From 1b93e5b16ee5bc7253f3b06639fb9e9abb46acd0 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 3 Apr 2020 21:40:51 +0300 Subject: Extract sape code into ControllerAdvice --- src/main/java/com/juick/www/controllers/Help.java | 95 ++++ src/main/java/com/juick/www/controllers/Login.java | 51 ++ .../com/juick/www/controllers/MessagesWWW.java | 590 +++++++++++++++++++++ .../java/com/juick/www/controllers/Settings.java | 281 ++++++++++ .../java/com/juick/www/controllers/SignUp.java | 175 ++++++ .../com/juick/www/controllers/SocialLogin.java | 365 +++++++++++++ 6 files changed, 1557 insertions(+) create mode 100644 src/main/java/com/juick/www/controllers/Help.java create mode 100644 src/main/java/com/juick/www/controllers/Login.java create mode 100644 src/main/java/com/juick/www/controllers/MessagesWWW.java create mode 100644 src/main/java/com/juick/www/controllers/Settings.java create mode 100644 src/main/java/com/juick/www/controllers/SignUp.java create mode 100644 src/main/java/com/juick/www/controllers/SocialLogin.java (limited to 'src/main/java/com/juick/www/controllers') diff --git a/src/main/java/com/juick/www/controllers/Help.java b/src/main/java/com/juick/www/controllers/Help.java new file mode 100644 index 00000000..d2796def --- /dev/null +++ b/src/main/java/com/juick/www/controllers/Help.java @@ -0,0 +1,95 @@ +/* + * Copyright (C) 2008-2019, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package com.juick.www.controllers; + +import com.juick.model.User; +import com.juick.server.util.HttpNotFoundException; +import com.juick.www.HelpService; +import com.juick.www.WebApp; +import com.juick.service.MessagesService; +import com.juick.service.security.annotation.Visitor; +import org.commonmark.parser.Parser; +import org.commonmark.renderer.html.HtmlRenderer; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; + +import javax.inject.Inject; +import java.util.Locale; +import java.util.Objects; + +/** + * Created by aalexeev on 11/21/16. + */ +@Controller +public class Help { + @Inject + private HelpService helpService; + @Inject + private MessagesService messagesService; + @Inject + private Parser cmParser; + @Inject + private HtmlRenderer helpRenderer; + @Inject + private WebApp webApp; + + @GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"}) + public String showHelp( + @Visitor User visitor, + Locale locale, + @PathVariable(required = false, name = "lang") String lang, + @PathVariable(required = false, name = "page") String page, + @PathVariable(required = false, name = "langOrPage") String langOrPage, + Model model) { + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + String navigation = null; + + if (langOrPage != null) { + if (helpService.canBeLang(langOrPage)) { + navigation = helpService.getHelp("navigation", langOrPage); + if (navigation != null) + lang = langOrPage; + } + + if (navigation == null && helpService.canBePage(langOrPage)) + page = langOrPage; + } + + if (lang == null) { + lang = locale.getLanguage(); + } + + String content = helpService.getHelp(page, lang); + if (content == null && !Objects.equals("tos", page)) + content = helpService.getHelp("tos", lang); + + if (navigation == null) + navigation = helpService.getHelp("navigation", lang); + + if (content == null || navigation == null) + throw new HttpNotFoundException(); + + model.addAttribute("navigation", helpRenderer.render(cmParser.parse(navigation))); + model.addAttribute("content", helpRenderer.render(cmParser.parse(content))); + model.addAttribute("visitor", visitor); + + return "views/help"; + } +} diff --git a/src/main/java/com/juick/www/controllers/Login.java b/src/main/java/com/juick/www/controllers/Login.java new file mode 100644 index 00000000..8bc8e340 --- /dev/null +++ b/src/main/java/com/juick/www/controllers/Login.java @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2008-2019, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.www.controllers; + +import com.juick.model.User; +import com.juick.service.UserService; +import com.juick.service.security.annotation.Visitor; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestParam; + +import javax.inject.Inject; + +/** + * @author Ugnich Anton + */ +@Controller +public class Login { + @Inject + private UserService userService; + + @GetMapping("/login") + public String getloginForm( + @Visitor User visitor, + @RequestParam(required = false, defaultValue = "true") boolean redirect) { + if (!visitor.isAnonymous()) { + return redirect ? "redirect:/" : "redirect:/login/success"; + } + return "views/login"; + } + @GetMapping("/login/success") + public String getSuccessLogin(@Visitor User visitor, ModelMap model) { + model.addAttribute("hash", userService.getHashByUID(visitor.getUid())); + return "views/login_success"; + } +} diff --git a/src/main/java/com/juick/www/controllers/MessagesWWW.java b/src/main/java/com/juick/www/controllers/MessagesWWW.java new file mode 100644 index 00000000..4b0bb17f --- /dev/null +++ b/src/main/java/com/juick/www/controllers/MessagesWWW.java @@ -0,0 +1,590 @@ +/* + * Copyright (C) 2008-2019, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.www.controllers; + +import com.juick.model.Message; +import com.juick.model.Tag; +import com.juick.model.User; +import com.juick.formatters.PlainTextFormatter; +import com.juick.server.Utils; +import com.juick.server.util.HttpForbiddenException; +import com.juick.server.util.HttpNotFoundException; +import com.juick.server.util.WebUtils; +import com.juick.www.WebApp; +import com.juick.service.*; +import com.juick.service.security.annotation.Visitor; +import com.juick.util.MessageUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang3.tuple.Pair; +import org.apache.commons.text.StringEscapeUtils; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.*; + +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import java.net.URLEncoder; +import java.nio.charset.StandardCharsets; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; + +/** + * + * @author Ugnich Anton + */ +@Controller +public class MessagesWWW { + @Inject + private UserService userService; + @Inject + private TagService tagService; + @Inject + private MessagesService messagesService; + @Inject + private PMQueriesService pmQueriesService; + @Inject + private CrosspostService crosspostService; + @Inject + private WebApp webApp; + + private void fillUserModel(ModelMap model, User user, User visitor) { + user.setAvatar(webApp.getAvatarWebPath(user)); + model.addAttribute("user", user); + model.addAttribute("isSubscribed", userService.isSubscribed(visitor.getUid(), user.getUid())); + model.addAttribute("isInBL", userService.isInBL(visitor.getUid(), user.getUid())); + model.addAttribute("isInBLAny", userService.isInBLAny(user.getUid(), visitor.getUid())); + model.addAttribute("statsIRead", userService.getUserFriends(user.getUid()).size()); + model.addAttribute("statsMyReaders", userService.getStatsMyReaders(user.getUid())); + model.addAttribute("statsMyBL", userService.getUserBLUsers(user.getUid()).size()); + model.addAttribute("statsMessages", userService.getStatsMessages(user.getUid())); + model.addAttribute("statsReplies", userService.getStatsReplies(user.getUid())); + model.addAttribute("iread", userService.getUserReadLeastPopular(user.getUid(), 8)); + model.addAttribute("tagStats", tagService.getUserTagStats(user.getUid()) + .stream().sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).limit(20).map(t -> t.getTag().getName()).collect(Collectors.toList())); + } + + @GetMapping("/") + protected String doGet( + @Visitor User visitor, + @RequestParam(required = false) String tag, + @RequestParam(name = "show", required = false) String paramShow, + @RequestParam(name = "search", required = false) String paramSearch, + @RequestParam(name = "before", required = false, defaultValue = "0") Integer paramBefore, + @RequestParam(name = "to", required = false, defaultValue = "0") Long paramTo, + @RequestParam(name = "page", required = false, defaultValue = "0") Integer page, + ModelMap model) { + if (tag != null) { + return "redirect:/tag/" + URLEncoder.encode(tag, StandardCharsets.UTF_8); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + model.addAttribute("discover", false); + + String title; + List mids; + + if (paramSearch != null) { + title = "Поиск: " + StringEscapeUtils.escapeHtml4(paramSearch); + mids = messagesService.getSearch(visitor, Utils.encodeSphinx(paramSearch), page); + } else if (paramShow == null) { + title = "Обсуждения"; + mids = messagesService.getDiscussions(visitor.getUid(), paramTo); + } else if (paramShow.equals("top")) { + title = "Популярные"; + mids = messagesService.getPopular(visitor.getUid(), paramBefore); + model.addAttribute("discover", true); + } else if (paramShow.equals("my") && !visitor.isAnonymous()) { + title = "Моя лента"; + mids = messagesService.getMyFeed(visitor.getUid(), paramBefore, true); + } else if (paramShow.equals("private") && !visitor.isAnonymous()) { + title = "Приватные"; + mids = messagesService.getPrivate(visitor.getUid(), paramBefore); + } else if (paramShow.equals("discuss")) { + return "redirect:/"; + } else if (paramShow.equals("recommended") && !visitor.isAnonymous()) { + title = "Рекомендации"; + mids = messagesService.getRecommended(visitor.getUid(), paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии"; + mids = messagesService.getPhotos(visitor.getUid(), paramBefore); + model.addAttribute("discover", true); + } else if (paramShow.equals("all")) { + title = "Все сообщения"; + mids = messagesService.getAll(visitor.getUid(), paramBefore); + model.addAttribute("discover", true); + } else { + throw new HttpNotFoundException(); + } + + String head = "\n"; + + if (paramBefore > 0 || paramShow != null) { + head = ""; + } + model.addAttribute("title", title); + model.addAttribute("headers", head); + model.addAttribute("visitor", visitor); + model.addAttribute("noindex", !(paramShow == null && paramBefore == 0)); + List msgs = messagesService.getMessages(visitor, mids); + msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser()))); + if (!visitor.isAnonymous()) { + fillUserModel(model, visitor, visitor); + List unread = messagesService.getUnread(visitor); + visitor.setUnreadCount(unread.size()); + List blUIDs = userService.checkBL(visitor.getUid(), + msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList())); + msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid())); + } + model.addAttribute("msgs", msgs); + model.addAttribute("tags", tagService.getPopularTags()); + model.addAttribute("headers", head); + if (mids.size() >= 20) { + String nextpage = paramSearch != null ? String.format("?page=%d", page + 1) + : (paramShow == null) ? "?to=" + msgs.get(msgs.size() - 1).getUpdated().toEpochMilli() + : "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, StandardCharsets.UTF_8); + } + model.addAttribute("nextpage", nextpage); + } + return "views/index"; + } + + @GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade") + protected String doGetBlog( + @Visitor User visitor, + @RequestParam(required = false, name = "show") String paramShow, + @RequestParam(required = false, name = "tag") String paramTagStr, + @RequestParam(required = false, name = "search") String paramSearch, + @RequestParam(required = false, name = "page", defaultValue = "0") Integer page, + @PathVariable String uname, + @RequestParam(required = false, defaultValue = "0") Integer before, + @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie, + ModelMap model) { + User user = userService.getUserByName(uname); + if (user.isBanned() || user.isAnonymous()) { + throw new HttpNotFoundException(); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + + List mids; + + Tag paramTag = null; + if (paramTagStr != null) { + if (paramTagStr.length() < 64) { + paramTag = tagService.getTag(paramTagStr, false); + } + if (paramTag == null) { + throw new HttpNotFoundException(); + } else if (!paramTag.getName().equals(paramTagStr)) { + String url = user.getName() + "/?tag=" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8); + return "redirect:/" + url; + } + } + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + int privacy = 0; + if (!visitor.isAnonymous()) { + if (user.getUid() == visitor.getUid() || visitor.getUid() == 1) { + privacy = -3; + } else if (userService.isInWL(user.getUid(), visitor.getUid())) { + privacy = -2; + } + } + + String title; + if (paramShow == null) { + if (paramTag != null) { + title = "Блог " + user.getName() + ": *" + StringEscapeUtils.escapeHtml4(paramTag.getName()); + mids = messagesService.getUserTag(user.getUid(), paramTag.TID, privacy, before); + } else if (paramSearch != null) { + title = "Блог " + user.getName() + ": " + StringEscapeUtils.escapeHtml4(paramSearch); + mids = messagesService.getUserSearch(visitor, user.getUid(), Utils.encodeSphinx(paramSearch), privacy, page); + } else { + title = "Блог " + user.getName(); + mids = messagesService.getUserBlog(user.getUid(), privacy, before); + } + } else if (paramShow.equals("recomm")) { + title = "Рекомендации " + user.getName(); + mids = messagesService.getUserRecommendations(user.getUid(), before); + } else if (paramShow.equals("photos")) { + title = "Фотографии " + user.getName(); + mids = messagesService.getUserPhotos(user.getUid(), privacy, before); + } else { + throw new HttpNotFoundException(); + } + + String head = ""; + head += "\n"; + if (paramTag != null && tagService.getTagNoIndex(paramTag.TID)) { + head += ""; + } else if (before > 0 || paramShow != null) { + head += ""; + } + model.addAttribute("pageUrl", "http://juick.com/" + user.getName()); + model.addAttribute("title", title); + model.addAttribute("headers", head); + model.addAttribute("visitor", visitor); + model.addAttribute("noindex", paramShow == null && before == 0); + fillUserModel(model, user, visitor); + model.addAttribute("paramTag", paramTag); + List msgs = messagesService.getMessages(visitor, mids); + msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser()))); + if (!visitor.isAnonymous()) { + List unread = messagesService.getUnread(visitor); + visitor.setUnreadCount(unread.size()); + List blUIDs = userService.checkBL(visitor.getUid(), + msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList())); + msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid())); + } + model.addAttribute("msgs", msgs); + model.addAttribute("headers", head); + if (mids.size() >= 20) { + String nextpage = paramSearch != null ? String.format("?page=%d", page + 1) : "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, StandardCharsets.UTF_8); + } + if (paramTag != null) { + nextpage += "&tag=" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8); + } + model.addAttribute("nextpage", nextpage); + } + return "views/blog"; + } + + @GetMapping("/{uname}/tags") + protected String doGetTags( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { + User user = userService.getUserByName(uname); + if (visitor.isBanned()) { + throw new HttpNotFoundException(); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + + model.addAttribute("title", "Теги " + user.getName()); + model.addAttribute("headers", ""); + model.addAttribute("visitor", visitor); + fillUserModel(model, user, visitor); + model.addAttribute("tags", tagService.getUserTagStats(user.getUid()).stream() + .sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).map(t -> t.getTag().getName()).collect(Collectors.toList())); + + return "views/blog_tags"; + } + + @GetMapping("/{uname}/friends") + protected String doGetFriends( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { + User user = userService.getUserByName(uname); + if (visitor.isBanned()) { + throw new HttpNotFoundException(); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + model.addAttribute("title", "Подписки " + user.getName()); + model.addAttribute("headers", ""); + model.addAttribute("visitor", visitor); + fillUserModel(model, user, visitor); + model.addAttribute("users", userService.getUserFriends(user.getUid())); + + return "views/users"; + } + + @GetMapping("/{uname}/readers") + protected String doGetReaders( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { + User user = userService.getUserByName(uname); + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + model.addAttribute("title", "Читатели " + user.getName()); + model.addAttribute("headers", ""); + model.addAttribute("visitor", visitor); + fillUserModel(model, user, visitor); + model.addAttribute("users", userService.getUserReaders(user.getUid())); + + return "views/users"; + } + + @GetMapping("/{uname}/bl") + protected String doGetBL( + @Visitor User visitor, + @PathVariable String uname, ModelMap model) { + User user = userService.getUserByName(uname); + if (visitor.getUid() != user.getUid()) { + throw new HttpForbiddenException(); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + model.addAttribute("title", "Черный список " + user.getName()); + model.addAttribute("headers", ""); + model.addAttribute("visitor", visitor); + fillUserModel(model, user, visitor); + model.addAttribute("users", userService.getUserBLUsers(user.getUid())); + + return "views/users"; + } + @GetMapping("/tag/{tagName}") + protected String tagAction( + @Visitor User visitor, + HttpServletRequest request, + @PathVariable String tagName, + @RequestParam(required = false, defaultValue = "0") int before, + ModelMap model) { + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName); + Tag paramTag = tagService.getTag(paramTagStr, false); + if (paramTag == null) { + throw new HttpNotFoundException(); + } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) { + Tag synTag = tagService.getTag(paramTag.SynonymID); + String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(synTag.getName()), StandardCharsets.UTF_8); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + return "redirect:" + url; + } else if (!paramTag.getName().equals(paramTagStr)) { + String url = "/tag/" + URLEncoder.encode(StringEscapeUtils.escapeHtml4(paramTag.getName()), StandardCharsets.UTF_8); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + return "redirect:" + url; + } + + String title = "*" + StringEscapeUtils.escapeHtml4(paramTag.getName()); + model.addAttribute("title", title); + List mids = messagesService.getTag(paramTag.TID, visitor.getUid(), before, (visitor.isAnonymous()) ? 40 : 20); + List msgs = messagesService.getMessages(visitor, mids); + msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser()))); + if (!visitor.isAnonymous()) { + List unread = messagesService.getUnread(visitor); + visitor.setUnreadCount(unread.size()); + List blUIDs = userService.checkBL( + visitor.getUid(), + msgs.stream().map(m -> m.getUser().getUid()).collect(Collectors.toList()) + ); + msgs.forEach(m -> m.ReadOnly |= blUIDs.contains(m.getUser().getUid())); + fillUserModel(model, visitor, visitor); + } + + String head = StringUtils.EMPTY; + if (tagService.getTagNoIndex(paramTag.TID)) { + head = ""; + } else if (before > 0 || mids.size() < 5) { + head = ""; + } + model.addAttribute("headers", head); + model.addAttribute("visitor", visitor); + model.addAttribute("tag", paramTag); + model.addAttribute("title", title); + model.addAttribute("msgs", msgs); + model.addAttribute("tags", tagService.getPopularTags()); + model.addAttribute("noindex", before > 0); + model.addAttribute("isSubscribed", tagService.isSubscribed(visitor, paramTag)); + model.addAttribute("isInBL", tagService.isInBL(visitor, paramTag)); + if (mids.size() >= 20) { + String nextpage = "/tag/" + URLEncoder.encode(paramTag.getName(), StandardCharsets.UTF_8) + "?before=" + mids.get(mids.size() - 1); + model.addAttribute("nextpage", nextpage); + } + return "views/index"; + } + @GetMapping("/pm/inbox") + protected String doGetInbox(@Visitor User visitor, ModelMap model) { + if (visitor.isAnonymous()) { + return "redirect:/login"; + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + String title = "PM: Inbox"; + List msgs = pmQueriesService.getLastPMInbox(visitor.getUid()); + msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser()))); + fillUserModel(model, visitor, visitor); + model.addAttribute("title", title); + model.addAttribute("visitor", visitor); + model.addAttribute("msgs", msgs); + model.addAttribute("tags", tagService.getPopularTags()); + return "views/pm_inbox"; + } + + @GetMapping("/pm/sent") + protected String doGetSent( + @Visitor User visitor, + @RequestParam(required = false) String uname, + ModelMap model) { + if (visitor.isAnonymous()) { + return "redirect:/login"; + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + String title = "PM: Sent"; + List msgs = pmQueriesService.getLastPMSent(visitor.getUid()); + msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarWebPath(m.getUser()))); + if (WebUtils.isNotUserName(uname)) { + uname = StringUtils.EMPTY; + } + fillUserModel(model, visitor, visitor); + model.addAttribute("title", title); + model.addAttribute("visitor", visitor); + model.addAttribute("msgs", msgs); + model.addAttribute("tags", tagService.getPopularTags()); + model.addAttribute("uname", uname); + return "views/pm_sent"; + } + @GetMapping(value = "/{uname}/{mid}", produces = MediaType.TEXT_HTML_VALUE) + protected String threadAction( + @Visitor User visitor, + ModelMap model, + @PathVariable String uname, + @PathVariable int mid, + @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) { + if (!messagesService.canViewThread(mid, visitor.getUid())) { + throw new HttpForbiddenException(); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + Optional message = messagesService.getMessage(mid); + + if (message.isEmpty()) { + throw new HttpNotFoundException(); + } + + Message msg = message.get(); + + User user = userService.getUserByName(uname); + if (user.isAnonymous() || !msg.getUser().equals(user)) { + return String.format("redirect:/%s/%d", msg.getUser().getName(), mid); + } + msg.VisitorCanComment = !visitor.isAnonymous(); + msg.getUser().setAvatar(webApp.getAvatarWebPath(msg.getUser())); + List replies = messagesService.getReplies(visitor, msg.getMid()); + // this should be after getReplies to mark thread as read + fillUserModel(model, user, visitor); + if (!visitor.isAnonymous()) { + List unread = messagesService.getUnread(visitor); + visitor.setUnreadCount(unread.size()); + boolean isMsgAuthor = visitor.getUid() == msg.getUser().getUid(); + boolean isInBL = userService.isInBLAny(msg.getUser().getUid(), visitor.getUid()); + msg.VisitorCanComment = isMsgAuthor || !