From 6c3663df82c7e29febc0aebd51717184df7da09c Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Wed, 11 Jan 2023 06:57:36 +0300 Subject: Social login refactoring: set cookie after login --- .../java/com/juick/www/controllers/SignUp.java | 17 ++++++++++++++--- .../com/juick/www/controllers/SocialLogin.java | 22 ++++++++++++++++------ 2 files changed, 30 insertions(+), 9 deletions(-) (limited to 'src/main/java/com/juick/www/controllers') diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java index 8318dabd..955b3b92 100644 --- a/src/main/java/com/juick/www/controllers/SignUp.java +++ b/src/main/java/com/juick/www/controllers/SignUp.java @@ -24,8 +24,13 @@ import com.juick.www.WebApp; import com.juick.service.EmailService; import com.juick.service.UserService; import com.juick.service.security.entities.JuickUser; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.authentication.RememberMeAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.RememberMeServices; +import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; @@ -48,6 +53,8 @@ public class SignUp { private EmailService emailService; @Inject private WebApp webApp; + @Inject + private RememberMeServices rememberMeServices; @GetMapping("/signup") @@ -91,6 +98,8 @@ public class SignUp { @PostMapping("/signup") protected String doPost( + HttpServletRequest request, + HttpServletResponse response, @ModelAttribute User visitor, @RequestParam String type, @RequestParam String hash, @@ -180,9 +189,11 @@ public class SignUp { } if (visitor.isAnonymous()) { - UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = - new UsernamePasswordAuthenticationToken(new JuickUser(current), password, JuickUser.USER_AUTHORITY); - SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken); + var authentication = new RememberMeAuthenticationToken( + ((AbstractRememberMeServices) rememberMeServices).getKey(), + new JuickUser(current), JuickUser.USER_AUTHORITY); + SecurityContextHolder.getContext().setAuthentication(authentication); + rememberMeServices.loginSuccess(request, response, authentication); } return "redirect:/"; } diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java index 3d8e7027..66747df2 100644 --- a/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -27,6 +27,7 @@ import com.juick.model.ext.vk.UsersResponse; import com.juick.service.EmailService; import com.juick.service.TelegramService; import com.juick.service.UserService; +import com.juick.service.security.entities.JuickUser; import com.juick.util.HttpBadRequestException; import jakarta.annotation.PostConstruct; @@ -44,6 +45,10 @@ import org.apache.commons.lang3.math.NumberUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.authentication.RememberMeAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.RememberMeServices; +import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.*; import org.springframework.web.util.UriComponentsBuilder; @@ -102,6 +107,8 @@ public class SocialLogin { private TelegramService telegramService; @Inject private AppleClientSecretGenerator clientSecretGenerator; + @Inject + private RememberMeServices rememberMeServices; @PostConstruct public void init() { @@ -292,7 +299,8 @@ public class SocialLogin { @GetMapping("/_tglogin") public String doDurovLogin(@RequestParam Map params, - @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) { + @RequestHeader(value = "referer", required = false) String referer, + HttpServletRequest request, HttpServletResponse response) { String dataCheckString = params.entrySet().stream().filter(p -> !p.getKey().equals("hash")) .sorted(Map.Entry.comparingByKey()).map(p -> p.getKey() + "=" + p.getValue()) .collect(Collectors.joining("\n")); @@ -301,11 +309,13 @@ public class SocialLogin { String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString); if (hash.equals(resultString)) { long tgUser = Long.parseLong(params.get("id")); - int uid = telegramService.getUser(tgUser); - if (uid > 0) { - Cookie c = new Cookie("hash", userService.getHashByUID(uid)); - c.setMaxAge(50 * 24 * 60 * 60); - response.addCookie(c); + var user = userService.getUserByTelegramId(tgUser); + if (user.isPresent()) { + var authentication = new RememberMeAuthenticationToken( + ((AbstractRememberMeServices) rememberMeServices).getKey(), + new JuickUser(user.get()), JuickUser.USER_AUTHORITY); + SecurityContextHolder.getContext().setAuthentication(authentication); + rememberMeServices.loginSuccess(request, response, authentication); return "redirect:" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY); } else { String username = StringUtils.defaultString(params.get("username"), params.get("first_name")); -- cgit v1.2.3