pages = Arrays.asList("main", "password", "about", "email", "email-add", "email-del",
- "email-subscr", "auth-email", "privacy", "jid-del", "twitter-del", "telegram-del", "facebook-disable",
- "facebook-enable", "vk-del");
- String page = request.getParameter("page");
- if (StringUtils.isEmpty(page) || !pages.contains(page)) {
- throw new HttpBadRequestException();
- }
- String result = StringUtils.EMPTY;
- switch (page) {
- case "password":
- if (userService.updatePassword(visitor, request.getParameter("password"))) {
- result = "Password has been changed.
";
- String hash = userService.getHashByUID(visitor.getUid());
- Cookie c = new Cookie("hash", hash);
- c.setMaxAge(365 * 24 * 60 * 60);
- response.addCookie(c);
- }
- break;
- case "main":
- NotifyOpts opts = new NotifyOpts();
- opts.setRepliesEnabled(StringUtils.isNotEmpty(request.getParameter("jnotify")));
- opts.setSubscriptionsEnabled(StringUtils.isNotEmpty(request.getParameter("subscr_notify")));
- opts.setRecommendationsEnabled(StringUtils.isNotEmpty(request.getParameter("recomm")));
- if (subscriptionService.setNotifyOptions(visitor, opts)) {
- result = "Notification options has been updated
";
- }
- break;
- case "about":
- UserInfo info = new UserInfo();
- info.setFullName(request.getParameter("fullname"));
- info.setCountry(request.getParameter("country"));
- info.setUrl(request.getParameter("url"));
- info.setDescription(request.getParameter("descr"));
- String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost();
- if (StringUtils.isNotEmpty(avatarTmpPath)) {
- imagesService.saveAvatar(avatarTmpPath, visitor.getUid());
- }
- if (userService.updateUserInfo(visitor, info)) {
- result = String.format("Your info is updated.
Back to blog.
", visitor.getName());
- }
- break;
- case "jid-del":
- // FIXME: stop using ugnich-csv in parameters
- String[] params = request.getParameter("delete").split(";", 2);
- boolean res = false;
- if (params[0].equals("xmpp")) {
- res = userService.deleteJID(visitor.getUid(), params[1]);
- } else if (params[0].equals("xmpp-unauth")) {
- res = userService.unauthJID(visitor.getUid(), params[1]);
- }
- if (res) {
- result = "Deleted. Back.
";
- } else {
- result = "Error
";
- }
- break;
- case "email-add":
- if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) {
- String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
- if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) {
- Session session = Session.getDefaultInstance(System.getProperties());
- try {
- MimeMessage message = new MimeMessage(session);
- message.setFrom(new InternetAddress("noreply@mail.juick.com"));
- message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account")));
- message.setSubject("Juick authorization link");
- message.setText(String.format("Follow link to attach this email to Juick account:\n" +
- "http://juick.com/settings?page=auth-email&code=%s\n\n" +
- "If you don't know, what this mean - just ignore this mail.\n", authCode));
- Transport.send(message);
- result = "Authorization link has been sent to your email. Follow it to proceed.
" +
- "Back
";
-
- } catch (MessagingException ex) {
- logger.error("mail exception", ex);
- throw new HttpBadRequestException();
- }
- }
- }
- break;
- case "email-del":
- if (emailService.deleteEmail(visitor.getUid(), request.getParameter("account"))) {
- result = "Deleted. Back.
";
- } else {
- result = "An error occured while deleting.
";
- }
- break;
- case "email-subscr":
- if (emailService.setNotificationsEmail(visitor.getUid(), request.getParameter("account"))) {
- result = String.format("Saved! Will send notifications to %s." +
- "
Back
", request.getParameter("account"));
- } else {
- result = "Disabled.
