fb":
- account = crosspostService.getFacebookNameByHash(hash);
- break;
- case "vk":
- account = crosspostService.getVKNameByHash(hash);
- break;
- case "xmpp":
- account = crosspostService.getJIDByHash(hash);
- break;
- case "durov":
- account = crosspostService.getTelegramNameByHash(hash);
- break;
- case "email":
- account = emailService.getEmailByAuthCode(hash);
- }
- if (account == null) {
- throw new HttpBadRequestException();
- }
-
- model.addAttribute("title", "Новый пользователь");
- visitor.setAvatar(webApp.getAvatarWebPath(visitor));
- model.addAttribute("visitor", visitor);
- model.addAttribute("account", account);
- model.addAttribute("type", type);
- model.addAttribute("hash", hash);
- return "views/signup";
- }
-
- @PostMapping("/signup")
- protected String doPost(
- @Visitor User visitor,
- @RequestParam String type,
- @RequestParam String hash,
- @RequestParam String action,
- @RequestParam(required = false) String username,
- @RequestParam(required = false) String password,
- ModelMap modelMap) {
- User current;
-
- if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
- throw new HttpBadRequestException();
- }
-
- if (action.charAt(0) == 'l') {
-
- if (visitor.isAnonymous()) {
- if (username.length() > 32) {
- throw new HttpBadRequestException();
- }
- current = userService.checkPassword(username, password).orElseThrow(HttpForbiddenException::new);
- } else {
- current = visitor;
- }
-
- if (current.getUid() <= 0) {
- throw new HttpForbiddenException();
- }
-
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))
- && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0
- && crosspostService.setJIDUser(hash, current.getUid()))) {
- if (type.equals("email")) {
- String email = emailService.getEmailByAuthCode(hash);
- emailService.addEmail(current.getUid(), email);
- emailService.deleteAuthCode(hash);
- } else {
- if (type.equals("xmpp")) {
- modelMap.addAttribute("visitor", visitor);
- modelMap.addAttribute("result", "XMPP support is disabled for new users");
- return "views/settings_result";
- }
- throw new HttpBadRequestException();
- }
- }
-
- } else { // Create new account
- if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
- throw new HttpBadRequestException();
- }
-
- current = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new);
-
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) {
- if (type.equals("email")) {
- String email = emailService.getEmailByAuthCode(hash);
- emailService.addEmail(current.getUid(), email);
- emailService.deleteAuthCode(hash);
- } else {
- if (type.equals("xmpp")) {
- modelMap.addAttribute("visitor", visitor);
- modelMap.addAttribute("result", "XMPP support is disabled for new users");
- return "views/settings_result";
- }
- throw new HttpBadRequestException();
- }
- }
- }
-
- if (visitor.isAnonymous()) {
- UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
- new UsernamePasswordAuthenticationToken(new JuickUser(current), password, JuickUser.USER_AUTHORITY);
- SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
- }
- return "redirect:/";
- }
-}
diff --git a/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
deleted file mode 100644
index e3b7a33b..00000000
--- a/src/main/java/com/juick/server/www/controllers/SocialLogin.java
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- * Copyright (C) 2008-2020, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package com.juick.server.www.controllers;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.github.scribejava.apis.*;
-import com.github.scribejava.core.builder.ServiceBuilder;
-import com.github.scribejava.core.model.*;
-import com.github.scribejava.core.oauth.OAuth10aService;
-import com.github.scribejava.core.oauth.OAuth20Service;
-import com.juick.model.ext.facebook.User;
-import com.juick.model.ext.vk.UsersResponse;
-import com.juick.server.Utils;
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.service.CrosspostService;
-import com.juick.service.EmailService;
-import com.juick.service.TelegramService;
-import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
-import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.proc.BadJOSEException;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.codec.digest.HmacAlgorithms;
-import org.apache.commons.codec.digest.HmacUtils;
-import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.lang3.math.NumberUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.util.UriComponentsBuilder;
-
-import javax.annotation.PostConstruct;
-import javax.inject.Inject;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.text.ParseException;
-import java.util.List;
-import java.util.Map;
-import java.util.UUID;
-import java.util.concurrent.ExecutionException;
-import java.util.stream.Collectors;
-
-/**
- *
- * @author Ugnich Anton
- */
-@Controller
-public class SocialLogin {
-
- private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
-
- @Value("${facebook_appid:appid}")
- private String FACEBOOK_APPID;
- @Value("${facebook_secret:secret}")
- private String FACEBOOK_SECRET;
- @Value("${ap_base_uri:http://localhost:8080/}")
- private String baseUri;
- private static final String VK_REDIRECT = "http://juick.com/_vklogin";
- private static final String TWITTER_VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";
- @Inject
- private ObjectMapper jsonMapper;
- private ServiceBuilder twitterBuilder;
- private OAuth20Service facebookAuthService, vkAuthService, appleSignInService;
-
- @Value("${twitter_consumer_key:appid}")
- private String twitterConsumerKey;
- @Value("${twitter_consumer_secret:secret}")
- private String twitterConsumerSecret;
- @Value("${vk_appid:appid}")
- private String VK_APPID;
- @Value("${vk_secret:secret}")
- private String VK_SECRET;
- @Value("${telegram_token:secret}")
- private String telegramToken;
- @Value("${apple_app_id:appid}")
- private String appleApplicationId;
- @Inject
- private CrosspostService crosspostService;
- @Inject
- private UserService userService;
- @Inject
- private EmailService emailService;
- @Inject
- private TelegramService telegramService;
- @Inject
- private AppleClientSecretGenerator clientSecretGenerator;
-
- @PostConstruct
- public void init() {
- ServiceBuilder facebookBuilder = new ServiceBuilder(FACEBOOK_APPID);
- twitterBuilder = new ServiceBuilder(twitterConsumerKey);
- ServiceBuilder vkBuilder = new ServiceBuilder(VK_APPID);
- UriComponentsBuilder redirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
- String facebookRedirectUri = redirectBuilder.replacePath("/_fblogin").build().toUriString();
- facebookAuthService = facebookBuilder
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .defaultScope("email")
- .build(FacebookApi.instance());
- vkAuthService = vkBuilder
- .apiSecret(VK_SECRET)
- .defaultScope("friends,wall,offline")
- .callback(VK_REDIRECT)
- .build(VkontakteApi.instance());
- ServiceBuilder appleSignInBuilder = new ServiceBuilder(appleApplicationId);
- String appleSignInRedirectUri = redirectBuilder.replacePath("/_apple").build().toUriString();
- appleSignInService = appleSignInBuilder
- .callback(appleSignInRedirectUri)
- .defaultScope("email")
- .build(new AppleSignInApi(clientSecretGenerator));
- }
-
- @GetMapping("/_fblogin")
- protected String doFacebookLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
- if (StringUtils.isBlank(code)) {
- String fbstate = UUID.randomUUID().toString();
- if (StringUtils.isBlank(state)) {
- state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/");
- }
- crosspostService.addFacebookState(fbstate, state);
- return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
- }
-
- String redirectUrl = crosspostService.verifyFacebookState(state);
- if (StringUtils.isEmpty(redirectUrl)) {
- logger.error("state is missing");
- throw new HttpBadRequestException();
- }
- OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
- final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
- facebookAuthService.signRequest(token, meRequest);
- String graph = facebookAuthService.execute(meRequest).getBody();
- if (StringUtils.isBlank(graph)) {
- logger.error("FACEBOOK GRAPH ERROR");
- throw new HttpBadRequestException();
- }
- User fb = jsonMapper.readValue(graph, User.class);
- long fbID = NumberUtils.toLong(fb.getId(), 0);
- if (fbID == 0 || StringUtils.isBlank(fb.getName())) {
- logger.error("Missing required fields, id: {}, name: {}", fbID, fb.getName());
- throw new HttpBadRequestException();
- }
-
- int uid = crosspostService.getUIDbyFBID(fbID);
- if (uid > 0) {
- if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
- logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken());
- throw new HttpBadRequestException();
- }
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:" + redirectUrl;
- } else {
- if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
- if (StringUtils.isNotEmpty(fb.getEmail())) {
- logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
- Integer userId = crosspostService.getUIDbyFBID(fbID);
- if (!emailService.getEmails(userId, false).contains(fb.getEmail())) {
- emailService.addEmail(userId, fb.getEmail());
- }
- }
- logger.info("email not found for facebook user {}", fb.getName());
- throw new HttpBadRequestException();
- }
- return "redirect:/signup?type=fb&hash=" + state;
- }
- }
- @GetMapping("/_twitter")
- protected void doTwitterLogin(
- @Visitor com.juick.model.User user,
- HttpServletRequest request, HttpServletResponse response)
- throws IOException, ExecutionException, InterruptedException {
- String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
- String verifier = request.getParameter("oauth_verifier");
