From f17f861e292988327f5084e578f5a0e512033553 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 2 Mar 2018 14:54:23 +0300
Subject: www: blank redirect for js login

---
 .../main/java/com/juick/www/controllers/Login.java   | 20 ++++++++++++++++----
 .../resources/templates/views/login_success.html     | 13 +++++++++++++
 .../src/test/java/com/juick/www/WebAppTests.java     | 13 +++++++++++++
 3 files changed, 42 insertions(+), 4 deletions(-)
 create mode 100644 juick-www/src/main/resources/templates/views/login_success.html

(limited to 'juick-www')

diff --git a/juick-www/src/main/java/com/juick/www/controllers/Login.java b/juick-www/src/main/java/com/juick/www/controllers/Login.java
index ff58e8d0..cb7df833 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Login.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Login.java
@@ -17,22 +17,34 @@
 package com.juick.www.controllers;
 
 import com.juick.server.util.UserUtils;
+import com.juick.service.UserService;
 import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.inject.Inject;
 
 /**
  * @author Ugnich Anton
  */
 @Controller
 public class Login {
+    @Inject
+    private UserService userService;
 
     @GetMapping("/login")
-    public String getloginForm() {
+    public String getloginForm(@RequestParam(required = false, defaultValue = "true") boolean redirect) {
         com.juick.User visitor = UserUtils.getCurrentUser();
 
-        if (!visitor.isAnonymous())
-            return "redirect:/";
-
+        if (!visitor.isAnonymous()) {
+            return redirect ? "redirect:/" : "redirect:/login/success";
+        }
         return "views/login";
     }
+    @GetMapping("/login/success")
+    public String getSuccessLogin(ModelMap model) {
+        model.addAttribute("hash", userService.getHashByUID(UserUtils.getCurrentUser().getUid()));
+        return "views/login_success";
+    }
 }
diff --git a/juick-www/src/main/resources/templates/views/login_success.html b/juick-www/src/main/resources/templates/views/login_success.html
new file mode 100644
index 00000000..ee71f12f
--- /dev/null
+++ b/juick-www/src/main/resources/templates/views/login_success.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Blank window</title>
+</head>
+<body>
+  <script type="text/javascript">
+    window.opener.postMessage("{{ hash }}", "*");
+    window.close();
+  </script>
+</body>
+</html>
diff --git a/juick-www/src/test/java/com/juick/www/WebAppTests.java b/juick-www/src/test/java/com/juick/www/WebAppTests.java
index 9d822d77..57094c37 100644
--- a/juick-www/src/test/java/com/juick/www/WebAppTests.java
+++ b/juick-www/src/test/java/com/juick/www/WebAppTests.java
@@ -384,4 +384,17 @@ public class WebAppTests {
         assertThat(discussionsOld.querySelectorAll("article")
                 .get(0).getAttributes().getNamedItem("data-mid").getNodeValue(), is(String.valueOf(mid)));
     }
+    @Test
+    public void redirectParamShouldCorrectlyRedirectLoggedUser() throws Exception {
+        MvcResult formLoginResult = mockMvc.perform(post("/login")
+                .param("username", ugnichName)
+                .param("password", ugnichPassword)).andReturn();
+        Cookie rememberMeFromForm = formLoginResult.getResponse().getCookie("juick-remember-me");
+        mockMvc.perform(get("/login").cookie(rememberMeFromForm))
+                .andExpect(status().is3xxRedirection())
+                .andExpect(redirectedUrl("/"));
+        mockMvc.perform(get("/login?redirect=false").cookie(rememberMeFromForm))
+                .andExpect(status().is3xxRedirection())
+                .andExpect(redirectedUrl("/login/success"));
+    }
 }
-- 
cgit v1.2.3