Back
";
- }
- break;
- case "twitter-del":
- crosspostService.deleteTwitterToken(visitor.getUid());
- for (Cookie cookie : request.getCookies()) {
- if (cookie.getName().equals("request_token")) {
- cookie.setMaxAge(0);
- response.addCookie(cookie);
- }
- if (cookie.getName().equals("request_token_secret")) {
- cookie.setMaxAge(0);
- response.addCookie(cookie);
- }
- }
- result = "Back
";
- break;
- case "telegram-del":
- telegramService.deleteTelegramUser(visitor.getUid());
- result = "Back
";
- break;
- case "facebook-disable":
- crosspostService.disableFBCrosspost(visitor.getUid());
- result = "Back
";
- break;
- case "facebook-enable":
- crosspostService.enableFBCrosspost(visitor.getUid());
- result = "Back
";
- break;
- case "vk-del":
- crosspostService.deleteVKUser(visitor.getUid());
- result = "Back
";
- break;
- default:
- throw new HttpBadRequestException();
- }
-
- model.addAttribute("title", "Настройки");
- model.addAttribute("visitor", visitor);
- model.addAttribute("result", result);
- return "views/settings_result";
- }
- @PostMapping("/settings/unsubscribe")
- public String unsubscribeOneClick(@RequestParam(name = "List-Unsubscribe") String unsubscribe,
- ModelMap model) {
- User user = UserUtils.getCurrentUser();
- if (!user.isAnonymous()) {
- if (unsubscribe.equals("One-Click")) {
- emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY);
- model.addAttribute("title", "Настройки");
- model.addAttribute("visitor", user);
- model.addAttribute("result", "Unsubscribed");
- return "views/settings_result";
- }
- }
- throw new HttpBadRequestException();
- }
-}
diff --git a/juick-server/src/main/java/com/juick/server/www/controllers/SignUp.java b/juick-server/src/main/java/com/juick/server/www/controllers/SignUp.java
deleted file mode 100644
index 6a4fe063..00000000
--- a/juick-server/src/main/java/com/juick/server/www/controllers/SignUp.java
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Copyright (C) 2008-2017, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package com.juick.server.www.controllers;
-
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpForbiddenException;
-import com.juick.server.util.UserUtils;
-import com.juick.service.CrosspostService;
-import com.juick.service.EmailService;
-import com.juick.service.MessengerService;
-import com.juick.service.UserService;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.ModelMap;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-
-import javax.inject.Inject;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- *
- * @author Ugnich Anton
- */
-@Controller
-public class SignUp {
-
- @Inject
- private UserService userService;
- @Inject
- private CrosspostService crosspostService;
- @Inject
- private MessengerService messengerService;
- @Inject
- private EmailService emailService;
-
-
- @GetMapping("/signup")
- protected String doGet(@RequestParam String type, @RequestParam String hash, ModelMap model) {
- com.juick.User visitor = UserUtils.getCurrentUser();
-
- if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
- || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
- throw new HttpBadRequestException();
- }
-
- String account = null;
- switch (type) {
- case "fb":
- account = crosspostService.getFacebookNameByHash(hash);
- break;
- case "vk":
- account = crosspostService.getVKNameByHash(hash);
- break;
- case "xmpp":
- account = crosspostService.getJIDByHash(hash);
- break;
- case "durov":
- account = crosspostService.getTelegramNameByHash(hash);
- break;
- case "messenger":
- account = messengerService.getDisplayName(hash);
- break;
- case "email":
- account = emailService.getEmailByAuthCode(hash);
- }
- if (account == null) {
- throw new HttpBadRequestException();
- }
-
- model.addAttribute("title", "Новый пользователь");
- model.addAttribute("visitor", visitor);
- model.addAttribute("account", account);
- model.addAttribute("type", type);
- model.addAttribute("hash", hash);
- return "views/signup";
- }
-
- @PostMapping("/signup")
- protected String doPost(
- HttpServletResponse response,
- @RequestParam String type,
- @RequestParam String hash,
- @RequestParam String action,
- @RequestParam(required = false) String username,
- @RequestParam(required = false) String password) {
- com.juick.User visitor = UserUtils.getCurrentUser();
- int uid = 0;
-
- if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