- Cookie[] cookies = request.getCookies();
- for (Cookie cookie : cookies) {
- if (cookie.getName().equals("hash")) {
- hash = cookie.getValue();
- }
- if (cookie.getName().equals("request_token")) {
- request_token = cookie.getValue();
- }
- if (cookie.getName().equals("request_token_secret")) {
- request_token_secret = cookie.getValue();
- }
- }
- OAuth10aService oAuthService = twitterBuilder
- .apiSecret(twitterConsumerSecret)
- .callback("https://juick.com/_twitter")
- .build(TwitterApi.instance());
-
- if (request_token.isEmpty() && request_token_secret.isEmpty()
- && (verifier == null || verifier.isEmpty())) {
- OAuth1RequestToken requestToken = oAuthService.getRequestToken();
- String authUrl = oAuthService.getAuthorizationUrl(requestToken);
- response.addCookie(new Cookie("request_token", requestToken.getToken()));
- response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret()));
- response.setStatus(HttpServletResponse.SC_FOUND);
- response.setHeader("Location", authUrl);
- } else {
- if (verifier != null && verifier.length() > 0) {
- OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret);
- OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier);
- OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, TWITTER_VERIFY_URL);
- oAuthService.signRequest(accessToken, oAuthRequest);
- com.juick.model.ext.twitter.User twitterUser = jsonMapper.readValue(oAuthService.execute(oAuthRequest).getBody(),
- com.juick.model.ext.twitter.User.class);
- if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(),
- twitterUser.getScreenName())) {
- response.setStatus(HttpServletResponse.SC_FOUND);
- response.setHeader("Location", "http://juick.com/settings");
- } else {
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- }
- }
- }
- }
- @GetMapping("/_vklogin")
- protected String doVKLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @CookieValue(required = false) String vkstate,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
- if (StringUtils.isBlank(code)) {
- vkstate = UUID.randomUUID().toString();
- Cookie c = new Cookie("vkstate", vkstate);
- response.addCookie(c);
- return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
- }
-
- if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
- throw new HttpBadRequestException();
- } else {
- Cookie c = new Cookie("vkstate", "-");
- c.setMaxAge(0);
- response.addCookie(c);
- }
- OAuth2AccessToken token = vkAuthService.getAccessToken(code);
-
- OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
- vkAuthService.signRequest(token, meRequest);
- String graph = vkAuthService.execute(meRequest).getBody();
-
- com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
- String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
- String vkLink = jsonUser.getScreenName();
-
- if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) {
- logger.error("vk user error");
- throw new HttpBadRequestException();
- }
-
- long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
- int uid = crosspostService.getUIDbyVKID(vkID);
- if (uid > 0) {
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
- } else {
- String loginhash = UUID.randomUUID().toString();
- if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
- logger.error("create vk user error");
- throw new HttpBadRequestException();
- }
- return "redirect:/signup?type=vk&hash=" + loginhash;
- }
- }
-
- @GetMapping("/_tglogin")
- public String doDurovLogin(HttpServletRequest request,
- @RequestParam Map params,
- HttpServletResponse response) {
- String dataCheckString = params.entrySet().stream()
- .filter(p -> !p.getKey().equals("hash"))
- .sorted(Map.Entry.comparingByKey())
- .map(p -> p.getKey() + "=" + p.getValue())
- .collect(Collectors.joining("\n"));
- String hash = params.get("hash");
- byte[] secretKey = DigestUtils.sha256(telegramToken);
- String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString);
- if (hash.equals(resultString)) {
- long tgUser = Long.parseLong(params.get("id"));
- int uid = telegramService.getUser(tgUser);
- if (uid > 0) {
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
- } else {
- String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));
- List chats = telegramService.getAnonymous();
- if (!chats.contains(tgUser)) {
- logger.info("added chat with {}", username);
- telegramService.createTelegramUser(tgUser, username);
- }
- return "redirect:/signup?type=durov&hash=" + userService.getSignUpHashByTelegramID(tgUser, username);
- }
- } else {
- logger.warn("invalid tg hash {} for {}", resultString, hash);
- }
- throw new HttpBadRequestException();
- }
-
- @GetMapping("/_apple")
- public String doAppleLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- HttpServletResponse response) {
- if (StringUtils.isBlank(code)) {
- String state = UUID.randomUUID().toString();
- Cookie c = new Cookie("astate", state);
- response.addCookie(c);
- return "redirect:" + appleSignInService.getAuthorizationUrl(state);
- }
- throw new HttpBadRequestException();
- }
- @PostMapping("/_apple")
- public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, @RequestParam Map body) throws InterruptedException, ExecutionException, IOException, ParseException, JOSEException, BadJOSEException {
- OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code"));
- var jsonNode = jsonMapper.readTree(token.getRawResponse());
- var idToken = jsonNode.get("id_token").textValue();
- AppleSignInApi api = (AppleSignInApi) appleSignInService.getApi();
- var email = api.validateToken(idToken);
- if (email.isPresent()) {
- com.juick.model.User user = userService.getUserByEmail(email.get());
- if (!user.isAnonymous()) {
- Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/";
- } else {
- String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
- emailService.addVerificationCode(null, email.get(), verificationCode);
- return "redirect:/signup?type=email&hash=" + verificationCode;
- }
- }
- throw new HttpBadRequestException();
- }
-}
diff --git a/src/main/java/com/juick/server/www/filters/AnythingFilter.java b/src/main/java/com/juick/server/www/filters/AnythingFilter.java
deleted file mode 100644
index 9a012089..00000000
--- a/src/main/java/com/juick/server/www/filters/AnythingFilter.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (C) 2008-2019, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-
-package com.juick.server.www.filters;
-
-import com.juick.model.User;
-import com.juick.server.util.WebUtils;
-import com.juick.service.MessagesService;
-import com.juick.service.UserService;
-import org.apache.commons.lang3.math.NumberUtils;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
-import org.springframework.web.util.UriComponents;
-
-import javax.annotation.Nonnull;
-import javax.inject.Inject;
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-@Component
-public class AnythingFilter extends OncePerRequestFilter {
- @Inject
- private MessagesService messagesService;
- @Inject
- private UserService userService;
-
- @Override
- public void doFilterInternal(@Nonnull HttpServletRequest servletRequest,
- @Nonnull HttpServletResponse servletResponse,
- @Nonnull FilterChain filterChain) throws IOException, ServletException {
- String upgrade = servletRequest.getHeader("Connection");
- if (upgrade != null && upgrade.equals("Upgrade")) {
- filterChain.doFilter(servletRequest, servletResponse);
- return;
- }
- UriComponents components = ServletUriComponentsBuilder.fromCurrentRequestUri().build();
- String anything = components.getPath().substring(1);
- int before = NumberUtils.toInt(components.getQueryParams().getFirst("before"), 0);
- if (before == 0) {
- boolean isPostNumber = WebUtils.isPostNumber(anything);
- int messageId = isPostNumber ?
- NumberUtils.toInt(anything) : 0;
-
- if (isPostNumber && anything.equals(Integer.toString(messageId))) {
- if (messageId > 0) {
- User author = messagesService.getMessageAuthor(messageId);
-
- if (author != null) {
- servletResponse.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
- servletResponse.setHeader("Location", "/" + author.getName() + "/" + anything);
- return;
- }
- }
- }
- User user = userService.getUserByName(anything);
- if (user.getUid() > 0) {
- servletResponse.sendRedirect("/" + user.getName() + "/");
- } else {
- filterChain.doFilter(servletRequest, servletResponse);
- }
- } else {
- User user = userService.getUserByName(anything);
- if (!user.isAnonymous()) {
- servletResponse.sendRedirect("/" + user.getName() + "/?before=" + before);
- } else {
- filterChain.doFilter(servletRequest, servletResponse);
- }
- }
- }
-}
diff --git a/src/main/java/com/juick/service/MessagesServiceImpl.java b/src/main/java/com/juick/service/MessagesServiceImpl.java
index e2b5e2b1..e3b7482b 100644
--- a/src/main/java/com/juick/service/MessagesServiceImpl.java
+++ b/src/main/java/com/juick/service/MessagesServiceImpl.java
@@ -19,7 +19,7 @@ package com.juick.service;
import com.juick.model.*;
import com.juick.model.User;
-import com.juick.server.www.WebApp;
+import com.juick.www.WebApp;
import com.juick.util.MessageUtils;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
diff --git a/src/main/java/com/juick/www/HelpService.java b/src/main/java/com/juick/www/HelpService.java
new file mode 100644
index 00000000..9d3c3f16
--- /dev/null
+++ b/src/main/java/com/juick/www/HelpService.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.www;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.cache.annotation.Cacheable;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.util.regex.Pattern;
+
+/**
+ * Created by aalexeev on 12/11/16.