(msg.ReadOnly || isInBL); + } + model.addAttribute("msg", msg); + + String title = msg.getUser().getName() + ": " + MessageUtils.getTagsString(msg); + + model.addAttribute("title", title); + model.addAttribute("visitor", visitor); + String headers = ""; + String pageUrl = "https://juick.com/" + msg.getUser().getName() + "/" + msg.getMid(); + if (msg.Hidden) { + headers += ""; + } + String cardType = StringUtils.isNotEmpty(msg.getAttachmentType()) ? "summary_large_image" : "summary"; + if (StringUtils.isNotEmpty(msg.getAttachmentType())) { + // additional check in case of broken images + if (msg.getAttachment() != null) { + String msgImage = msg.getAttachment().getMedium().getUrl(); + headers += ""; + } + } else { + String msgImage = webApp.getAvatarWebPath(msg.getUser()); + headers += ""; + } + model.addAttribute("ogtype", "article"); + String cardDescription = StringEscapeUtils.escapeHtml4(PlainTextFormatter.formatTwitterCard(msg)); + headers += "\n" + + "\n" + + "\n" + + "\n" + + "\n" + + "\n"; + String twitterName = crosspostService.getTwitterName(msg.getUser().getUid()); + if (StringUtils.isNotEmpty(twitterName)) { + headers += "\n"; + } + if (msg.getTags().size() > 0) { + headers += "\n"; + } + model.addAttribute("headers", headers); + model.addAttribute("visitorSubscribed", messagesService.isSubscribed(visitor.getUid(), msg.getMid())); + model.addAttribute("visitorInBL", userService.isInBL(msg.getUser().getUid(), visitor.getUid())); + model.addAttribute("recomm", messagesService.getMessagesRecommendations( + Collections.singletonList(msg.getMid())).stream() + .map(Pair::getRight).collect(Collectors.toList())); + List blUIDs = new ArrayList<>(); + for (Message reply : replies) { + if (reply.getUser().getUid() != msg.getUser().getUid() + && !blUIDs.contains(reply.getUser().getUid())) { + blUIDs.add(reply.getUser().getUid()); + } + reply.VisitorCanComment = !visitor.isAnonymous(); + reply.getUser().setAvatar(webApp.getAvatarWebPath(reply.getUser())); + if (!visitor.isAnonymous()) { + boolean isMsgAuthor = visitor.getUid() == msg.getUser().getUid(); + boolean isReplyAuthor = visitor.getUid() == reply.getUser().getUid(); + reply.VisitorCanComment = isMsgAuthor || (!msg.ReadOnly + && msg.VisitorCanComment && (isReplyAuthor || !userService.isInBLAny(visitor.getUid(), reply.getUser().getUid()))); + } + } + model.addAttribute("replies", replies); + return "views/thread"; + } + + @GetMapping("/post") + protected String postAction( + @Visitor User visitor, + @RequestParam(required = false) String body, ModelMap model) { + fillUserModel(model, visitor, visitor); + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + model.addAttribute("title", "Написать"); + model.addAttribute("headers", ""); + model.addAttribute("visitor", visitor); + if (body == null) { + body = StringUtils.EMPTY; + } else { + if (body.length() > 4096) { + body = body.substring(0, 4096); + } + body = StringEscapeUtils.escapeHtml4(body); + } + model.addAttribute("body", body); + model.addAttribute("visitor", visitor); + model.addAttribute("user", visitor); + model.addAttribute("tags", tagService.getUserTagStats(visitor.getUid()).stream() + .sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).map(t -> t.getTag().getName()).collect(Collectors.toList())); + return "views/post"; + } + + // when message id is not fit to int + @ExceptionHandler(NumberFormatException.class) + public ResponseEntity notFoundAction() { + return new ResponseEntity<>(HttpStatus.NOT_FOUND); + } +} diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java new file mode 100644 index 00000000..851e576b --- /dev/null +++ b/src/main/java/com/juick/www/controllers/Settings.java @@ -0,0 +1,281 @@ +/* + * Copyright (C) 2008-2019, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.www.controllers; + +import com.juick.model.User; +import com.juick.model.NotifyOpts; +import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpUtils; +import com.juick.www.WebApp; +import com.juick.service.*; +import com.juick.service.security.annotation.Visitor; +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.multipart.MultipartFile; + +import javax.inject.Inject; +import javax.mail.Message; +import javax.mail.MessagingException; +import javax.mail.Session; +import javax.mail.Transport; +import javax.mail.internet.InternetAddress; +import javax.mail.internet.MimeMessage; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; +import java.util.stream.IntStream; + +/** + * + * @author Ugnich Anton + */ +@Controller +public class Settings { + private static final Logger logger = LoggerFactory.getLogger(Settings.class); + + @Value("${upload_tmp_dir:#{systemEnvironment['TEMP'] ?: '/tmp'}}") + private String tmpDir; + @Inject + private TagService tagService; + @Inject + private UserService userService; + @Inject + private CrosspostService crosspostService; + @Inject + private SubscriptionService subscriptionService; + @Inject + private EmailService emailService; + @Inject + private TelegramService telegramService; + @Inject + private ImagesService imagesService; + @Inject + private WebApp webApp; + + @GetMapping("/settings") + protected String doGet( + @Visitor User visitor, + HttpServletRequest request, + HttpServletResponse response, ModelMap model) throws IOException { + if (visitor.isAnonymous()) { + response.sendRedirect("/login"); + } + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + List pages = Arrays.asList("main", "password", "about", "auth-email", "privacy"); + String page = request.getParameter("page"); + if (StringUtils.isEmpty(page) || !pages.contains(page)) { + page = "main"; + } + + model.addAttribute("title", "Настройки"); + model.addAttribute("visitor", visitor); + model.addAttribute("tags", tagService.getPopularTags()); + model.addAttribute("auths", userService.getAuthCodes(visitor)); + model.addAttribute("email_active", emailService.getNotificationsEmail(visitor.getUid())); + model.addAttribute("ehash", userService.getEmailHash(visitor)); + model.addAttribute("emails", userService.getEmails(visitor)); + model.addAttribute("jids", userService.getAllJIDs(visitor)); + List hours = IntStream.rangeClosed(0, 23).boxed() + .map(i -> StringUtils.leftPad(String.format("%d", i), 2, "0")).collect(Collectors.toList()); + model.addAttribute("hours", hours); + model.addAttribute("fbstatus", crosspostService.getFbCrossPostStatus(visitor.getUid())); + model.addAttribute("twitter_name", crosspostService.getTwitterName(visitor.getUid())); + model.addAttribute("telegram_name", crosspostService.getTelegramName(visitor.getUid())); + model.addAttribute("notify_options", subscriptionService.getNotifyOptions(visitor)); + model.addAttribute("userinfo", userService.getUserInfo(visitor)); + if (page.equals("auth-email")) { + if (emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("code"))) { + model.addAttribute("result", "OK!"); + } else { + model.addAttribute("result", "Sorry, code unknown."); + } + } + return String.format("views/settings_%s", page); + } + + @PostMapping("/settings") + protected String doPost( + @Visitor User visitor, + HttpServletRequest request, HttpServletResponse response, + @RequestParam(required = false) MultipartFile avatar, + ModelMap model) + throws IOException { + if (visitor.isAnonymous()) { + throw new HttpBadRequestException(); + } + List pages = Arrays.asList("main", "password", "about", "email", "email-add", "email-del", + "email-subscr", "auth-email", "privacy", "jid-del", "twitter-del", "telegram-del", "facebook-disable", + "facebook-enable", "vk-del"); + String page = request.getParameter("page"); + if (StringUtils.isEmpty(page) || !pages.contains(page)) { + throw new HttpBadRequestException(); + } + String result = StringUtils.EMPTY; + switch (page) { + case "password": + if (userService.updatePassword(visitor, request.getParameter("password"))) { + result = "