- throw new HttpBadRequestException();
- }
-
- if (action.charAt(0) == 'l') {
-
- if (visitor.isAnonymous()) {
- if (username.length() > 32) {
- throw new HttpBadRequestException();
- }
- uid = userService.checkPassword(username, password);
- } else {
- uid = visitor.getUid();
- }
-
- if (uid <= 0) {
- throw new HttpForbiddenException();
- }
-
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, uid))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, uid))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, uid))
- && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0 && crosspostService.setJIDUser(hash, uid))
- && !(type.charAt(0) == 'm' && messengerService.linkMessengerUser(hash, uid))) {
- if (type.equals("email")) {
- String email = emailService.getEmailByAuthCode(hash);
- emailService.addEmail(uid, email);
- emailService.deleteAuthCode(hash);
- } else {
- throw new HttpBadRequestException();
- }
- }
-
- } else { // Create new account
- if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) {
- throw new HttpBadRequestException();
- }
-
- // CHECK USERNAME
-
- uid = userService.createUser(username, password);
- if (uid <= 0) {
- throw new HttpBadRequestException();
- }
-
- if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, uid))
- && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, uid))
- && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, uid))
- && !(type.charAt(0) == 'm' && messengerService.linkMessengerUser(hash, uid))) {
- if (type.equals("email")) {
- String email = emailService.getEmailByAuthCode(hash);
- emailService.addEmail(uid, email);
- emailService.deleteAuthCode(hash);
- } else {
- throw new HttpBadRequestException();
- }
- }
- }
-
- if (visitor.isAnonymous()) {
- hash = userService.getHashByUID(uid);
- Cookie c = new Cookie("hash", hash);
- c.setMaxAge(365 * 24 * 60 * 60);
- response.addCookie(c);
- }
- return "redirect:/";
- }
-}
diff --git a/juick-server/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/juick-server/src/main/java/com/juick/server/www/controllers/SocialLogin.java
deleted file mode 100644
index bc631a1a..00000000
--- a/juick-server/src/main/java/com/juick/server/www/controllers/SocialLogin.java
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * Copyright (C) 2008-2017, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package com.juick.server.www.controllers;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.github.scribejava.apis.FacebookApi;
-import com.github.scribejava.apis.TwitterApi;
-import com.github.scribejava.apis.VkontakteApi;
-import com.github.scribejava.core.builder.ServiceBuilder;
-import com.github.scribejava.core.model.*;
-import com.github.scribejava.core.oauth.OAuth10aService;
-import com.github.scribejava.core.oauth.OAuth20Service;
-import com.juick.model.facebook.User;
-import com.juick.server.Utils;
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.UserUtils;
-import com.juick.service.CrosspostService;
-import com.juick.service.EmailService;
-import com.juick.service.TelegramService;
-import com.juick.service.UserService;
-import com.juick.model.vk.UsersResponse;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.codec.digest.HmacAlgorithms;
-import org.apache.commons.codec.digest.HmacUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.lang3.math.NumberUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.util.UriComponentsBuilder;
-
-import javax.annotation.PostConstruct;
-import javax.inject.Inject;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Map;
-import java.util.UUID;
-import java.util.concurrent.ExecutionException;
-import java.util.stream.Collectors;
-
-/**
- *
- * @author Ugnich Anton
- */
-@Controller
-public class SocialLogin {
-
- private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
-
- @Value("${facebook_appid:appid}")
- private String FACEBOOK_APPID;
- @Value("${facebook_secret:secret}")
- private String FACEBOOK_SECRET;
- @Value("${ap_base_uri:http://localhost:8080/}")
- private String baseUri;
- private String facebookRedirectUri;
- private static final String VK_REDIRECT = "http://juick.com/_vklogin";
- private static final String TWITTER_VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";
- @Inject
- private ObjectMapper jsonMapper;
- private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
-
- @Value("${twitter_consumer_key:appid}")
- private String twitterConsumerKey;