+ */
+public class HelpService {
+ private static final Pattern LANG_PATTERN = Pattern.compile("[a-z]{2}");
+
+ private static final Pattern PAGE_PATTERN = Pattern.compile("[a-zA-Z0-9\\-_]+");
+
+ private final String helpPath;
+
+
+ public HelpService(String helpPath) {
+ this.helpPath = helpPath;
+ }
+
+ @Cacheable("help")
+ public String getHelp(final String page, final String lang) {
+ if (canBePage(page) && canBeLang(lang)) {
+ String path = StringUtils.joinWith("/", helpPath, lang, page + ".md");
+
+ try (InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(path)) {
+ if (is != null)
+ return IOUtils.toString(is, StandardCharsets.UTF_8);
+ } catch (IOException e) {
+ }
+ }
+ return null;
+ }
+
+ public boolean canBePage(final String anything) {
+ return anything != null && PAGE_PATTERN.matcher(anything).matches();
+ }
+
+ public boolean canBeLang(final String anything) {
+ return anything != null && LANG_PATTERN.matcher(anything).matches();
+ }
+
+ public String getHelpPath() {
+ return helpPath;
+ }
+}
diff --git a/src/main/java/com/juick/www/VaryHandler.java b/src/main/java/com/juick/www/VaryHandler.java
new file mode 100644
index 00000000..fb5f7665
--- /dev/null
+++ b/src/main/java/com/juick/www/VaryHandler.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.www;
+
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ModelAttribute;
+
+import javax.servlet.http.HttpServletResponse;
+
+@ControllerAdvice
+public class VaryHandler {
+ @ModelAttribute
+ public void setVaryResponseHeader(HttpServletResponse response) {
+ response.setHeader("Vary", "Accept-Language");
+ }
+}
diff --git a/src/main/java/com/juick/www/WebApp.java b/src/main/java/com/juick/www/WebApp.java
new file mode 100644
index 00000000..a0675e6d
--- /dev/null
+++ b/src/main/java/com/juick/www/WebApp.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www;
+
+import com.juick.model.Message;
+import com.juick.model.Tag;
+import com.juick.model.User;
+import com.juick.service.TagService;
+import com.mitchellbosecke.pebble.PebbleEngine;
+import com.mitchellbosecke.pebble.template.PebbleTemplate;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.resource.ResourceUrlProvider;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.io.Writer;
+import java.util.*;
+import java.util.stream.Stream;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Component
+public class WebApp {
+ @Inject
+ private TagService tagService;
+ @Inject
+ private ResourceUrlProvider resourceUrlProvider;
+ @Inject
+ private PebbleEngine pebbleEngine;
+ @Value("${img_url:http://localhost:8080/i/}")
+ private String baseImagesUri;
+ UriComponentsBuilder avatarBuilder;
+
+ @PostConstruct
+ public void init() {
+ avatarBuilder = UriComponentsBuilder.fromUriString(baseImagesUri);
+ }
+
+ public List parseTags(String tagsStr) {
+ List tags = new ArrayList<>();
+ if (tagsStr != null && !tagsStr.isEmpty()) {
+ Stream tagsList = Arrays.stream(tagsStr.split("[ \\,]"))
+ .distinct().map( t -> {
+ if (t.startsWith("*")) {
+ t = t.substring(1);
+ }
+ if (t.length() > 64) {
+ t = t.substring(0, 64);
+ }
+ return t;
+ });
+ tags = tagService.getTags(tagsList, true);
+ while (tags.size() > 5) {
+ tags.remove(5);
+ }
+ }
+ return tags;
+ }
+
+ public String getStyleUrl() {
+ return resourceUrlProvider.getForLookupPath("/style.css");
+ }
+
+ public String getScriptsUrl() {
+ return resourceUrlProvider.getForLookupPath("/scripts.js");
+ }
+ public String getAvatarWebPath(User user) {
+ String avatarUri = resourceUrlProvider.getForLookupPath(String.format("/i/a/%d.png", user.getUid()));
+ if (StringUtils.isNotEmpty(avatarUri)) {
+ return avatarUri;
+ }
+ return resourceUrlProvider.getForLookupPath("/av-96.png");
+ }
+
+ public String getAvatarUrl(User user) {
+ avatarBuilder.replacePath(getAvatarWebPath(user));
+ return avatarBuilder.build().toUriString();
+ }
+ public Optional renderPlaintext(String body, String messageUrl) {
+ PebbleTemplate noteTemplate = pebbleEngine.getTemplate("email/plaintext");
+ Map context = new HashMap<>();
+ context.put("messageBody", body);
+ context.put("messageUrl", messageUrl);
+ try {
+ Writer writer = new StringWriter();
+ noteTemplate.evaluate(writer, context);
+ return Optional.of(writer.toString());
+ } catch (IOException e) {
+ return Optional.empty();
+ }
+ }
+
+ public Optional renderHtml(String body, String messageUrl, Message msg, String hash) {
+ PebbleTemplate noteTemplate = pebbleEngine.getTemplate("email/html");
+ Map context = new HashMap<>();
+ context.put("messageBody", body);
+ context.put("messageUrl", messageUrl);
+ context.put("msg", msg);
+ context.put("hash", hash);
+ try {
+ Writer writer = new StringWriter();
+ noteTemplate.evaluate(writer, context);
+ return Optional.of(writer.toString());
+ } catch (IOException e) {
+ return Optional.empty();
+ }
+ }
+}
diff --git a/src/main/java/com/juick/www/ad/SapeService.java b/src/main/java/com/juick/www/ad/SapeService.java
new file mode 100644
index 00000000..9d58f8b4
--- /dev/null
+++ b/src/main/java/com/juick/www/ad/SapeService.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2008-2020, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.www.ad;
+
+import com.juick.model.User;
+import com.juick.service.security.annotation.Visitor;
+import com.juick.www.controllers.MessagesWWW;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.CookieValue;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.springframework.web.util.UriComponents;
+import ru.sape.Sape;
+
+import javax.inject.Inject;
+import java.net.URI;
+
+@ControllerAdvice(assignableTypes = MessagesWWW.class)
+@ConditionalOnProperty("sape_user")
+public class SapeService {
+
+ private final Sape sape;
+
+ @Inject
+ public SapeService(Sape sape) {
+ this.sape = sape;
+ }
+
+ @ModelAttribute
+ public void addSapeLinks(
+ @Visitor User visitor,
+ @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie,
+ @RequestParam(required = false, defaultValue = "0") int before,
+ @RequestParam(name = "show", required = false) String paramShow,
+ @RequestParam(name = "search", required = false) String paramSearch,
+ @RequestParam(name = "to", required = false, defaultValue = "0") Long paramTo,
+ ModelMap model) {
+ UriComponents builder = ServletUriComponentsBuilder.fromCurrentRequest().build();
+ URI requestURI = builder.toUri();
+ var showAdv = paramShow == null && before == 0 && paramSearch == null
+ && visitor.isAnonymous();
+ model.addAttribute("showAdv", showAdv);
+ if (showAdv) {
+ String links = sape.getPageLinks(requestURI, sapeCookie).render();
+ model.addAttribute("links", links);
+ }
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/Help.java b/src/main/java/com/juick/www/controllers/Help.java
new file mode 100644
index 00000000..d2796def
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/Help.java
@@ -0,0 +1,95 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.www.controllers;
+
+import com.juick.model.User;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.www.HelpService;
+import com.juick.www.WebApp;
+import com.juick.service.MessagesService;
+import com.juick.service.security.annotation.Visitor;
+import org.commonmark.parser.Parser;
+import org.commonmark.renderer.html.HtmlRenderer;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+
+import javax.inject.Inject;
+import java.util.Locale;
+import java.util.Objects;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+@Controller
+public class Help {
+ @Inject
+ private HelpService helpService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private Parser cmParser;
+ @Inject
+ private HtmlRenderer helpRenderer;
+ @Inject
+ private WebApp webApp;
+
+ @GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"})
+ public String showHelp(
+ @Visitor User visitor,
+ Locale locale,
+ @PathVariable(required = false, name = "lang") String lang,
+ @PathVariable(required = false, name = "page") String page,
+ @PathVariable(required = false, name = "langOrPage") String langOrPage,
+ Model model) {
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ String navigation = null;
+
+ if (langOrPage != null) {
+ if (helpService.canBeLang(langOrPage)) {
+ navigation = helpService.getHelp("navigation", langOrPage);
+ if (navigation != null)
+ lang = langOrPage;
+ }
+
+ if (navigation == null && helpService.canBePage(langOrPage))
+ page = langOrPage;
+ }
+
+ if (lang == null) {
+ lang = locale.getLanguage();
+ }
+
+ String content = helpService.getHelp(page, lang);
+ if (content == null && !Objects.equals("tos", page))
+ content = helpService.getHelp("tos", lang);
+
+ if (navigation == null)
+ navigation = helpService.getHelp("navigation", lang);
+
+ if (content == null || navigation == null)
+ throw new HttpNotFoundException();
+
+ model.addAttribute("navigation", helpRenderer.render(cmParser.parse(navigation)));
+ model.addAttribute("content", helpRenderer.render(cmParser.parse(content)));
+ model.addAttribute("visitor", visitor);
+
+ return "views/help";
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/Login.java b/src/main/java/com/juick/www/controllers/Login.java
new file mode 100644
index 00000000..8bc8e340
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/Login.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.juick.model.User;
+import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.inject.Inject;
+
+/**
+ * @author Ugnich Anton
+ */
+@Controller
+public class Login {
+ @Inject
+ private UserService userService;
+
+ @GetMapping("/login")
+ public String getloginForm(
+ @Visitor User visitor,
