jiazhizhong/OpenIsle
1
0
Fork 0
mirror of https://github.com/nagisa77/OpenIsle.git synced 2026-02-22 06:50:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add GitHub OAuth login

Browse Source
This commit is contained in:
Tim
2025-07-15 20:22:46 +08:00
parent 5fe10d770a
commit 8f5b44b3ad
12 changed files with 587 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/main/java/com/openisle/controller/AuthController.java
View File

@@ -6,6 +6,7 @@ import com.openisle.service.JwtService;
import com.openisle.service.UserService;
import com.openisle.service.CaptchaService;
import com.openisle.service.GoogleAuthService;
import com.openisle.service.GithubAuthService;
import com.openisle.service.RegisterModeService;
import com.openisle.service.NotificationService;
import com.openisle.model.RegisterMode;
@@ -27,6 +28,7 @@ public class AuthController {
private final EmailSender emailService;
private final CaptchaService captchaService;
private final GoogleAuthService googleAuthService;
private final GithubAuthService githubAuthService;
private final RegisterModeService registerModeService;
private final NotificationService notificationService;
private final UserRepository userRepository;
@@ -125,6 +127,37 @@ public class AuthController {
));
}
@PostMapping("/github")
public ResponseEntity<?> loginWithGithub(@RequestBody GithubLoginRequest req) {
Optional<User> user = githubAuthService.authenticate(req.getCode(), req.getReason(), registerModeService.getRegisterMode(), req.getRedirectUri());
if (user.isPresent()) {
if (RegisterMode.DIRECT.equals(registerModeService.getRegisterMode())) {
return ResponseEntity.ok(Map.of("token", jwtService.generateToken(user.get().getUsername())));
}
if (!user.get().isApproved()) {
if (req.reason != null && !req.reason.isEmpty()) {
notificationService.createRegisterRequestNotifications(user.get(), req.getReason());
}
if (user.get().getRegisterReason() != null && !user.get().getRegisterReason().isEmpty()) {
return ResponseEntity.badRequest().body(Map.of(
"error", "Account awaiting approval",
"reason_code", "IS_APPROVING"
));
}
return ResponseEntity.badRequest().body(Map.of(
"error", "Account awaiting approval",
"reason_code", "NOT_APPROVED"
));
}
return ResponseEntity.ok(Map.of("token", jwtService.generateToken(user.get().getUsername())));
}
return ResponseEntity.badRequest().body(Map.of(
"error", "Invalid github code",
"reason_code", "INVALID_CREDENTIALS"
));
}
@GetMapping("/check")
public ResponseEntity<?> checkToken() {
return ResponseEntity.ok(Map.of("valid", true));
@@ -152,6 +185,13 @@ public class AuthController {
private String reason;
}
@Data
private static class GithubLoginRequest {
private String code;
private String redirectUri;
private String reason;
}
@Data
private static class VerifyRequest {
private String username;

111
src/main/java/com/openisle/service/GithubAuthService.java Normal file
View File

@@ -0,0 +1,111 @@
package com.openisle.service;
import com.fasterxml.jackson.databind.JsonNode;
import com.openisle.model.Role;
import com.openisle.model.User;
import com.openisle.repository.UserRepository;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.*;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
import java.util.Collections;
import java.util.Optional;
@Service
@RequiredArgsConstructor
public class GithubAuthService {
private final UserRepository userRepository;
private final RestTemplate restTemplate = new RestTemplate();
@Value("${github.client-id:}")
private String clientId;
@Value("${github.client-secret:}")
private String clientSecret;
public Optional<User> authenticate(String code, String reason, com.openisle.model.RegisterMode mode, String redirectUri) {
try {
String tokenUrl = "https://github.com/login/oauth/access_token";
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
HttpEntity<String> request = new HttpEntity<>(
"client_id=" + clientId +
"&client_secret=" + clientSecret +
"&code=" + code +
(redirectUri != null ? "&redirect_uri=" + redirectUri : ""),
headers);
ResponseEntity<JsonNode> tokenRes = restTemplate.postForEntity(tokenUrl, request, JsonNode.class);
if (!tokenRes.getStatusCode().is2xxSuccessful() || tokenRes.getBody() == null || !tokenRes.getBody().has("access_token")) {
return Optional.empty();
}
String accessToken = tokenRes.getBody().get("access_token").asText();
HttpHeaders authHeaders = new HttpHeaders();
authHeaders.setBearerAuth(accessToken);
HttpEntity<Void> entity = new HttpEntity<>(authHeaders);
ResponseEntity<JsonNode> userRes = restTemplate.exchange(
"https://api.github.com/user", HttpMethod.GET, entity, JsonNode.class);
if (!userRes.getStatusCode().is2xxSuccessful() || userRes.getBody() == null) {
return Optional.empty();
}
JsonNode userNode = userRes.getBody();
String username = userNode.hasNonNull("login") ? userNode.get("login").asText() : null;
String email = null;
if (userNode.hasNonNull("email")) {
email = userNode.get("email").asText();
}
if (email == null || email.isEmpty()) {
ResponseEntity<JsonNode> emailsRes = restTemplate.exchange(
"https://api.github.com/user/emails", HttpMethod.GET, entity, JsonNode.class);
if (emailsRes.getStatusCode().is2xxSuccessful() && emailsRes.getBody() != null && emailsRes.getBody().isArray()) {
for (JsonNode n : emailsRes.getBody()) {
if (n.has("primary") && n.get("primary").asBoolean()) {
email = n.get("email").asText();
break;
}
}
}
}
if (email == null) {
email = username + "@users.noreply.github.com";
}
return Optional.of(processUser(email, username, reason, mode));
} catch (Exception e) {
return Optional.empty();
}
}
private User processUser(String email, String username, String reason, com.openisle.model.RegisterMode mode) {
Optional<User> existing = userRepository.findByEmail(email);
if (existing.isPresent()) {
User user = existing.get();
if (!user.isVerified()) {
user.setVerified(true);
user.setVerificationCode(null);
userRepository.save(user);
}
if (!user.isApproved() && reason != null && !reason.isEmpty()) {
user.setRegisterReason(reason);
userRepository.save(user);
}
return user;
}
String baseUsername = username != null ? username : email.split("@")[0];
String finalUsername = baseUsername;
int suffix = 1;
while (userRepository.findByUsername(finalUsername).isPresent()) {
finalUsername = baseUsername + suffix++;
}
User user = new User();
user.setUsername(finalUsername);
user.setEmail(email);
user.setPassword("");
user.setRole(Role.USER);
user.setVerified(true);
user.setRegisterReason(reason);
user.setApproved(mode == com.openisle.model.RegisterMode.DIRECT);
user.setAvatar("https://github.com/" + finalUsername + ".png");
return userRepository.save(user);
}
}