mirror of
https://github.com/codeninjasllc/codecombat.git
synced 2024-11-28 10:06:08 -05:00
f1f1c23fd4
* Take `/server/routes/auth` and move most of the logic to `/server/middleware/auth`, refactoring to use generators. * List all `/auth/*` endpoints in `/server/routes/index.coffee`. * Fill in testing gaps for `/auth/unsubscribe`. * Add debug log when `sendwithus` is not operational, so it 'works' in development and testing. * Use passport properly! * Track Facebook and G+ logins in user activity as well as passport logins.
38 lines
1.5 KiB
CoffeeScript
38 lines
1.5 KiB
CoffeeScript
errors = require '../commons/errors'
|
|
wrap = require 'co-express'
|
|
Promise = require 'bluebird'
|
|
parse = require '../commons/parse'
|
|
request = require 'request'
|
|
User = require '../models/User'
|
|
|
|
|
|
module.exports =
|
|
fetchByGPlusID: wrap (req, res, next) ->
|
|
gpID = req.query.gplusID
|
|
gpAT = req.query.gplusAccessToken
|
|
next() unless gpID and gpAT
|
|
|
|
dbq = User.find()
|
|
dbq.select(parse.getProjectFromReq(req))
|
|
url = "https://www.googleapis.com/oauth2/v2/userinfo?access_token=#{gpAT}"
|
|
[googleRes, body] = yield request.getAsync(url, {json: true})
|
|
idsMatch = gpID is body.id
|
|
throw new errors.UnprocessableEntity('Invalid G+ Access Token.') unless idsMatch
|
|
user = yield User.findOne({gplusID: gpID})
|
|
throw new errors.NotFound('No user with that G+ ID') unless user
|
|
res.status(200).send(user.toObject({req: req}))
|
|
|
|
fetchByFacebookID: wrap (req, res, next) ->
|
|
fbID = req.query.facebookID
|
|
fbAT = req.query.facebookAccessToken
|
|
next() unless fbID and fbAT
|
|
|
|
dbq = User.find()
|
|
dbq.select(parse.getProjectFromReq(req))
|
|
url = "https://graph.facebook.com/me?access_token=#{fbAT}"
|
|
[facebookRes, body] = yield request.getAsync(url, {json: true})
|
|
idsMatch = fbID is body.id
|
|
throw new errors.UnprocessableEntity('Invalid Facebook Access Token.') unless idsMatch
|
|
user = yield User.findOne({facebookID: fbID})
|
|
throw new errors.NotFound('No user with that Facebook ID') unless user
|
|
res.status(200).send(user.toObject({req: req}))
|