From 4c99585f95cda1839f364524b6f68a16d063ed61 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Sun, 2 Apr 2017 22:51:18 +0300 Subject: fix login --- .../CookieSimpleHashRememberMeServices.java | 12 +- .../main/java/com/juick/www/controllers/Login.java | 176 ++------------------- juick-www/src/main/webapp/WEB-INF/views/login.html | 139 ++++++++++++++++ juick-www/src/main/webapp/tagscloud.png | Bin 0 -> 42316 bytes 4 files changed, 161 insertions(+), 166 deletions(-) create mode 100644 juick-www/src/main/webapp/WEB-INF/views/login.html create mode 100644 juick-www/src/main/webapp/tagscloud.png diff --git a/juick-server/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java b/juick-server/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java index 1fb2c6a3..25ea645b 100644 --- a/juick-server/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java +++ b/juick-server/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java @@ -83,12 +83,16 @@ public class CookieSimpleHashRememberMeServices extends AbstractRememberMeServic throws RememberMeAuthenticationException, UsernameNotFoundException { String hash = cookieTokens[0]; - if (StringUtils.isBlank(hash)) - throw new InvalidCookieException("Cookie is invalid, cookies " + cookieTokens); + if (StringUtils.isBlank(hash)) { + hash = request.getParameter("hash"); + } + if (StringUtils.isBlank(hash)) { + throw new InvalidCookieException("Cookie is invalid and hash parameter not found"); + } - int uid = userService.getUIDbyHash(cookieTokens[0]); + int uid = userService.getUIDbyHash(hash); if (uid <= 0) - throw new UsernameNotFoundException("User not found bash hash, cookies" + cookieTokens); + throw new UsernameNotFoundException("User not found by hash, cookies" + cookieTokens); Optional userOptional = userService.getUserByUID(uid); diff --git a/juick-www/src/main/java/com/juick/www/controllers/Login.java b/juick-www/src/main/java/com/juick/www/controllers/Login.java index 2d41d9b4..a83cbc16 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/Login.java +++ b/juick-www/src/main/java/com/juick/www/controllers/Login.java @@ -21,6 +21,9 @@ import com.juick.service.UserService; import com.juick.util.UserUtils; import com.juick.www.Utils; import com.juick.www.WebApp; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -44,170 +47,19 @@ public class Login { WebApp webApp; @RequestMapping(value = "/login", method = RequestMethod.GET) - protected void doGetLoginForm(HttpServletRequest request, HttpServletResponse response) throws IOException { - String hash = request.getQueryString(); - if (hash != null) { - if (hash.length() > 32) { - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - return; - } - - if (userService.getUIDbyHash(hash) > 0) { - Cookie c = new Cookie("hash", hash); - c.setMaxAge(365 * 24 * 60 * 60); - response.addCookie(c); - response.sendRedirect("/"); - } else { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - } - } + protected String doGetLoginForm(HttpServletRequest request, HttpServletResponse response) throws IOException { com.juick.User visitor = UserUtils.getCurrentUser(); - if (visitor.getUid() > 0) { - Utils.sendTemporaryRedirect(response, "/"); - return; + if (!visitor.isAnonymous()) { + return "redirect:/"; } - - response.setContentType("text/html; charset=UTF-8"); - try (PrintWriter out = response.getWriter()) { - out.println(""); - out.println(""); - out.println(""); - out.println("Juick"); - out.println(""); - out.println(""); - out.println(""); - out.println(""); - - out.println(""); - - out.println(""); - - out.println("
juick.com © 2008-2017   Контакты · Помощь
"); - - out.println("
"); - out.println(" Зарегистрироваться:"); - out.println(" "); - out.println(" "); - out.println("
XMPP"); - out.println("
Отправьте LOGIN на juick@juick.com
"); - out.println("
"); - out.println("
"); - out.println("
Уже зарегистрированы?"); - out.println("
"); - out.println(""); - out.println(""); - out.println(""); - out.println("
"); - out.println("
"); - - out.println(""); - out.println(""); + return "views/login"; + } + @RequestMapping(value="/logout", method = RequestMethod.GET) + public String logoutPage (HttpServletRequest request, HttpServletResponse response) { + Authentication auth = SecurityContextHolder.getContext().getAuthentication(); + if (auth != null){ + new SecurityContextLogoutHandler().logout(request, response, auth); } + return "redirect:/login?logout"; } } diff --git a/juick-www/src/main/webapp/WEB-INF/views/login.html b/juick-www/src/main/webapp/WEB-INF/views/login.html new file mode 100644 index 00000000..4d870951 --- /dev/null +++ b/juick-www/src/main/webapp/WEB-INF/views/login.html @@ -0,0 +1,139 @@ + + + + Juick + + + + + + + + + +
juick.com © 2008-2017   Контакты · Помощь
+ +
+ Зарегистрироваться: + + +
XMPP +
Отправьте LOGIN на juick@juick.com
+
+
+
Уже зарегистрированы? +
+ + + +
+
+ + + \ No newline at end of file diff --git a/juick-www/src/main/webapp/tagscloud.png b/juick-www/src/main/webapp/tagscloud.png new file mode 100644 index 00000000..3e1bf169 Binary files /dev/null and b/juick-www/src/main/webapp/tagscloud.png differ -- cgit v1.2.3