+ @RequestParam(required = false, defaultValue = "true") boolean redirect) {
+ if (!visitor.isAnonymous()) {
+ return redirect ? "redirect:/" : "redirect:/login/success";
+ }
+ return "views/login";
+ }
+ @GetMapping("/login/success")
+ public String getSuccessLogin(@Visitor User visitor, ModelMap model) {
+ model.addAttribute("hash", userService.getHashByUID(visitor.getUid()));
+ return "views/login_success";
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/MessagesWWW.java b/src/main/java/com/juick/www/controllers/MessagesWWW.java
new file mode 100644
index 00000000..4b0bb17f
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/MessagesWWW.java
@@ -0,0 +1,590 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.juick.model.Message;
+import com.juick.model.Tag;
+import com.juick.model.User;
+import com.juick.formatters.PlainTextFormatter;
+import com.juick.server.Utils;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.server.util.WebUtils;
+import com.juick.www.WebApp;
+import com.juick.service.*;
+import com.juick.service.security.annotation.Visitor;
+import com.juick.util.MessageUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.tuple.Pair;
+import org.apache.commons.text.StringEscapeUtils;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.*;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class MessagesWWW {
+ @Inject
+ private UserService userService;
+ @Inject
+ private TagService tagService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private PMQueriesService pmQueriesService;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private WebApp webApp;
+
+ private void fillUserModel(ModelMap model, User user, User visitor) {
+ user.setAvatar(webApp.getAvatarWebPath(user));
+ model.addAttribute("user", user);
+ model.addAttribute("isSubscribed", userService.isSubscribed(visitor.getUid(), user.getUid()));
+ model.addAttribute("isInBL", userService.isInBL(visitor.getUid(), user.getUid()));
+ model.addAttribute("isInBLAny", userService.isInBLAny(user.getUid(), visitor.getUid()));
+ model.addAttribute("statsIRead", userService.getUserFriends(user.getUid()).size());
+ model.addAttribute("statsMyReaders", userService.getStatsMyReaders(user.getUid()));
+ model.addAttribute("statsMyBL", userService.getUserBLUsers(user.getUid()).size());
+ model.addAttribute("statsMessages", userService.getStatsMessages(user.getUid()));
+ model.addAttribute("statsReplies", userService.getStatsReplies(user.getUid()));
+ model.addAttribute("iread", userService.getUserReadLeastPopular(user.getUid(), 8));
+ model.addAttribute("tagStats", tagService.getUserTagStats(user.getUid())
+ .stream().sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).limit(20).map(t -> t.getTag().getName()).collect(Collectors.toList()));
+ }
+
+ @GetMapping("/")
+ protected String doGet(
+ @Visitor User visitor,
+ @RequestParam(required = false) String tag,
+ @RequestParam(name = "show", required = false) String paramShow,
+ @RequestParam(name = "search", required = false) String paramSearch,
+ @RequestParam(name = "before", required = false, defaultValue = "0") Integer paramBefore,
+ @RequestParam(name = "to", required = false, defaultValue = "0") Long paramTo,
+ @RequestParam(name = "page", required = false, defaultValue = "0") Integer page,
+ ModelMap model) {
+ if (tag != null) {
+ return "redirect:/tag/" + URLEncoder.encode(tag, StandardCharsets.UTF_8);
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+
+ if (paramSearch != null && paramSearch.length() > 64) {
+ paramSearch = null;
+ }
+
+ model.addAttribute("discover", false);
+
+ String title;
+ List mids;
+
+ if (paramSearch != null) {
+ title = "Поиск: " + StringEscapeUtils.escapeHtml4(paramSearch);
+ mids = messagesService.getSearch(visitor, Utils.encodeSphinx(paramSearch), page);
+ } else if (paramShow == null) {
+ title = "Обсуждения";
+ mids = messagesService.getDiscussions(visitor.getUid(), paramTo);
+ } else if (paramShow.equals("top")) {
+ title = "Популярные";
+ mids = messagesService.getPopular(visitor.getUid(), paramBefore);
+ model.addAttribute("discover", true);
+ } else if (paramShow.equals("my") && !visitor.isAnonymous()) {
+ title = "Моя лента";
+ mids = messagesService.getMyFeed(visitor.getUid(), paramBefore, true);
+ } else if (paramShow.equals("private") && !visitor.isAnonymous()) {
+ title = "Приватные";
+ mids = messagesService.getPrivate(visitor.getUid(), paramBefore);
+ } else if (paramShow.equals("discuss")) {
+ return "redirect:/";
+ } else if (paramShow.equals("recommended") && !visitor.isAnonymous()) {
+ title = "Рекомендации";
+ mids = messagesService.getRecommended(visitor.getUid(), paramBefore);
+ } else if (paramShow.equals("photos")) {
+ title = "Фотографии";
+ mids = messagesService.getPhotos(visitor.getUid(), paramBefore);
+ model.addAttribute("discover", true);
+ } else if (paramShow.equals("all")) {
+ title = "Все сообщения";
+ mids = messagesService.getAll(visitor.getUid(), paramBefore);
+ model.addAttribute("discover", true);
+ } else {
+ throw new HttpNotFoundException();
+ }
+
+ String head = "\n";
+
+ if (paramBefore > 0 || paramShow != null) {
+ head = "";
+ }
+ model.addAttribute("title", title);
+ model.addAttribute("headers", head);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("noindex", !(paramShow == null && paramBefore == 0));
+ List msgs = messagesService.getMessages(visitor, mids);
+ msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser())));
+ if (!visitor.isAnonymous()) {
+ fillUserModel(model, visitor, visitor);
+ List unread = messagesService.getUnread(visitor);
+ visitor.setUnreadCount(unread.size());
+ List blUIDs = userService.checkBL(visitor.getUid(),
+ msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList()));
+ msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid()));
+ }
+ model.addAttribute("msgs", msgs);
+ model.addAttribute("tags", tagService.getPopularTags());
+ model.addAttribute("headers", head);
+ if (mids.size() >= 20) {
+ String nextpage = paramSearch != null ? String.format("?page=%d", page + 1)
+ : (paramShow == null) ? "?to=" + msgs.get(msgs.size() - 1).getUpdated().toEpochMilli()
+ : "?before=" + mids.get(mids.size() - 1);
+ if (paramShow != null) {
+ nextpage += "&show=" + paramShow;
+ }
+ if (paramSearch != null) {
+ nextpage += "&search=" + URLEncoder.encode(paramSearch, StandardCharsets.UTF_8);
+ }
+ model.addAttribute("nextpage", nextpage);
+ }
+ return "views/index";
+ }
+
+ @GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade")
+ protected String doGetBlog(
+ @Visitor User visitor,
+ @RequestParam(required = false, name = "show") String paramShow,
+ @RequestParam(required = false, name = "tag") String paramTagStr,
+ @RequestParam(required = false, name = "search") String paramSearch,
+ @RequestParam(required = false, name = "page", defaultValue = "0") Integer page,
+ @PathVariable String uname,
+ @RequestParam(required = false, defaultValue = "0") Integer before,
+ @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie,
+ ModelMap model) {
+ User user = userService.getUserByName(uname);
+ if (user.isBanned() || user.isAnonymous()) {
+ throw new HttpNotFoundException();
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+
+ List mids;
+
+ Tag paramTag = null;
+ if (paramTagStr != null) {
+ if (paramTagStr.length() < 64) {
+ paramTag = tagService.getTag(paramTagStr, false);
+ }
+ if (paramTag == null) {
+ throw new HttpNotFoundException();
+ } else if (!paramTag.getName().equals(paramTagStr)) {
+ String url = user.getName() + "/?tag=" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8);
+ return "redirect:/" + url;
+ }
+ }
+ if (paramSearch != null && paramSearch.length() > 64) {
+ paramSearch = null;
+ }
+
+ int privacy = 0;
+ if (!visitor.isAnonymous()) {
+ if (user.getUid() == visitor.getUid() || visitor.getUid() == 1) {
+ privacy = -3;
+ } else if (userService.isInWL(user.getUid(), visitor.getUid())) {
+ privacy = -2;
+ }
+ }
+
+ String title;
+ if (paramShow == null) {
+ if (paramTag != null) {
+ title = "Блог " + user.getName() + ": *" + StringEscapeUtils.escapeHtml4(paramTag.getName());
+ mids = messagesService.getUserTag(user.getUid(), paramTag.TID, privacy, before);
+ } else if (paramSearch != null) {
+ title = "Блог " + user.getName() + ": " + StringEscapeUtils.escapeHtml4(paramSearch);
+ mids = messagesService.getUserSearch(visitor, user.getUid(), Utils.encodeSphinx(paramSearch), privacy, page);
+ } else {
+ title = "Блог " + user.getName();
+ mids = messagesService.getUserBlog(user.getUid(), privacy, before);
+ }
+ } else if (paramShow.equals("recomm")) {
+ title = "Рекомендации " + user.getName();
+ mids = messagesService.getUserRecommendations(user.getUid(), before);
+ } else if (paramShow.equals("photos")) {
+ title = "Фотографии " + user.getName();
+ mids = messagesService.getUserPhotos(user.getUid(), privacy, before);
+ } else {
+ throw new HttpNotFoundException();
+ }
+
+ String head = "";
+ head += "\n";
+ if (paramTag != null && tagService.getTagNoIndex(paramTag.TID)) {
+ head += "";
+ } else if (before > 0 || paramShow != null) {
+ head += "";
+ }
+ model.addAttribute("pageUrl", "http://juick.com/" + user.getName());
+ model.addAttribute("title", title);
+ model.addAttribute("headers", head);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("noindex", paramShow == null && before == 0);
+ fillUserModel(model, user, visitor);
+ model.addAttribute("paramTag", paramTag);
+ List msgs = messagesService.getMessages(visitor, mids);
+ msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser())));