Password has been changed.

"; + String hash = userService.getHashByUID(visitor.getUid()); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + } + break; + case "main": + NotifyOpts opts = new NotifyOpts(); + opts.setRepliesEnabled(StringUtils.isNotEmpty(request.getParameter("jnotify"))); + opts.setSubscriptionsEnabled(StringUtils.isNotEmpty(request.getParameter("subscr_notify"))); + opts.setRecommendationsEnabled(StringUtils.isNotEmpty(request.getParameter("recomm"))); + if (subscriptionService.setNotifyOptions(visitor, opts)) { + result = "

Notification options has been updated

"; + } + break; + case "about": + visitor.setFullName(request.getParameter("fullname")); + visitor.setCountry(request.getParameter("country")); + visitor.setUrl(request.getParameter("url")); + visitor.setDescription(request.getParameter("descr")); + String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost(); + if (StringUtils.isNotEmpty(avatarTmpPath)) { + imagesService.saveAvatar(avatarTmpPath, visitor.getUid()); + } + if (userService.updateUserInfo(visitor)) { + result = String.format("

Your info is updated.

Back to blog.

", visitor.getName()); + } + break; + case "jid-del": + // FIXME: stop using ugnich-csv in parameters + String[] params = request.getParameter("delete").split(";", 2); + boolean res = false; + if (params[0].equals("xmpp")) { + res = userService.deleteJID(visitor.getUid(), params[1]); + } else if (params[0].equals("xmpp-unauth")) { + res = userService.unauthJID(visitor.getUid(), params[1]); + } + if (res) { + result = "

Deleted. Back.