- @Value("${twitter_consumer_secret:secret}")
- private String twitterConsumerSecret;
- @Value("${vk_appid:appid}")
- private String VK_APPID;
- @Value("${vk_secret:secret}")
- private String VK_SECRET;
- @Value("${telegram_token:secret}")
- private String telegramToken;
-
- @Inject
- private CrosspostService crosspostService;
- @Inject
- private UserService userService;
- @Inject
- private EmailService emailService;
- @Inject
- private TelegramService telegramService;
-
- @PostConstruct
- public void init() {
- facebookBuilder = new ServiceBuilder(FACEBOOK_APPID);
- twitterBuilder = new ServiceBuilder(twitterConsumerKey);
- vkBuilder = new ServiceBuilder(VK_APPID);
- UriComponentsBuilder facebookRedirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
- facebookRedirectUri = facebookRedirectBuilder.replacePath("/_fblogin").build().toUriString();
- }
-
- @GetMapping("/_fblogin")
- protected String doFacebookLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
- if (StringUtils.isBlank(code)) {
- String fbstate = UUID.randomUUID().toString();
- if (StringUtils.isBlank(state)) {
- state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/");
- }
- crosspostService.addFacebookState(fbstate, state);
- OAuth20Service facebookAuthService = facebookBuilder
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .scope("email")
- .state(fbstate)
- .build(FacebookApi.instance());
- return "redirect:" + facebookAuthService.getAuthorizationUrl();
- }
-
- String redirectUrl = crosspostService.verifyFacebookState(state);
- if (StringUtils.isEmpty(redirectUrl)) {
- logger.error("state is missing");
- throw new HttpBadRequestException();
- }
- OAuth20Service facebookService = facebookBuilder
- .apiKey(FACEBOOK_APPID)
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .scope("email")
- .state(state)
- .build(FacebookApi.instance());
- OAuth2AccessToken token = facebookService.getAccessToken(code);
- final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v2.10/me?fields=id,name,link,verified,email");
- facebookService.signRequest(token, meRequest);
- String graph = facebookService.execute(meRequest).getBody();
- if (StringUtils.isBlank(graph)) {
- logger.error("FACEBOOK GRAPH ERROR");
- throw new HttpBadRequestException();
- }
- User fb = jsonMapper.readValue(graph, User.class);
- long fbID = NumberUtils.toLong(fb.getId(), 0);
- if (fbID == 0 || StringUtils.isBlank(fb.getName()) || StringUtils.isBlank(fb.getLink())) {
- logger.error("Missing required fields, id: {}, name: {}, link: {}", fbID, fb.getName(), fb.getLink());
- throw new HttpBadRequestException();
- }
-
- int uid = crosspostService.getUIDbyFBID(fbID);
- if (uid > 0) {
- if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName(), fb.getLink())) {
- logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken());
- throw new HttpBadRequestException();
- }
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:" + redirectUrl;
- } else if (fb.getVerified()) {
- if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName(), fb.getLink())) {
- if (StringUtils.isNotEmpty(fb.getEmail())) {
- logger.info("found {} for facebook user {}", fb.getEmail(), fb.getLink());
- Integer userId = crosspostService.getUIDbyFBID(fbID);
- if (!emailService.getEmails(userId, false).contains(fb.getEmail())) {
- emailService.addEmail(userId, fb.getEmail());
- }
- }
- logger.info("email not found for facebook user {}", fb.getLink());
- throw new HttpBadRequestException();
- }
- return "redirect:/signup?type=fb&hash=" + state;
- } else {
- logger.error("Facebook account is not verified, id: {}", fbID);
- throw new HttpBadRequestException();
- }
- }
- @GetMapping("/_twitter")
- protected void doTwitterLogin(HttpServletRequest request, HttpServletResponse response)
- throws IOException, ExecutionException, InterruptedException {
- String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
- String verifier = request.getParameter("oauth_verifier");
- Cookie[] cookies = request.getCookies();
- for (Cookie cookie : cookies) {
- if (cookie.getName().equals("hash")) {
- hash = cookie.getValue();
- }
- if (cookie.getName().equals("request_token")) {
- request_token = cookie.getValue();
- }
- if (cookie.getName().equals("request_token_secret")) {
- request_token_secret = cookie.getValue();
- }
- }
- com.juick.User user = UserUtils.getCurrentUser();