+ if (!visitor.isAnonymous()) {
+ List unread = messagesService.getUnread(visitor);
+ visitor.setUnreadCount(unread.size());
+ List blUIDs = userService.checkBL(visitor.getUid(),
+ msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList()));
+ msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid()));
+ }
+ model.addAttribute("msgs", msgs);
+ model.addAttribute("headers", head);
+ if (mids.size() >= 20) {
+ String nextpage = paramSearch != null ? String.format("?page=%d", page + 1) : "?before=" + mids.get(mids.size() - 1);
+ if (paramShow != null) {
+ nextpage += "&show=" + paramShow;
+ }
+ if (paramSearch != null) {
+ nextpage += "&search=" + URLEncoder.encode(paramSearch, StandardCharsets.UTF_8);
+ }
+ if (paramTag != null) {
+ nextpage += "&tag=" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8);
+ }
+ model.addAttribute("nextpage", nextpage);
+ }
+ return "views/blog";
+ }
+
+ @GetMapping("/{uname}/tags")
+ protected String doGetTags(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
+ User user = userService.getUserByName(uname);
+ if (visitor.isBanned()) {
+ throw new HttpNotFoundException();
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+
+ model.addAttribute("title", "Теги " + user.getName());
+ model.addAttribute("headers", "");
+ model.addAttribute("visitor", visitor);
+ fillUserModel(model, user, visitor);
+ model.addAttribute("tags", tagService.getUserTagStats(user.getUid()).stream()
+ .sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).map(t -> t.getTag().getName()).collect(Collectors.toList()));
+
+ return "views/blog_tags";
+ }
+
+ @GetMapping("/{uname}/friends")
+ protected String doGetFriends(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
+ User user = userService.getUserByName(uname);
+ if (visitor.isBanned()) {
+ throw new HttpNotFoundException();
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("title", "Подписки " + user.getName());
+ model.addAttribute("headers", "");
+ model.addAttribute("visitor", visitor);
+ fillUserModel(model, user, visitor);
+ model.addAttribute("users", userService.getUserFriends(user.getUid()));
+
+ return "views/users";
+ }
+
+ @GetMapping("/{uname}/readers")
+ protected String doGetReaders(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
+ User user = userService.getUserByName(uname);
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("title", "Читатели " + user.getName());
+ model.addAttribute("headers", "");
+ model.addAttribute("visitor", visitor);
+ fillUserModel(model, user, visitor);
+ model.addAttribute("users", userService.getUserReaders(user.getUid()));
+
+ return "views/users";
+ }
+
+ @GetMapping("/{uname}/bl")
+ protected String doGetBL(
+ @Visitor User visitor,
+ @PathVariable String uname, ModelMap model) {
+ User user = userService.getUserByName(uname);
+ if (visitor.getUid() != user.getUid()) {
+ throw new HttpForbiddenException();
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("title", "Черный список " + user.getName());
+ model.addAttribute("headers", "");
+ model.addAttribute("visitor", visitor);
+ fillUserModel(model, user, visitor);
+ model.addAttribute("users", userService.getUserBLUsers(user.getUid()));
+
+ return "views/users";
+ }
+ @GetMapping("/tag/{tagName}")
+ protected String tagAction(
+ @Visitor User visitor,
+ HttpServletRequest request,
+ @PathVariable String tagName,
+ @RequestParam(required = false, defaultValue = "0") int before,
+ ModelMap model) {
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName);
+ Tag paramTag = tagService.getTag(paramTagStr, false);
+ if (paramTag == null) {
+ throw new HttpNotFoundException();
+ } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) {
+ Tag synTag = tagService.getTag(paramTag.SynonymID);
+ String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(synTag.getName()), StandardCharsets.UTF_8);
+ if (request.getQueryString() != null) {
+ url += "?" + request.getQueryString();
+ }
+ return "redirect:" + url;
+ } else if (!paramTag.getName().equals(paramTagStr)) {
+ String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(paramTag.getName()), StandardCharsets.UTF_8);
+ if (request.getQueryString() != null) {
+ url += "?" + request.getQueryString();
+ }
+ return "redirect:" + url;
+ }
+
+ String title = "*" + StringEscapeUtils.escapeHtml4(paramTag.getName());
+ model.addAttribute("title", title);
+ List mids = messagesService.getTag(paramTag.TID, visitor.getUid(), before, (visitor.isAnonymous()) ? 40 : 20);
+ List msgs = messagesService.getMessages(visitor, mids);
+ msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser())));
+ if (!visitor.isAnonymous()) {
+ List unread = messagesService.getUnread(visitor);
+ visitor.setUnreadCount(unread.size());
+ List blUIDs = userService.checkBL(
+ visitor.getUid(),
+ msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList())
+ );
+ msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid()));
+ fillUserModel(model, visitor, visitor);
+ }
+
+ String head = StringUtils.EMPTY;
+ if (tagService.getTagNoIndex(paramTag.TID)) {
+ head = "";
+ } else if (before > 0 || mids.size() < 5) {
+ head = "";
+ }
+ model.addAttribute("headers", head);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("tag", paramTag);
+ model.addAttribute("title", title);
+ model.addAttribute("msgs", msgs);
+ model.addAttribute("tags", tagService.getPopularTags());
+ model.addAttribute("noindex", before > 0);
+ model.addAttribute("isSubscribed", tagService.isSubscribed(visitor, paramTag));
+ model.addAttribute("isInBL", tagService.isInBL(visitor, paramTag));
+ if (mids.size() >= 20) {
+ String nextpage = "/tag/" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8) + "?before=" + mids.get(mids.size() - 1);
+ model.addAttribute("nextpage", nextpage);
+ }
+ return "views/index";
+ }
+ @GetMapping("/pm/inbox")
+ protected String doGetInbox(@Visitor User visitor, ModelMap model) {
+ if (visitor.isAnonymous()) {
+ return "redirect:/login";
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ String title = "PM: Inbox";
+ List msgs = pmQueriesService.getLastPMInbox(visitor.getUid());
+ msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser())));
+ fillUserModel(model, visitor, visitor);
+ model.addAttribute("title", title);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("msgs", msgs);
+ model.addAttribute("tags", tagService.getPopularTags());
+ return "views/pm_inbox";
+ }
+
+ @GetMapping("/pm/sent")
+ protected String doGetSent(
+ @Visitor User visitor,
+ @RequestParam(required = false) String uname,
+ ModelMap model) {
+ if (visitor.isAnonymous()) {
+ return "redirect:/login";
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ String title = "PM: Sent";
+ List msgs = pmQueriesService.getLastPMSent(visitor.getUid());
+ msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser())));
+ if (WebUtils.isNotUserName(uname)) {
+ uname = StringUtils.EMPTY;
+ }
+ fillUserModel(model, visitor, visitor);
+ model.addAttribute("title", title);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("msgs", msgs);
+ model.addAttribute("tags", tagService.getPopularTags());
+ model.addAttribute("uname", uname);
+ return "views/pm_sent";
+ }
+ @GetMapping(value = "/{uname}/{mid}", produces = MediaType.TEXT_HTML_VALUE)
+ protected String threadAction(
+ @Visitor User visitor,
+ ModelMap model,
+ @PathVariable String uname,
+ @PathVariable int mid,
+ @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) {
+ if (!messagesService.canViewThread(mid, visitor.getUid())) {
+ throw new HttpForbiddenException();
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ Optional message = messagesService.getMessage(mid);
+
+ if (message.isEmpty()) {
+ throw new HttpNotFoundException();
+ }
+
+ Message msg = message.get();
+
+ User user = userService.getUserByName(uname);
+ if (user.isAnonymous() || !msg.getUser().equals(user)) {
+ return String.format("redirect:/%s/%d", msg.getUser().getName(), mid);
+ }
+ msg.VisitorCanComment = !visitor.isAnonymous();
+ msg.getUser().setAvatar(webApp.getAvatarWebPath(msg.getUser()));
+ List replies = messagesService.getReplies(visitor, msg.getMid());
+ // this should be after getReplies to mark thread as read
+ fillUserModel(model, user, visitor);
+ if (!visitor.isAnonymous()) {
+ List unread = messagesService.getUnread(visitor);
+ visitor.setUnreadCount(unread.size());
+ boolean isMsgAuthor = visitor.getUid() == msg.getUser().getUid();
+ boolean isInBL = userService.isInBLAny(msg.getUser().getUid(), visitor.getUid());
+ msg.VisitorCanComment = isMsgAuthor || !(msg.ReadOnly || isInBL);
+ }
+ model.addAttribute("msg", msg);
+
+ String title = msg.getUser().getName() + ": " + MessageUtils.getTagsString(msg);
+
+ model.addAttribute("title", title);
+ model.addAttribute("visitor", visitor);
+ String headers = "";
+ String pageUrl = "https://juick.com/" + msg.getUser().getName() + "/" + msg.getMid();
+ if (msg.Hidden) {
+ headers += "";
+ }
+ String cardType = StringUtils.isNotEmpty(msg.getAttachmentType()) ? "summary_large_image" : "summary";
+ if (StringUtils.isNotEmpty(msg.getAttachmentType())) {
+ // additional check in case of broken images
+ if (msg.getAttachment() != null) {
+ String msgImage = msg.getAttachment().getMedium().getUrl();
+ headers += "";
+ }
+ } else {
+ String msgImage = webApp.getAvatarWebPath(msg.getUser());
+ headers += "";
+ }
+ model.addAttribute("ogtype", "article");
+ String cardDescription = StringEscapeUtils.escapeHtml4(PlainTextFormatter.formatTwitterCard(msg));
+ headers += "\n" +
+ "\n" +
+ "\n" +
