From 17fa861b4426018062c509ded6897b8d37a6f59a Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Sun, 25 Nov 2018 18:50:24 +0300
Subject: Signup API

---
 .../java/com/juick/server/api/ApiSocialLogin.java  | 31 ++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

(limited to 'src/main/java/com/juick/server/api')

diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 9e111223..7b9b56f0 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -31,6 +31,7 @@ import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.client.json.jackson2.JacksonFactory;
+import com.juick.model.Auth;
 import com.juick.model.facebook.User;
 import com.juick.server.util.HttpBadRequestException;
 import com.juick.server.util.HttpForbiddenException;
@@ -39,6 +40,7 @@ import com.juick.service.EmailService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
 import com.juick.model.vk.UsersResponse;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.math.NumberUtils;
 import org.slf4j.Logger;
@@ -293,13 +295,38 @@ public class ApiSocialLogin {
     }
     @ResponseBody
     @PostMapping("/api/_google")
-    public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString)
+    public Auth googleSignIn(@RequestParam(name = "idToken") String idTokenString)
             throws GeneralSecurityException, IOException {
         logger.info("Token: {}", idTokenString);
         logger.info("Client: {}", googleClientId);
         GoogleIdToken idToken = verifier.verify(idTokenString);
         if (idToken != null) {
-            return idToken.getPayload();
+            String email = idToken.getPayload().getEmail();
+            if (!userService.getUserByEmail(email).isAnonymous()) {
+                String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+                emailService.addVerificationCode(null, email, verificationCode);
+                return new Auth(email, verificationCode);
+            }
+        }
+        throw new HttpForbiddenException();
+    }
+    @ResponseBody
+    @PostMapping("/api/signup")
+    public com.juick.User signupWithEmail(String username, String password, String verificationCode) {
+        if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$")
+                || password.length() < 6 || password.length() > 32) {
+            throw new HttpBadRequestException();
+        }
+
+        String verifiedEmail = emailService.getEmailByAuthCode(verificationCode);
+        if (StringUtils.isNotEmpty(verifiedEmail)) {
+            int uid = userService.createUser(username, password);
+            if (uid <= 0) {
+                throw new HttpBadRequestException();
+            }
+            emailService.addEmail(uid, verifiedEmail);
+            emailService.deleteAuthCode(verificationCode);
+            return userService.getUserByUID(uid).orElseThrow(IllegalStateException::new);
         } else {
             throw new HttpForbiddenException();
         }
-- 
cgit v1.2.3