- OAuth10aService oAuthService = twitterBuilder
- .apiSecret(twitterConsumerSecret)
- .callback("https://juick.com/_twitter")
- .build(TwitterApi.instance());
-
- if (request_token.isEmpty() && request_token_secret.isEmpty()
- && (verifier == null || verifier.isEmpty())) {
- OAuth1RequestToken requestToken = oAuthService.getRequestToken();
- String authUrl = oAuthService.getAuthorizationUrl(requestToken);
- response.addCookie(new Cookie("request_token", requestToken.getToken()));
- response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret()));
- response.setStatus(HttpServletResponse.SC_FOUND);
- response.setHeader("Location", authUrl);
- } else {
- if (verifier != null && verifier.length() > 0) {
- OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret);
- OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier);
- OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, TWITTER_VERIFY_URL);
- oAuthService.signRequest(accessToken, oAuthRequest);
- com.juick.model.twitter.User twitterUser = jsonMapper.readValue(oAuthService.execute(oAuthRequest).getBody(),
- com.juick.model.twitter.User.class);
- if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(),
- twitterUser.getScreenName())) {
- response.setStatus(HttpServletResponse.SC_FOUND);
- response.setHeader("Location", "http://juick.com/settings");
- } else {
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- }
- }
- }
- }
- @GetMapping("/_vklogin")
- protected String doVKLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @CookieValue(required = false) String vkstate,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
- if (StringUtils.isBlank(code)) {
- vkstate = UUID.randomUUID().toString();
- Cookie c = new Cookie("vkstate", vkstate);
- response.addCookie(c);
- OAuth20Service vkAuthService = vkBuilder
- .apiSecret(VK_SECRET)
- .scope("friends,wall,offline")
- .state(vkstate)
- .callback(VK_REDIRECT)
- .build(VkontakteApi.instance());
- return "redirect:" + vkAuthService.getAuthorizationUrl();
- }
-
- if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
- throw new HttpBadRequestException();
- } else {
- Cookie c = new Cookie("vkstate", "-");
- c.setMaxAge(0);
- response.addCookie(c);
- }
-
- OAuth20Service vkService = vkBuilder
- .apiKey(VK_APPID)
- .apiSecret(VK_SECRET)
- .build(VkontakteApi.instance());
- OAuth2AccessToken token = vkService.getAccessToken(code);
-
- OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
- vkService.signRequest(token, meRequest);
- String graph = vkService.execute(meRequest).getBody();
-
- com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
- String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
- String vkLink = jsonUser.getScreenName();
-
- if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) {
- logger.error("vk user error");
- throw new HttpBadRequestException();
- }
-
- Long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
- int uid = crosspostService.getUIDbyVKID(vkID);
- if (uid > 0) {
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
- } else {
- String loginhash = UUID.randomUUID().toString();
- if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
- logger.error("create vk user error");
- throw new HttpBadRequestException();
- }
- return "redirect:/signup?type=vk&hash=" + loginhash;
- }
- }
-
- @GetMapping("/_tglogin")
- public String doDurovLogin(HttpServletRequest request,
- @RequestParam Map params,
- HttpServletResponse response) {
- String dataCheckString = params.entrySet().stream()
- .filter(p -> !p.getKey().equals("hash"))
- .sorted(Map.Entry.comparingByKey())
- .map(p -> p.getKey() + "=" + p.getValue())
- .collect(Collectors.joining("\n"));
- String hash = params.get("hash");
- byte[] secretKey = DigestUtils.sha256(telegramToken);
- String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString);
- if (hash.equals(resultString)) {
- Long tgUser = Long.valueOf(params.get("id"));
- int uid = telegramService.getUser(tgUser);
- if (uid > 0) {
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
- } else {
- String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));
- telegramService.createTelegramUser(tgUser, username);
- return "redirect:/signup?type=durov&hash=" + userService.getSignUpHashByTelegramID(tgUser, username);
- }
- } else {
- logger.warn("invalid tg hash {} for {}", resultString, hash);
- }
- throw new HttpBadRequestException();
- }
-}
--
cgit v1.2.3