"; + } else { + result = "

Error

"; + } + break; + case "email-add": + if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) { + String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) { + Session session = Session.getDefaultInstance(System.getProperties()); + try { + MimeMessage message = new MimeMessage(session); + message.setFrom(new InternetAddress("noreply@juick.com")); + message.addRecipient(Message.RecipientType.TO, new InternetAddress(request.getParameter("account"))); + message.setSubject("Juick authorization link"); + message.setText(String.format("Follow link to attach this email to Juick account:\n" + + "http://juick.com/settings?page=auth-email&code=%s\n\n" + + "If you don't know, what this mean - just ignore this mail.\n", authCode)); + Transport.send(message); + result = "

Authorization link has been sent to your email. Follow it to proceed.

" + + "

Back

"; + + } catch (MessagingException ex) { + logger.error("mail exception", ex); + throw new HttpBadRequestException(); + } + } + } + break; + case "email-del": + if (emailService.deleteEmail(visitor.getUid(), request.getParameter("account"))) { + result = "

Deleted. Back.

"; + } else { + result = "

An error occured while deleting.

"; + } + break; + case "email-subscr": + if (emailService.setNotificationsEmail(visitor.getUid(), request.getParameter("account"))) { + result = String.format("

Saved! Will send notifications to %s." + + "

Back

", request.getParameter("account")); + } else { + result = "

Disabled.

Back

"; + } + break; + case "twitter-del": + crosspostService.deleteTwitterToken(visitor.getUid()); + for (Cookie cookie : request.getCookies()) { + if (cookie.getName().equals("request_token")) { + cookie.setMaxAge(0); + response.addCookie(cookie); + } + if (cookie.getName().equals("request_token_secret")) { + cookie.setMaxAge(0); + response.addCookie(cookie); + } + } + result = "

Back

"; + break; + case "telegram-del": + telegramService.deleteTelegramUser(visitor.getUid()); + result = "

Back

"; + break; + case "facebook-disable": + crosspostService.disableFBCrosspost(visitor.getUid()); + result = "

Back

"; + break; + case "facebook-enable": + crosspostService.enableFBCrosspost(visitor.getUid()); + result = "

Back

"; + break; + case "vk-del": + crosspostService.deleteVKUser(visitor.getUid()); + result = "

