From 89d6c18cb82f8ba24ec291e3d3fb031ea0b2c01e Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Thu, 12 Dec 2024 12:50:07 +0300
Subject: API: restore Google login and email signup
---
src/main/java/com/juick/config/SecurityConfig.java | 2 +-
.../java/com/juick/www/api/ApiSocialLogin.java | 89 ++++++++++++++++++++++
2 files changed, 90 insertions(+), 1 deletion(-)
create mode 100644 src/main/java/com/juick/www/api/ApiSocialLogin.java
(limited to 'src/main')
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index ac61f8f69..6608a658a 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -201,7 +201,7 @@ public class SecurityConfig {
"/api/swagger-ui/**",
"/api/messages/discussions",
"/api/users", "/api/thread", "/api/tags",
- "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon", "/api/_vk",
+ "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon", "/api/_vk", "/api/_google",
"/api/skypebotendpoint", "/api/signup",
"/api/inbox", "/api/events", "/api/u/", "/u/**",
"/n/**",
diff --git a/src/main/java/com/juick/www/api/ApiSocialLogin.java b/src/main/java/com/juick/www/api/ApiSocialLogin.java
new file mode 100644
index 000000000..5b48c52be
--- /dev/null
+++ b/src/main/java/com/juick/www/api/ApiSocialLogin.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2008-2024, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+package com.juick.www.api;
+
+import com.github.scribejava.apis.GoogleTokenVerifier;
+import com.juick.model.AuthResponse;
+import com.juick.service.EmailService;
+import com.juick.service.UserService;
+import com.juick.util.HttpBadRequestException;
+import com.juick.util.HttpForbiddenException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Controller;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import jakarta.inject.Inject;
+import java.util.Optional;
+
+@Controller
+public class ApiSocialLogin {
+
+ private static final Logger logger = LoggerFactory.getLogger(ApiSocialLogin.class);
+
+ @Value("${google_client_id:}")
+ private String googleClientId;
+
+ @Inject
+ private UserService userService;
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private Users users;
+ @ResponseBody
+ @PostMapping("/api/signup")
+ public com.juick.model.User signupWithEmail(String username, String password, String verificationCode) {
+ if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$")
+ || password.length() < 6 || password.length() > 32) {
+ throw new HttpBadRequestException();
+ }
+
+ String verifiedEmail = emailService.getEmailByAuthCode(verificationCode);
+ if (StringUtils.hasText(verifiedEmail)) {
+ com.juick.model.User newUser = userService.createUser(username, password).orElseThrow(HttpBadRequestException::new);
+ emailService.addEmail(newUser.getUid(), verifiedEmail);
+ emailService.deleteAuthCode(verificationCode);
+ return newUser;
+ } else {
+ throw new HttpForbiddenException();
+ }
+ }
+ @ResponseBody
+ @PostMapping("/api/_google")
+ public AuthResponse googleSignIn(@RequestParam(name = "idToken") String idTokenString) {
+ logger.info("Token: {}", idTokenString);
+ logger.info("Client: {}", googleClientId);
+ Optional verifiedEmail = GoogleTokenVerifier.validateToken(googleClientId, idTokenString);
+ if (verifiedEmail.isPresent()) {
+ String email = verifiedEmail.get();
+ com.juick.model.User visitor = userService.getUserByEmail(email);
+ if (visitor.isAnonymous()) {
+ String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+ emailService.addVerificationCode(null, email, verificationCode);
+ return new AuthResponse(null, email, verificationCode);
+ } else {
+ return new AuthResponse(users.getMe(visitor), null, null);
+ }
+ }
+ throw new HttpForbiddenException();
+ }
+}
--
cgit v1.2.3