+ "\n" +
+ "\n" +
+ "\n";
+ String twitterName = crosspostService.getTwitterName(msg.getUser().getUid());
+ if (StringUtils.isNotEmpty(twitterName)) {
+ headers += "\n";
+ }
+ if (msg.getTags().size() > 0) {
+ headers += "\n";
+ }
+ model.addAttribute("headers", headers);
+ model.addAttribute("visitorSubscribed", messagesService.isSubscribed(visitor.getUid(), msg.getMid()));
+ model.addAttribute("visitorInBL", userService.isInBL(msg.getUser().getUid(), visitor.getUid()));
+ model.addAttribute("recomm", messagesService.getMessagesRecommendations(
+ Collections.singletonList(msg.getMid())).stream()
+ .map(Pair::getRight).collect(Collectors.toList()));
+ List blUIDs = new ArrayList<>();
+ for (Message reply : replies) {
+ if (reply.getUser().getUid() != msg.getUser().getUid()
+ && !blUIDs.contains(reply.getUser().getUid())) {
+ blUIDs.add(reply.getUser().getUid());
+ }
+ reply.VisitorCanComment = !visitor.isAnonymous();
+ reply.getUser().setAvatar(webApp.getAvatarWebPath(reply.getUser()));
+ if (!visitor.isAnonymous()) {
+ boolean isMsgAuthor = visitor.getUid() == msg.getUser().getUid();
+ boolean isReplyAuthor = visitor.getUid() == reply.getUser().getUid();
+ reply.VisitorCanComment = isMsgAuthor || (!msg.ReadOnly
+ && msg.VisitorCanComment && (isReplyAuthor || !userService.isInBLAny(visitor.getUid(), reply.getUser().getUid())));
+ }
+ }
+ model.addAttribute("replies", replies);
+ return "views/thread";
+ }
+
+ @GetMapping("/post")
+ protected String postAction(
+ @Visitor User visitor,
+ @RequestParam(required = false) String body, ModelMap model) {
+ fillUserModel(model, visitor, visitor);
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("title", "Написать");
+ model.addAttribute("headers", "");
+ model.addAttribute("visitor", visitor);
+ if (body == null) {
+ body = StringUtils.EMPTY;
+ } else {
+ if (body.length() > 4096) {
+ body = body.substring(0, 4096);
+ }
+ body = StringEscapeUtils.escapeHtml4(body);
+ }
+ model.addAttribute("body", body);
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("user", visitor);
+ model.addAttribute("tags", tagService.getUserTagStats(visitor.getUid()).stream()
+ .sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).map(t -> t.getTag().getName()).collect(Collectors.toList()));
+ return "views/post";
+ }
+
+ // when message id is not fit to int
+ @ExceptionHandler(NumberFormatException.class)
+ public ResponseEntity notFoundAction() {
+ return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java
new file mode 100644
index 00000000..851e576b
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/Settings.java
@@ -0,0 +1,281 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.juick.model.User;
+import com.juick.model.NotifyOpts;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpUtils;
+import com.juick.www.WebApp;
+import com.juick.service.*;
+import com.juick.service.security.annotation.Visitor;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.multipart.MultipartFile;
+
+import javax.inject.Inject;
+import javax.mail.Message;
+import javax.mail.MessagingException;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeMessage;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class Settings {
+ private static final Logger logger = LoggerFactory.getLogger(Settings.class);
+
+ @Value("${upload_tmp_dir:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
+ private String tmpDir;
+ @Inject
+ private TagService tagService;
+ @Inject
+ private UserService userService;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private TelegramService telegramService;
+ @Inject
+ private ImagesService imagesService;
+ @Inject
+ private WebApp webApp;
+
+ @GetMapping("/settings")
+ protected String doGet(
+ @Visitor User visitor,
+ HttpServletRequest request,
+ HttpServletResponse response, ModelMap model) throws IOException {
+ if (visitor.isAnonymous()) {
+ response.sendRedirect("/login");
+ }
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ List pages = Arrays.asList("main", "password", "about", "auth-email", "privacy");
+ String page = request.getParameter("page");
+ if (StringUtils.isEmpty(page) || !pages.contains(page)) {
+ page = "main";
+ }
+
+ model.addAttribute("title", "Настройки");
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("tags", tagService.getPopularTags());
+ model.addAttribute("auths", userService.getAuthCodes(visitor));
+ model.addAttribute("email_active", emailService.getNotificationsEmail(visitor.getUid()));
+ model.addAttribute("ehash", userService.getEmailHash(visitor));
+ model.addAttribute("emails", userService.getEmails(visitor));
+ model.addAttribute("jids", userService.getAllJIDs(visitor));
+ List hours = IntStream.rangeClosed(0, 23).boxed()
+ .map(i -> StringUtils.leftPad(String.format("%d", i), 2, "0")).collect(Collectors.toList());
+ model.addAttribute("hours", hours);
+ model.addAttribute("fbstatus", crosspostService.getFbCrossPostStatus(visitor.getUid()));
+ model.addAttribute("twitter_name", crosspostService.getTwitterName(visitor.getUid()));
+ model.addAttribute("telegram_name", crosspostService.getTelegramName(visitor.getUid()));
+ model.addAttribute("notify_options", subscriptionService.getNotifyOptions(visitor));
+ model.addAttribute("userinfo", userService.getUserInfo(visitor));
+ if (page.equals("auth-email")) {
+ if (emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("code"))) {
+ model.addAttribute("result", "OK!");
+ } else {
+ model.addAttribute("result", "Sorry, code unknown.");
+ }
+ }
+ return String.format("views/settings_%s", page);
+ }
+
+ @PostMapping("/settings")
+ protected String doPost(
+ @Visitor User visitor,
+ HttpServletRequest request, HttpServletResponse response,
+ @RequestParam(required = false) MultipartFile avatar,
+ ModelMap model)
+ throws IOException {
+ if (visitor.isAnonymous()) {
+ throw new HttpBadRequestException();
+ }
+ List pages = Arrays.asList("main", "password", "about", "email", "email-add", "email-del",
+ "email-subscr", "auth-email", "privacy", "jid-del", "twitter-del", "telegram-del", "facebook-disable",
+ "facebook-enable", "vk-del");
+ String page = request.getParameter("page");
+ if (StringUtils.isEmpty(page) || !pages.contains(page)) {
+ throw new HttpBadRequestException();
+ }
+ String result = StringUtils.EMPTY;
+ switch (page) {
+ case "password":
+ if (userService.updatePassword(visitor, request.getParameter("password"))) {
+ result = "Password has been changed.
";
+ String hash = userService.getHashByUID(visitor.getUid());
+ Cookie c = new Cookie("hash", hash);
+ c.setMaxAge(365 * 24 * 60 * 60);
+ response.addCookie(c);
+ }
+ break;
+ case "main":
+ NotifyOpts opts = new NotifyOpts();
+ opts.setRepliesEnabled(StringUtils.isNotEmpty(request.getParameter("jnotify")));
+ opts.setSubscriptionsEnabled(StringUtils.isNotEmpty(request.getParameter("subscr_notify")));
+ opts.setRecommendationsEnabled(StringUtils.isNotEmpty(request.getParameter("recomm")));
+ if (subscriptionService.setNotifyOptions(visitor, opts)) {
+ result = "Notification options has been updated
";
+ }
+ break;
+ case "about":
+ visitor.setFullName(request.getParameter("fullname"));
+ visitor.setCountry(request.getParameter("country"));
+ visitor.setUrl(request.getParameter("url"));
+ visitor.setDescription(request.getParameter("descr"));
+ String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost();
+ if (StringUtils.isNotEmpty(avatarTmpPath)) {
+ imagesService.saveAvatar(avatarTmpPath, visitor.getUid());
+ }
+ if (userService.updateUserInfo(visitor)) {
+ result = String.format("Your info is updated.
Back to blog.
", visitor.getName());
+ }
+ break;
+ case "jid-del":
+ // FIXME: stop using ugnich-csv in parameters
+ String[] params = request.getParameter("delete").split(";", 2);
+ boolean res = false;
+ if (params[0].equals("xmpp")) {
+ res = userService.deleteJID(visitor.getUid(), params[1]);
+ } else if (params[0].equals("xmpp-unauth")) {
+ res = userService.unauthJID(visitor.getUid(), params[1]);
+ }
+ if (res) {
+ result = "Deleted. Back.
";
+ } else {
+ result = "Error
";
+ }
+ break;
+ case "email-add":
+ if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) {
+ String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+ if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) {
+ Session session = Session.getDefaultInstance(System.getProperties());
+ try {
+ MimeMessage message = new MimeMessage(session);
+ message.setFrom(new InternetAddress("noreply@juick.com"));
+ message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account")));
+ message.setSubject("Juick authorization link");
+ message.setText(String.format("Follow link to attach this email to Juick account:\n" +
+ "http://juick.com/settings?page=auth-email&code=%s\n\n" +
+ "If you don't know, what this mean - just ignore this mail.\n", authCode));
+ Transport.send(message);
+ result = "Authorization link has been sent to your email. Follow it to proceed.
" +
+ "Back
";
+
+ } catch (MessagingException ex) {
+ logger.error("mail exception", ex);
+ throw new HttpBadRequestException();
+ }
+ }
+ }
+ break;
+ case "email-del":
+ if (emailService.deleteEmail(visitor.getUid(), request.getParameter("account"))) {
+ result = "Deleted. Back.
";
+ } else {
+ result = "An error occured while deleting.
";
+ }
+ break;
+ case "email-subscr":
+ if (emailService.setNotificationsEmail(visitor.getUid(), request.getParameter("account"))) {
+ result = String.format("Saved! Will send notifications to %s." +
+ "
Back
", request.getParameter("account"));
+ } else {
+ result = "Disabled.
