feat: 新規アカウント作成エンドポイントを分離

src/main/kotlin/dev/usbharu/hideout/core/interfaces/api/auth/AuthController.kt

@@ -16,12 +16,31 @@
 
 package dev.usbharu.hideout.core.interfaces.api.auth
 
+import dev.usbharu.hideout.core.service.auth.AuthApiService
+import dev.usbharu.hideout.core.service.auth.RegisterAccountDto
 import org.springframework.stereotype.Controller
+import org.springframework.ui.Model
+import org.springframework.validation.annotation.Validated
 import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.ModelAttribute
+import org.springframework.web.bind.annotation.PostMapping
 
 @Controller
-class AuthController {
+class AuthController(private val authApiService: AuthApiService) {
     @GetMapping("/auth/sign_up")
     @Suppress("FunctionOnlyReturningConstant")
     fun signUp(): String = "sign_up"
+
+    @PostMapping("/auth/sign_up")
+    suspend fun signUp(@Validated @ModelAttribute signUpForm: SignUpForm, model: Model): String {
+        val registerAccount = authApiService.registerAccount(
+            RegisterAccountDto(
+                signUpForm.username,
+                signUpForm.password,
+                signUpForm.recaptchaResponse
+            )
+        )
+
+        return "redirect:"+registerAccount.first.url
+    }
 }

src/main/kotlin/dev/usbharu/hideout/core/interfaces/api/auth/SignUpForm.kt

@@ -0,0 +1,7 @@
+package dev.usbharu.hideout.core.interfaces.api.auth
+
+data class SignUpForm(
+    val username: String,
+    val password: String,
+    val recaptchaResponse: String
+)

src/main/kotlin/dev/usbharu/hideout/core/service/auth/AuthApiService.kt

@@ -0,0 +1,8 @@
+package dev.usbharu.hideout.core.service.auth
+
+import dev.usbharu.hideout.core.domain.model.actor.Actor
+import dev.usbharu.hideout.core.domain.model.userdetails.UserDetail
+
+interface AuthApiService {
+    suspend fun registerAccount(registerAccountDto: RegisterAccountDto): Pair<Actor, UserDetail>
+}

src/main/kotlin/dev/usbharu/hideout/core/service/auth/RegisterAccountDto.kt

@@ -0,0 +1,7 @@
+package dev.usbharu.hideout.core.service.auth
+
+data class RegisterAccountDto(
+    val username:String,
+    val password:String,
+    val recaptchaResponse:String
+)

src/main/kotlin/dev/usbharu/hideout/mastodon/config/MastodonApiSecurityConfig.kt

@@ -41,7 +41,7 @@ class MastodonApiSecurityConfig {
             authorizeHttpRequests {
                 authorize(POST, "/api/v1/apps", permitAll)
                 authorize(GET, "/api/v1/instance/**", permitAll)
-                authorize(POST, "/api/v1/accounts", permitAll)
+                authorize(POST, "/api/v1/accounts", authenticated)
 
                 authorize(GET, "/api/v1/accounts/verify_credentials", rf.hasScope("read:accounts"))
                 authorize(GET, "/api/v1/accounts/relationships", rf.hasScope("read:follows"))

src/main/resources/templates/sign_up.html

@@ -3,12 +3,22 @@
 <head>
     <meta charset="UTF-8">
     <title>SignUp</title>
+    <script th:src="https://www.google.com/recaptcha/api.js?render=${siteKey}"></script>
+    <script th:inline="javascript">
+        grecaptcha.ready(function () {
+            grecaptcha.execute( /*[[${siteKey}]]*/ '', {action: 'homepage'}).then(function (token) {
+                var recaptchaResponse = document.getElementById('recaptchaResponse');
+                recaptchaResponse.value = token;
+            });
+        });
+    </script>
 </head>
 <body>
 
-<form method='post' th:action="@{/api/v1/accounts}">
+<form method='post' th:action="@{/auth/sign_up}">
     <input name='username' type='text' value=''>
     <input name='password' type='password'>
+    <input type="hidden" name="recaptchaResponse" id="recaptchaResponse">
     <input type="submit">
 </form>
 </body>