jiazhizhong/OpenIsle
1
0
Fork 0
mirror of https://github.com/nagisa77/OpenIsle.git synced 2026-02-22 06:50:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: login logic

Browse Source
This commit is contained in:
Tim
2025-07-16 12:38:03 +08:00
parent ea90a6a7b8
commit ea85af4a52
11 changed files with 150 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/main/java/com/openisle/controller/AuthController.java
View File

@@ -14,6 +14,7 @@ import com.openisle.repository.UserRepository;
import lombok.Data;
import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;
import org.springframework.beans.factory.annotation.Value;
import java.util.Map;
@@ -48,7 +49,7 @@ public class AuthController {
return ResponseEntity.badRequest().body(Map.of("error", "Invalid captcha"));
}
User user = userService.register(
req.getUsername(), req.getEmail(), req.getPassword(), req.getReason(), registerModeService.getRegisterMode());
req.getUsername(), req.getEmail(), req.getPassword(), "", registerModeService.getRegisterMode());
emailService.sendEmail(user.getEmail(), "Verification Code", "Your verification code is " + user.getVerificationCode());
if (!user.isApproved()) {
notificationService.createRegisterRequestNotifications(user, user.getRegisterReason());
@@ -60,7 +61,10 @@ public class AuthController {
public ResponseEntity<?> verify(@RequestBody VerifyRequest req) {
boolean ok = userService.verifyCode(req.getUsername(), req.getCode());
if (ok) {
return ResponseEntity.ok(Map.of("message", "Verified"));
return ResponseEntity.ok(Map.of(
"message", "Verified",
"token", jwtService.generateReasonToken(req.getUsername())
));
}
return ResponseEntity.badRequest().body(Map.of("error", "Invalid verification code"));
}
@@ -91,22 +95,20 @@ public class AuthController {
if (RegisterMode.WHITELIST.equals(registerModeService.getRegisterMode()) && !user.isApproved()) {
return ResponseEntity.badRequest().body(Map.of(
"error", "Register reason not approved",
"reason_code", "NOT_APPROVED"));
"reason_code", "NOT_APPROVED",
"token", jwtService.generateReasonToken(user.getUsername())));
}
return ResponseEntity.ok(Map.of("token", jwtService.generateToken(user.getUsername())));
}
@PostMapping("/google")
public ResponseEntity<?> loginWithGoogle(@RequestBody GoogleLoginRequest req) {
Optional<User> user = googleAuthService.authenticate(req.getIdToken(), req.getReason(), registerModeService.getRegisterMode());
Optional<User> user = googleAuthService.authenticate(req.getIdToken(), registerModeService.getRegisterMode());
if (user.isPresent()) {
if (RegisterMode.DIRECT.equals(registerModeService.getRegisterMode())) {
return ResponseEntity.ok(Map.of("token", jwtService.generateToken(user.get().getUsername())));
}
if (!user.get().isApproved()) {
if (req.reason != null && !req.reason.isEmpty()) {
notificationService.createRegisterRequestNotifications(user.get(), req.getReason());
}
if (user.get().getRegisterReason() != null && !user.get().getRegisterReason().isEmpty()) {
return ResponseEntity.badRequest().body(Map.of(
"error", "Account awaiting approval",
@@ -127,26 +129,55 @@ public class AuthController {
));
}
@PostMapping("/reason")
public ResponseEntity<?> reason(@RequestBody MakeReasonRequest req) {
String username = jwtService.validateAndGetSubjectForReason(req.getToken());
Optional<User> userOpt = userService.findByUsername(username);
if (userOpt.isEmpty()) {
return ResponseEntity.badRequest().body(Map.of(
"error", "Invalid token, Please re-login",
"reason_code", "INVALID_CREDENTIALS"
));
}
if (req.reason == null || req.reason.length() <= 20) {
return ResponseEntity.badRequest().body(Map.of(
"error", "Reason's length must longer than 20",
"reason_code", "INVALID_CREDENTIALS"
));
}
User user = userOpt.get();
if (user.isApproved() || registerModeService.getRegisterMode() == RegisterMode.DIRECT) {
return ResponseEntity.ok().body(Map.of("valid", true));
}
userService.register(user.getUsername(), user.getEmail(), user.getPassword(), req.getReason(), registerModeService.getRegisterMode());
notificationService.createRegisterRequestNotifications(user, req.getReason());
return ResponseEntity.ok().body(Map.of("valid", true));
}
@PostMapping("/github")
public ResponseEntity<?> loginWithGithub(@RequestBody GithubLoginRequest req) {
Optional<User> user = githubAuthService.authenticate(req.getCode(), req.getReason(), registerModeService.getRegisterMode(), req.getRedirectUri());
Optional<User> user = githubAuthService.authenticate(req.getCode(), registerModeService.getRegisterMode(), req.getRedirectUri());
if (user.isPresent()) {
if (RegisterMode.DIRECT.equals(registerModeService.getRegisterMode())) {
return ResponseEntity.ok(Map.of("token", jwtService.generateToken(user.get().getUsername())));
}
if (!user.get().isApproved()) {
if (req.reason != null && !req.reason.isEmpty()) {
notificationService.createRegisterRequestNotifications(user.get(), req.getReason());
}
if (user.get().getRegisterReason() != null && !user.get().getRegisterReason().isEmpty()) {
// 已填写注册理由
return ResponseEntity.badRequest().body(Map.of(
"error", "Account awaiting approval",
"reason_code", "IS_APPROVING"
"reason_code", "IS_APPROVING",
"token", jwtService.generateReasonToken(user.get().getUsername())
));
}
return ResponseEntity.badRequest().body(Map.of(
"error", "Account awaiting approval",
"reason_code", "NOT_APPROVED"
"reason_code", "NOT_APPROVED",
"token", jwtService.generateReasonToken(user.get().getUsername())
));
}
@@ -169,7 +200,6 @@ public class AuthController {
private String email;
private String password;
private String captcha;
private String reason;
}
@Data
@@ -182,14 +212,12 @@ public class AuthController {
@Data
private static class GoogleLoginRequest {
private String idToken;
private String reason;
}
@Data
private static class GithubLoginRequest {
private String code;
private String redirectUri;
private String reason;
}
@Data
@@ -197,4 +225,10 @@ public class AuthController {
private String username;
private String code;
}
@Data
private static class MakeReasonRequest {
private String token;
private String reason;
}
}