Back
";
+ }
+ break;
+ case "twitter-del":
+ crosspostService.deleteTwitterToken(visitor.getUid());
+ for (Cookie cookie : request.getCookies()) {
+ if (cookie.getName().equals("request_token")) {
+ cookie.setMaxAge(0);
+ response.addCookie(cookie);
+ }
+ if (cookie.getName().equals("request_token_secret")) {
+ cookie.setMaxAge(0);
+ response.addCookie(cookie);
+ }
+ }
+ result = "Back
";
+ break;
+ case "telegram-del":
+ telegramService.deleteTelegramUser(visitor.getUid());
+ result = "Back
";
+ break;
+ case "facebook-disable":
+ crosspostService.disableFBCrosspost(visitor.getUid());
+ result = "Back
";
+ break;
+ case "facebook-enable":
+ crosspostService.enableFBCrosspost(visitor.getUid());
+ result = "Back
";
+ break;
+ case "vk-del":
+ crosspostService.deleteVKUser(visitor.getUid());
+ result = "Back
";
+ break;
+ default:
+ throw new HttpBadRequestException();
+ }
+
+ model.addAttribute("title", "Настройки");
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("result", result);
+ return "views/settings_result";
+ }
+ @PostMapping("/settings/unsubscribe")
+ public String unsubscribeOneClick(
+ @Visitor User user,
+ @RequestParam(name = "List-Unsubscribe") String unsubscribe,
+ ModelMap model) {
+ if (!user.isAnonymous()) {
+ if (unsubscribe.equals("One-Click")) {
+ emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY);
+ model.addAttribute("title", "Настройки");
+ model.addAttribute("visitor", user);
+ model.addAttribute("result", "Unsubscribed");
+ return "views/settings_result";
+ }
+ }
+ throw new HttpBadRequestException();
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java
new file mode 100644
index 00000000..4e74d4c4
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/SignUp.java
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.juick.model.User;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.www.WebApp;
+import com.juick.service.CrosspostService;
+import com.juick.service.EmailService;
+import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import com.juick.service.security.entities.JuickUser;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class SignUp {
+
+ @Inject
+ private UserService userService;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private WebApp webApp;
+
+
+ @GetMapping("/signup")
+ protected String doGet(
+ @Visitor User visitor,
+ @RequestParam String type, @RequestParam String hash, ModelMap model) {
+ if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
+ || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+ throw new HttpBadRequestException();
+ }
+
+ String account = null;
+ switch (type) {
+ case "fb":
+ account = crosspostService.getFacebookNameByHash(hash);
+ break;
+ case "vk":
+ account = crosspostService.getVKNameByHash(hash);
+ break;
+ case "xmpp":
+ account = crosspostService.getJIDByHash(hash);
+ break;
+ case "durov":
+ account = crosspostService.getTelegramNameByHash(hash);
+ break;
+ case "email":
+ account = emailService.getEmailByAuthCode(hash);
+ }
+ if (account == null) {
+ throw new HttpBadRequestException();
+ }
+
+ model.addAttribute("title", "Новый пользователь");
+ visitor.setAvatar(webApp.getAvatarWebPath(visitor));
+ model.addAttribute("visitor", visitor);
+ model.addAttribute("account", account);
+ model.addAttribute("type", type);
+ model.addAttribute("hash", hash);
+ return "views/signup";
+ }
+
+ @PostMapping("/signup")
+ protected String doPost(
+ @Visitor User visitor,
+ @RequestParam String type,
+ @RequestParam String hash,
+ @RequestParam String action,
+ @RequestParam(required = false) String username,
+ @RequestParam(required = false) String password,
+ ModelMap modelMap) {
+ User current;
+
+ if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
+ throw new HttpBadRequestException();
+ }
+
+ if (action.charAt(0) == 'l') {
+
+ if (visitor.isAnonymous()) {
+ if (username.length() > 32) {
+ throw new HttpBadRequestException();
+ }
+ current = userService.checkPassword(username, password).orElseThrow(HttpForbiddenException::new);
+ } else {
+ current = visitor;
+ }
+
+ if (current.getUid() <= 0) {
+ throw new HttpForbiddenException();
+ }
+
+ if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0
+ && crosspostService.setJIDUser(hash, current.getUid()))) {
+ if (type.equals("email")) {
+ String email = emailService.getEmailByAuthCode(hash);
+ emailService.addEmail(current.getUid(), email);
+ emailService.deleteAuthCode(hash);
+ } else {
+ if (type.equals("xmpp")) {
+ modelMap.addAttribute("visitor", visitor);
+ modelMap.addAttribute("result", "XMPP support is disabled for new users");
+ return "views/settings_result";
+ }
+ throw new HttpBadRequestException();
+ }
+ }
+
+ } else { // Create new account
+ if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
+ throw new HttpBadRequestException();
+ }
+
+ current = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new);
+
+ if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid()))
+ && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) {
+ if (type.equals("email")) {
+ String email = emailService.getEmailByAuthCode(hash);
+ emailService.addEmail(current.getUid(), email);
+ emailService.deleteAuthCode(hash);
+ } else {
+ if (type.equals("xmpp")) {
+ modelMap.addAttribute("visitor", visitor);
+ modelMap.addAttribute("result", "XMPP support is disabled for new users");
+ return "views/settings_result";
+ }
+ throw new HttpBadRequestException();
+ }
+ }
+ }
+
+ if (visitor.isAnonymous()) {
+ UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
+ new UsernamePasswordAuthenticationToken(new JuickUser(current), password, JuickUser.USER_AUTHORITY);
+ SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
+ }
+ return "redirect:/";
+ }
+}
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
new file mode 100644
index 00000000..2bd89587
--- /dev/null
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -0,0 +1,365 @@
+/*
+ * Copyright (C) 2008-2020, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.controllers;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.scribejava.apis.*;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.*;
+import com.github.scribejava.core.oauth.OAuth10aService;
+import com.github.scribejava.core.oauth.OAuth20Service;
+import com.juick.model.ext.facebook.User;
+import com.juick.model.ext.vk.UsersResponse;
+import com.juick.server.Utils;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.service.CrosspostService;
+import com.juick.service.EmailService;
+import com.juick.service.TelegramService;
+import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.proc.BadJOSEException;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.codec.digest.HmacAlgorithms;
+import org.apache.commons.codec.digest.HmacUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.math.NumberUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.CookieValue;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.text.ParseException;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.ExecutionException;
+import java.util.stream.Collectors;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+@Controller
+public class SocialLogin {
+
+ private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
+
+ @Value("${facebook_appid:appid}")
+ private String FACEBOOK_APPID;
+ @Value("${facebook_secret:secret}")
+ private String FACEBOOK_SECRET;
+ @Value("${ap_base_uri:http://localhost:8080/}")
+ private String baseUri;
+ private static final String VK_REDIRECT = "http://juick.com/_vklogin";
+ private static final String TWITTER_VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";
+ @Inject
+ private ObjectMapper jsonMapper;
+ private ServiceBuilder twitterBuilder;
+ private OAuth20Service facebookAuthService, vkAuthService, appleSignInService;
+
+ @Value("${twitter_consumer_key:appid}")
+ private String twitterConsumerKey;
+ @Value("${twitter_consumer_secret:secret}")
+ private String twitterConsumerSecret;
+ @Value("${vk_appid:appid}")
+ private String VK_APPID;
+ @Value("${vk_secret:secret}")
+ private String VK_SECRET;
+ @Value("${telegram_token:secret}")
+ private String telegramToken;
+ @Value("${apple_app_id:appid}")
+ private String appleApplicationId;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private UserService userService;
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private TelegramService telegramService;
+ @Inject
+ private AppleClientSecretGenerator clientSecretGenerator;
+
+ @PostConstruct
+ public void init() {
+ ServiceBuilder facebookBuilder = new ServiceBuilder(FACEBOOK_APPID);
+ twitterBuilder = new ServiceBuilder(twitterConsumerKey);
+ ServiceBuilder vkBuilder = new ServiceBuilder(VK_APPID);
+ UriComponentsBuilder redirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
+ String facebookRedirectUri = redirectBuilder.replacePath("/_fblogin").build().toUriString();
+ facebookAuthService = facebookBuilder
+ .apiSecret(FACEBOOK_SECRET)
+ .callback(facebookRedirectUri)
+ .defaultScope("email")
+ .build(FacebookApi.instance());
+ vkAuthService = vkBuilder
+ .apiSecret(VK_SECRET)
+ .defaultScope("friends,wall,offline")
+ .callback(VK_REDIRECT)
+ .build(VkontakteApi.instance());
+ ServiceBuilder appleSignInBuilder = new ServiceBuilder(appleApplicationId);
+ String appleSignInRedirectUri = redirectBuilder.replacePath("/_apple").build().toUriString();
+ appleSignInService = appleSignInBuilder
+ .callback(appleSignInRedirectUri)
+ .defaultScope("email")
+ .build(new AppleSignInApi(clientSecretGenerator));
+ }
+
+ @GetMapping("/_fblogin")
+ protected String doFacebookLogin(HttpServletRequest request,
+ @RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ if (StringUtils.isBlank(code)) {
+ String fbstate = UUID.randomUUID().toString();
+ if (StringUtils.isBlank(state)) {
+ state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/");
+ }
+ crosspostService.addFacebookState(fbstate, state);
+ return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
+ }
+
+ String redirectUrl = crosspostService.verifyFacebookState(state);
+ if (StringUtils.isEmpty(redirectUrl)) {
+ logger.error("state is missing");
+ throw new HttpBadRequestException();
+ }
+ OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
+ final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
+ facebookAuthService.signRequest(token, meRequest);
+ String graph = facebookAuthService.execute(meRequest).getBody();
+ if (StringUtils.isBlank(graph)) {
+ logger.error("FACEBOOK GRAPH ERROR");
+ throw new HttpBadRequestException();
+ }
+ User fb = jsonMapper.readValue(graph, User.class);
+ long fbID = NumberUtils.toLong(fb.getId(), 0);