Back

"; + break; + default: + throw new HttpBadRequestException(); + } + + model.addAttribute("title", "Настройки"); + model.addAttribute("visitor", visitor); + model.addAttribute("result", result); + return "views/settings_result"; + } + @PostMapping("/settings/unsubscribe") + public String unsubscribeOneClick( + @Visitor User user, + @RequestParam(name = "List-Unsubscribe") String unsubscribe, + ModelMap model) { + if (!user.isAnonymous()) { + if (unsubscribe.equals("One-Click")) { + emailService.setNotificationsEmail(user.getUid(), StringUtils.EMPTY); + model.addAttribute("title", "Настройки"); + model.addAttribute("visitor", user); + model.addAttribute("result", "Unsubscribed"); + return "views/settings_result"; + } + } + throw new HttpBadRequestException(); + } +} diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java new file mode 100644 index 00000000..4e74d4c4 --- /dev/null +++ b/src/main/java/com/juick/www/controllers/SignUp.java @@ -0,0 +1,175 @@ +/* + * Copyright (C) 2008-2019, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.www.controllers; + +import com.juick.model.User; +import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpForbiddenException; +import com.juick.www.WebApp; +import com.juick.service.CrosspostService; +import com.juick.service.EmailService; +import com.juick.service.UserService; +import com.juick.service.security.annotation.Visitor; +import com.juick.service.security.entities.JuickUser; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; + +import javax.inject.Inject; + +/** + * + * @author Ugnich Anton + */ +@Controller +public class SignUp { + + @Inject + private UserService userService; + @Inject + private CrosspostService crosspostService; + @Inject + private EmailService emailService; + @Inject + private WebApp webApp; + + + @GetMapping("/signup") + protected String doGet( + @Visitor User visitor, + @RequestParam String type, @RequestParam String hash, ModelMap model) { + if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") + || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + throw new HttpBadRequestException(); + } + + String account = null; + switch (type) { + case "fb": + account = crosspostService.getFacebookNameByHash(hash); + break; + case "vk": + account = crosspostService.getVKNameByHash(hash); + break; + case "xmpp": + account = crosspostService.getJIDByHash(hash); + break; + case "durov": + account = crosspostService.getTelegramNameByHash(hash); + break; + case "email": + account = emailService.getEmailByAuthCode(hash); + } + if (account == null) { + throw new HttpBadRequestException(); + } + + model.addAttribute("title", "Новый пользователь"); + visitor.setAvatar(webApp.getAvatarWebPath(visitor)); + model.addAttribute("visitor", visitor); + model.addAttribute("account", account); + model.addAttribute("type", type); + model.addAttribute("hash", hash); + return "views/signup"; + } + + @PostMapping("/signup") + protected String doPost( + @Visitor User visitor, + @RequestParam String type, + @RequestParam String hash, + @RequestParam String action, + @RequestParam(required = false) String username, + @RequestParam(required = false) String password, + ModelMap modelMap) { + User current; + + if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + throw new HttpBadRequestException(); + } + + if (action.charAt(0) == 'l') { + + if (visitor.isAnonymous()) { + if (username.length() > 32) { + throw new HttpBadRequestException(); + } + current = userService.checkPassword(username, password).orElseThrow(HttpForbiddenException::new); + } else { + current = visitor; + } + + if (current.getUid() <= 0) { + throw new HttpForbiddenException(); + } + + if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid())) + && !(type.charAt(0) == 'x' && userService.getAllJIDs(visitor).size() > 0 + && crosspostService.setJIDUser(hash, current.getUid()))) { + if (type.equals("email")) { + String email = emailService.getEmailByAuthCode(hash); + emailService.addEmail(current.getUid(), email); + emailService.deleteAuthCode(hash); + } else { + if (type.equals("xmpp")) { + modelMap.addAttribute("visitor", visitor); + modelMap.addAttribute("result", "XMPP support is disabled for new users"); + return "views/settings_result"; + } + throw new HttpBadRequestException(); + } + } + + } else { // Create new account + if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { + throw new HttpBadRequestException(); + } + + current = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new); + + if (!(type.charAt(0) == 'f' && crosspostService.setFacebookUser(hash, current.getUid())) + && !(type.charAt(0) == 'v' && crosspostService.setVKUser(hash, current.getUid())) + && !(type.charAt(0) == 'd' && crosspostService.setTelegramUser(hash, current.getUid()))) { + if (type.equals("email")) { + String email = emailService.getEmailByAuthCode(hash); + emailService.addEmail(current.getUid(), email); + emailService.deleteAuthCode(hash); + } else { + if (type.equals("xmpp")) { + modelMap.addAttribute("visitor", visitor); + modelMap.addAttribute("result", "XMPP support is disabled for new users"); + return "views/settings_result"; + } + throw new HttpBadRequestException(); + } + } + } + + if (visitor.isAnonymous()) { + UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = + new UsernamePasswordAuthenticationToken(new JuickUser(current), password, JuickUser.USER_AUTHORITY); + SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken); + } + return "redirect:/"; + } +} diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java new file mode 100644 index 00000000..2bd89587 --- /dev/null +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -0,0 +1,365 @@ +/* + * Copyright (C) 2008-2020, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.www.controllers; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.github.scribejava.apis.*; +import com.github.scribejava.core.builder.ServiceBuilder; +import com.github.scribejava.core.model.*; +import com.github.scribejava.core.oauth.OAuth10aService; +import com.github.scribejava.core.oauth.OAuth20Service; +import com.juick.model.ext.facebook.User; +import com.juick.model.ext.vk.UsersResponse; +import com.juick.server.Utils; +import com.juick.server.util.HttpBadRequestException; +import com.juick.service.CrosspostService; +import com.juick.service.EmailService; +import com.juick.service.TelegramService; +import com.juick.service.UserService; +import com.juick.service.security.annotation.Visitor; +import com.nimbusds.jose.JOSEException; +import com.nimbusds.jose.proc.BadJOSEException; +import org.apache.commons.codec.digest.DigestUtils; +import org.apache.commons.codec.digest.HmacAlgorithms; +import org.apache.commons.codec.digest.HmacUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang3.math.NumberUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.CookieValue; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.util.UriComponentsBuilder; + +import javax.annotation.PostConstruct; +import javax.inject.Inject; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.text.ParseException; +import java.util.List; +import java.util.Map; +import java.util.UUID; +import java.util.concurrent.ExecutionException; +import java.util.stream.Collectors; + +/** + * + * @author Ugnich Anton + */ +@Controller +public class SocialLogin { + + private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class); + + @Value("${facebook_appid:appid}") + private String FACEBOOK_APPID; + @Value("${facebook_secret:secret}") + private String FACEBOOK_SECRET; + @Value("${ap_base_uri:http://localhost:8080/}") + private String baseUri; + private static final String VK_REDIRECT = "http://juick.com/_vklogin"; + private static final String TWITTER_VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json"; + @Inject + private ObjectMapper jsonMapper; + private ServiceBuilder twitterBuilder; + private OAuth20Service facebookAuthService, vkAuthService, appleSignInService; + + @Value("${twitter_consumer_key:appid}") + private String twitterConsumerKey; + @Value("${twitter_consumer_secret:secret}") + private String twitterConsumerSecret; + @Value("${vk_appid:appid}") + private String VK_APPID; + @Value("${vk_secret:secret}") + private String VK_SECRET; + @Value("${telegram_token:secret}") + private String telegramToken; + @Value("${apple_app_id:appid}") + private String appleApplicationId; + @Inject + private CrosspostService crosspostService; + @Inject + private UserService userService; + @Inject + private EmailService emailService; + @Inject + private TelegramService telegramService; + @Inject + private AppleClientSecretGenerator clientSecretGenerator; + + @PostConstruct + public void init() { + ServiceBuilder facebookBuilder = new ServiceBuilder(FACEBOOK_APPID); + twitterBuilder = new ServiceBuilder(twitterConsumerKey); + ServiceBuilder vkBuilder = new ServiceBuilder(VK_APPID); + UriComponentsBuilder redirectBuilder = UriComponentsBuilder.fromUriString(baseUri); + String facebookRedirectUri = redirectBuilder.replacePath("/_fblogin").build().toUriString(); + facebookAuthService = facebookBuilder + .apiSecret(FACEBOOK_SECRET) + .callback(facebookRedirectUri) + .defaultScope("email") + .build(FacebookApi.instance()); + vkAuthService = vkBuilder + .apiSecret(VK_SECRET) + .defaultScope("friends,wall,offline") + .callback(VK_REDIRECT) + .build(VkontakteApi.instance()); + ServiceBuilder