11
src/main/java/com/openisle/service/GithubAuthService.java
View File

@@ -28,7 +28,7 @@ public class GithubAuthService {
@Value("${github.client-secret:}")
private String clientSecret;
public Optional<User> authenticate(String code, String reason, com.openisle.model.RegisterMode mode, String redirectUri) {
public Optional<User> authenticate(String code, com.openisle.model.RegisterMode mode, String redirectUri) {
try {
String tokenUrl = "https://github.com/login/oauth/access_token";
HttpHeaders headers = new HttpHeaders();
@@ -83,13 +83,13 @@ public class GithubAuthService {
if (email == null) {
email = username + "@users.noreply.github.com";
}
return Optional.of(processUser(email, username, reason, mode));
return Optional.of(processUser(email, username, mode));
} catch (Exception e) {
return Optional.empty();
}
}
private User processUser(String email, String username, String reason, com.openisle.model.RegisterMode mode) {
private User processUser(String email, String username, com.openisle.model.RegisterMode mode) {
Optional<User> existing = userRepository.findByEmail(email);
if (existing.isPresent()) {
User user = existing.get();
@@ -98,10 +98,6 @@ public class GithubAuthService {
user.setVerificationCode(null);
userRepository.save(user);
}
if (!user.isApproved() && reason != null && !reason.isEmpty()) {
user.setRegisterReason(reason);
userRepository.save(user);
}
return user;
}
String baseUsername = username != null ? username : email.split("@")[0];
@@ -116,7 +112,6 @@ public class GithubAuthService {
user.setPassword("");
user.setRole(Role.USER);
user.setVerified(true);
user.setRegisterReason(reason);
user.setApproved(mode == com.openisle.model.RegisterMode.DIRECT);
user.setAvatar("https://github.com/" + finalUsername + ".png");
return userRepository.save(user);