+ if (fbID == 0 || StringUtils.isBlank(fb.getName())) {
+ logger.error("Missing required fields, id: {}, name: {}", fbID, fb.getName());
+ throw new HttpBadRequestException();
+ }
+
+ int uid = crosspostService.getUIDbyFBID(fbID);
+ if (uid > 0) {
+ if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
+ logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken());
+ throw new HttpBadRequestException();
+ }
+ Cookie c = new Cookie("hash", userService.getHashByUID(uid));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:" + redirectUrl;
+ } else {
+ if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
+ if (StringUtils.isNotEmpty(fb.getEmail())) {
+ logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
+ Integer userId = crosspostService.getUIDbyFBID(fbID);
+ if (!emailService.getEmails(userId, false).contains(fb.getEmail())) {
+ emailService.addEmail(userId, fb.getEmail());
+ }
+ }
+ logger.info("email not found for facebook user {}", fb.getName());
+ throw new HttpBadRequestException();
+ }
+ return "redirect:/signup?type=fb&hash=" + state;
+ }
+ }
+ @GetMapping("/_twitter")
+ protected void doTwitterLogin(
+ @Visitor com.juick.model.User user,
+ HttpServletRequest request, HttpServletResponse response)
+ throws IOException, ExecutionException, InterruptedException {
+ String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
+ String verifier = request.getParameter("oauth_verifier");
+ Cookie[] cookies = request.getCookies();
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals("hash")) {
+ hash = cookie.getValue();
+ }
+ if (cookie.getName().equals("request_token")) {
+ request_token = cookie.getValue();
+ }
+ if (cookie.getName().equals("request_token_secret")) {
+ request_token_secret = cookie.getValue();
+ }
+ }
+ OAuth10aService oAuthService = twitterBuilder
+ .apiSecret(twitterConsumerSecret)
+ .callback("https://juick.com/_twitter")
+ .build(TwitterApi.instance());
+
+ if (request_token.isEmpty() && request_token_secret.isEmpty()
+ && (verifier == null || verifier.isEmpty())) {
+ OAuth1RequestToken requestToken = oAuthService.getRequestToken();
+ String authUrl = oAuthService.getAuthorizationUrl(requestToken);
+ response.addCookie(new Cookie("request_token", requestToken.getToken()));
+ response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret()));
+ response.setStatus(HttpServletResponse.SC_FOUND);
+ response.setHeader("Location", authUrl);
+ } else {
+ if (verifier != null && verifier.length() > 0) {
+ OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret);
+ OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier);
+ OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, TWITTER_VERIFY_URL);
+ oAuthService.signRequest(accessToken, oAuthRequest);
+ com.juick.model.ext.twitter.User twitterUser = jsonMapper.readValue(oAuthService.execute(oAuthRequest).getBody(),
+ com.juick.model.ext.twitter.User.class);
+ if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(),
+ twitterUser.getScreenName())) {
+ response.setStatus(HttpServletResponse.SC_FOUND);
+ response.setHeader("Location", "http://juick.com/settings");
+ } else {
+ response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ }
+ }
+ }
+ }
+ @GetMapping("/_vklogin")
+ protected String doVKLogin(HttpServletRequest request,
+ @RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ @CookieValue(required = false) String vkstate,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ if (StringUtils.isBlank(code)) {
+ vkstate = UUID.randomUUID().toString();
+ Cookie c = new Cookie("vkstate", vkstate);
+ response.addCookie(c);
+ return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
+ }
+
+ if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
+ throw new HttpBadRequestException();
+ } else {
+ Cookie c = new Cookie("vkstate", "-");
+ c.setMaxAge(0);
+ response.addCookie(c);
+ }
+ OAuth2AccessToken token = vkAuthService.getAccessToken(code);
+
+ OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
+ vkAuthService.signRequest(token, meRequest);
+ String graph = vkAuthService.execute(meRequest).getBody();
+
+ com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
+ String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
+ String vkLink = jsonUser.getScreenName();
+
+ if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) {
+ logger.error("vk user error");
+ throw new HttpBadRequestException();
+ }
+
+ long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
+ int uid = crosspostService.getUIDbyVKID(vkID);
+ if (uid > 0) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(uid));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
+ } else {
+ String loginhash = UUID.randomUUID().toString();
+ if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
+ logger.error("create vk user error");
+ throw new HttpBadRequestException();
+ }
+ return "redirect:/signup?type=vk&hash=" + loginhash;
+ }
+ }
+
+ @GetMapping("/_tglogin")
+ public String doDurovLogin(HttpServletRequest request,
+ @RequestParam Map params,
+ HttpServletResponse response) {
+ String dataCheckString = params.entrySet().stream()
+ .filter(p -> !p.getKey().equals("hash"))
+ .sorted(Map.Entry.comparingByKey())
+ .map(p -> p.getKey() + "=" + p.getValue())
+ .collect(Collectors.joining("\n"));
+ String hash = params.get("hash");
+ byte[] secretKey = DigestUtils.sha256(telegramToken);
+ String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString);
+ if (hash.equals(resultString)) {
+ long tgUser = Long.parseLong(params.get("id"));
+ int uid = telegramService.getUser(tgUser);
+ if (uid > 0) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(uid));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
+ } else {
+ String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));
+ List chats = telegramService.getAnonymous();
+ if (!chats.contains(tgUser)) {
+ logger.info("added chat with {}", username);
+ telegramService.createTelegramUser(tgUser, username);
+ }
+ return "redirect:/signup?type=durov&hash=" + userService.getSignUpHashByTelegramID(tgUser, username);
+ }
+ } else {
+ logger.warn("invalid tg hash {} for {}", resultString, hash);
+ }
+ throw new HttpBadRequestException();
+ }
+
+ @GetMapping("/_apple")
+ public String doAppleLogin(HttpServletRequest request,
+ @RequestParam(required = false) String code,
+ HttpServletResponse response) {
+ if (StringUtils.isBlank(code)) {
+ String state = UUID.randomUUID().toString();
+ Cookie c = new Cookie("astate", state);
+ response.addCookie(c);
+ return "redirect:" + appleSignInService.getAuthorizationUrl(state);
+ }
+ throw new HttpBadRequestException();
+ }
+ @PostMapping("/_apple")
+ public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, @RequestParam Map body) throws InterruptedException, ExecutionException, IOException, ParseException, JOSEException, BadJOSEException {
+ OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code"));
+ var jsonNode = jsonMapper.readTree(token.getRawResponse());
+ var idToken = jsonNode.get("id_token").textValue();
+ AppleSignInApi api = (AppleSignInApi) appleSignInService.getApi();
+ var email = api.validateToken(idToken);
+ if (email.isPresent()) {
+ com.juick.model.User user = userService.getUserByEmail(email.get());
+ if (!user.isAnonymous()) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:/";
+ } else {
+ String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+ emailService.addVerificationCode(null, email.get(), verificationCode);
+ return "redirect:/signup?type=email&hash=" + verificationCode;
+ }
+ }
+ throw new HttpBadRequestException();
+ }
+}
diff --git a/src/main/java/com/juick/www/filters/AnythingFilter.java b/src/main/java/com/juick/www/filters/AnythingFilter.java
new file mode 100644
index 00000000..8f9af7f6
--- /dev/null
+++ b/src/main/java/com/juick/www/filters/AnythingFilter.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.www.filters;
+
+import com.juick.model.User;
+import com.juick.server.util.WebUtils;
+import com.juick.service.MessagesService;
+import com.juick.service.UserService;
+import org.apache.commons.lang3.math.NumberUtils;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.springframework.web.util.UriComponents;
+
+import javax.annotation.Nonnull;
+import javax.inject.Inject;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class AnythingFilter extends OncePerRequestFilter {
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private UserService userService;
+
+ @Override
+ public void doFilterInternal(@Nonnull HttpServletRequest servletRequest,
+ @Nonnull HttpServletResponse servletResponse,
+ @Nonnull FilterChain filterChain) throws IOException, ServletException {
+ String upgrade = servletRequest.getHeader("Connection");
+ if (upgrade != null && upgrade.equals("Upgrade")) {
+ filterChain.doFilter(servletRequest, servletResponse);
+ return;
+ }
+ UriComponents components = ServletUriComponentsBuilder.fromCurrentRequestUri().build();
+ String anything = components.getPath().substring(1);
+ int before = NumberUtils.toInt(components.getQueryParams().getFirst("before"), 0);
+ if (before == 0) {
+ boolean isPostNumber = WebUtils.isPostNumber(anything);
+ int messageId = isPostNumber ?
+ NumberUtils.toInt(anything) : 0;
+
+ if (isPostNumber && anything.equals(Integer.toString(messageId))) {
+ if (messageId > 0) {
+ User author = messagesService.getMessageAuthor(messageId);
+
+ if (author != null) {
+ servletResponse.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
+ servletResponse.setHeader("Location", "/" + author.getName() + "/" + anything);
+ return;
+ }
+ }
+ }
+ User user = userService.getUserByName(anything);
+ if (user.getUid() > 0) {
+ servletResponse.sendRedirect("/" + user.getName() + "/");
+ } else {
+ filterChain.doFilter(servletRequest, servletResponse);
+ }
+ } else {
+ User user = userService.getUserByName(anything);
+ if (!user.isAnonymous()) {
+ servletResponse.sendRedirect("/" + user.getName() + "/?before=" + before);
+ } else {
+ filterChain.doFilter(servletRequest, servletResponse);
+ }
+ }
+ }
+}
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 32db8544..85aedc9a 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -43,7 +43,7 @@ import com.juick.server.api.webfinger.model.Account;
import com.juick.server.api.xnodeinfo2.model.NodeInfo;
import com.juick.server.util.HttpUtils;
import com.juick.server.util.ImageUtils;
-import com.juick.server.www.WebApp;
+import com.juick.www.WebApp;
import com.juick.service.*;
import com.juick.service.activities.UpdateEvent;
import com.juick.service.component.SystemEvent;
--
cgit v1.2.3