appleSignInBuilder = new ServiceBuilder(appleApplicationId); + String appleSignInRedirectUri = redirectBuilder.replacePath("/_apple").build().toUriString(); + appleSignInService = appleSignInBuilder + .callback(appleSignInRedirectUri) + .defaultScope("email") + .build(new AppleSignInApi(clientSecretGenerator)); + } + + @GetMapping("/_fblogin") + protected String doFacebookLogin(HttpServletRequest request, + @RequestParam(required = false) String code, + @RequestParam(required = false) String state, + HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { + if (StringUtils.isBlank(code)) { + String fbstate = UUID.randomUUID().toString(); + if (StringUtils.isBlank(state)) { + state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/"); + } + crosspostService.addFacebookState(fbstate, state); + return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); + } + + String redirectUrl = crosspostService.verifyFacebookState(state); + if (StringUtils.isEmpty(redirectUrl)) { + logger.error("state is missing"); + throw new HttpBadRequestException(); + } + OAuth2AccessToken token = facebookAuthService.getAccessToken(code); + final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email"); + facebookAuthService.signRequest(token, meRequest); + String graph = facebookAuthService.execute(meRequest).getBody(); + if (StringUtils.isBlank(graph)) { + logger.error("FACEBOOK GRAPH ERROR"); + throw new HttpBadRequestException(); + } + User fb = jsonMapper.readValue(graph, User.class); + long fbID = NumberUtils.toLong(fb.getId(), 0); + if (fbID == 0 || StringUtils.isBlank(fb.getName())) { + logger.error("Missing required fields, id: {}, name: {}", fbID, fb.getName()); + throw new HttpBadRequestException(); + } + + int uid = crosspostService.getUIDbyFBID(fbID); + if (uid > 0) { + if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) { + logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken()); + throw new HttpBadRequestException(); + } + Cookie c = new Cookie("hash", userService.getHashByUID(uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:" + redirectUrl; + } else { + if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) { + if (StringUtils.isNotEmpty(fb.getEmail())) { + logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName()); + Integer userId = crosspostService.getUIDbyFBID(fbID); + if (!emailService.getEmails(userId, false).contains(fb.getEmail())) { + emailService.addEmail(userId, fb.getEmail()); + } + } + logger.info("email not found for facebook user {}", fb.getName()); + throw new HttpBadRequestException(); + } + return "redirect:/signup?type=fb&hash=" + state; + } + } + @GetMapping("/_twitter") + protected void doTwitterLogin( + @Visitor com.juick.model.User user, + HttpServletRequest request, HttpServletResponse response) + throws IOException, ExecutionException, InterruptedException { + String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY; + String verifier = request.getParameter("oauth_verifier"); + Cookie[] cookies = request.getCookies(); + for (Cookie cookie : cookies) { + if (cookie.getName().equals("hash")) { + hash = cookie.getValue(); + } + if (cookie.getName().equals("request_token")) { + request_token = cookie.getValue(); + } + if (cookie.getName().equals("request_token_secret")) { + request_token_secret = cookie.getValue(); + } + } + OAuth10aService oAuthService = twitterBuilder + .apiSecret(twitterConsumerSecret) + .callback("https://juick.com/_twitter") + .build(TwitterApi.instance()); + + if (request_token.isEmpty() && request_token_secret.isEmpty() + && (verifier == null || verifier.isEmpty())) { + OAuth1RequestToken requestToken = oAuthService.getRequestToken(); + String authUrl = oAuthService.getAuthorizationUrl(requestToken); + response.addCookie(new Cookie("request_token", requestToken.getToken())); + response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret())); + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", authUrl); + } else { + if (verifier != null && verifier.length() > 0) { + OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret); + OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier); + OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, TWITTER_VERIFY_URL); + oAuthService.signRequest(accessToken, oAuthRequest); + com.juick.model.ext.twitter.User twitterUser = jsonMapper.readValue(oAuthService.execute(oAuthRequest).getBody(), + com.juick.model.ext.twitter.User.class); + if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(), + twitterUser.getScreenName())) { + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", "http://juick.com/settings"); + } else { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } + } + } + @GetMapping("/_vklogin") + protected String doVKLogin(HttpServletRequest request, + @RequestParam(required = false) String code, + @RequestParam(required = false) String state, + @CookieValue(required = false) String vkstate, + HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { + if (StringUtils.isBlank(code)) { + vkstate = UUID.randomUUID().toString(); + Cookie c = new Cookie("vkstate", vkstate); + response.addCookie(c); + return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate); + } + + if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) { + throw new HttpBadRequestException(); + } else { + Cookie c = new Cookie("vkstate", "-"); + c.setMaxAge(0); + response.addCookie(c); + } + OAuth2AccessToken token = vkAuthService.getAccessToken(code); + + OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73"); + vkAuthService.signRequest(token, meRequest); + String graph = vkAuthService.execute(meRequest).getBody(); + + com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0); + String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName(); + String vkLink = jsonUser.getScreenName(); + + if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) { + logger.error("vk user error"); + throw new HttpBadRequestException(); + } + + long vkID = NumberUtils.toLong(jsonUser.getId(), 0); + int uid = crosspostService.getUIDbyVKID(vkID); + if (uid > 0) { + Cookie c = new Cookie("hash", userService.getHashByUID(uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY); + } else { + String loginhash = UUID.randomUUID().toString(); + if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { + logger.error("create vk user error"); + throw new HttpBadRequestException(); + } + return "redirect:/signup?type=vk&hash=" + loginhash; + } + } + + @GetMapping("/_tglogin") + public String doDurovLogin(HttpServletRequest request, + @RequestParam Map params, + HttpServletResponse response) { + String dataCheckString = params.entrySet().stream() + .filter(p -> !p.getKey().equals("hash")) + .sorted(Map.Entry.comparingByKey()) + .map(p -> p.getKey() + "=" + p.getValue()) + .collect(Collectors.joining("\n")); + String hash = params.get("hash"); + byte[] secretKey = DigestUtils.sha256(telegramToken); + String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString); + if (hash.equals(resultString)) { + long tgUser = Long.parseLong(params.get("id")); + int uid = telegramService.getUser(tgUser); + if (uid > 0) { + Cookie c = new Cookie("hash", userService.getHashByUID(uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/" + Utils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY); + } else { + String username = StringUtils.defaultString(params.get("username"), params.get("first_name")); + List chats = telegramService.getAnonymous(); + if (!chats.contains(tgUser)) { + logger.info("added chat with {}", username); + telegramService.createTelegramUser(tgUser, username); + } + return "redirect:/signup?type=durov&hash=" + userService.getSignUpHashByTelegramID(tgUser, username); + } + } else { + logger.warn("invalid tg hash {} for {}", resultString, hash); + } + throw new HttpBadRequestException(); + } + + @GetMapping("/_apple") + public String doAppleLogin(HttpServletRequest request, + @RequestParam(required = false) String code, + HttpServletResponse response) { + if (StringUtils.isBlank(code)) { + String state = UUID.randomUUID().toString(); + Cookie c = new Cookie("astate", state); + response.addCookie(c); + return "redirect:" + appleSignInService.getAuthorizationUrl(state); + } + throw new HttpBadRequestException(); + } + @PostMapping("/_apple") + public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response, @RequestParam Map body) throws InterruptedException, ExecutionException, IOException, ParseException, JOSEException, BadJOSEException { + OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code")); + var jsonNode = jsonMapper.readTree(token.getRawResponse()); + var idToken = jsonNode.get("id_token").textValue(); + AppleSignInApi api = (AppleSignInApi) appleSignInService.getApi(); + var email = api.validateToken(idToken); + if (email.isPresent()) { + com.juick.model.User user = userService.getUserByEmail(email.get()); + if (!user.isAnonymous()) { + Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid())); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + return "redirect:/"; + } else { + String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase(); + emailService.addVerificationCode(null, email.get(), verificationCode); + return "redirect:/signup?type=email&hash=" + verificationCode; + } + } + throw new HttpBadRequestException(); + } +} -- cgit v1.2.3