12
src/main/java/com/openisle/service/GoogleAuthService.java
View File

@@ -23,7 +23,7 @@ public class GoogleAuthService {
@Value("${google.client-id:}")
private String clientId;
public Optional<User> authenticate(String idTokenString, String reason, com.openisle.model.RegisterMode mode) {
public Optional<User> authenticate(String idTokenString, com.openisle.model.RegisterMode mode) {
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), new JacksonFactory())
.setAudience(Collections.singletonList(clientId))
.build();
@@ -35,13 +35,13 @@ public class GoogleAuthService {
GoogleIdToken.Payload payload = idToken.getPayload();
String email = payload.getEmail();
String name = (String) payload.get("name");
return Optional.of(processUser(email, name, reason, mode));
return Optional.of(processUser(email, name, mode));
} catch (Exception e) {
return Optional.empty();
}
}
private User processUser(String email, String name, String reason, com.openisle.model.RegisterMode mode) {
private User processUser(String email, String name, com.openisle.model.RegisterMode mode) {
Optional<User> existing = userRepository.findByEmail(email);
if (existing.isPresent()) {
User user = existing.get();
@@ -51,11 +51,6 @@ public class GoogleAuthService {
userRepository.save(user);
}
if (!user.isApproved() && reason != null && !reason.isEmpty()) {
user.setRegisterReason(reason);
userRepository.save(user);
}
return user;
}
User user = new User();
@@ -70,7 +65,6 @@ public class GoogleAuthService {
user.setPassword("");
user.setRole(Role.USER);
user.setVerified(true);
user.setRegisterReason(reason);
user.setApproved(mode == com.openisle.model.RegisterMode.DIRECT);
user.setAvatar("https://github.com/identicons/" + username + ".png");
return userRepository.save(user);

31
src/main/java/com/openisle/service/JwtService.java
View File

@@ -18,13 +18,16 @@ public class JwtService {
@Value("${app.jwt.secret}")
private String secret;
@Value("${app.jwt.reason-secret}")
private String reasonSecret;
@Value("${app.jwt.expiration}")
private long expiration;
private Key getSigningKey() {
private Key getSigningKeyForSecret(String signSecret) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] keyBytes = digest.digest(secret.getBytes(StandardCharsets.UTF_8));
byte[] keyBytes = digest.digest(signSecret.getBytes(StandardCharsets.UTF_8));
return Keys.hmacShaKeyFor(keyBytes);
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("SHA-256 not available", e);
@@ -38,13 +41,33 @@ public class JwtService {
.setSubject(subject)
.setIssuedAt(now)
.setExpiration(expiryDate)
.signWith(getSigningKey())
.signWith(getSigningKeyForSecret(secret))
.compact();
}
public String generateReasonToken(String subject) {
Date now = new Date();
Date expiryDate = new Date(now.getTime() + expiration);
return Jwts.builder()
.setSubject(subject)
.setIssuedAt(now)
.setExpiration(expiryDate)
.signWith(getSigningKeyForSecret(reasonSecret))
.compact();
}
public String validateAndGetSubject(String token) {
Claims claims = Jwts.parserBuilder()
.setSigningKey(getSigningKey())
.setSigningKey(getSigningKeyForSecret(secret))
.build()
.parseClaimsJws(token)
.getBody();
return claims.getSubject();
}
public String validateAndGetSubjectForReason(String token) {
Claims claims = Jwts.parserBuilder()
.setSigningKey(getSigningKeyForSecret(reasonSecret))
.build()
.parseClaimsJws(token)
.getBody();