exports.init = function (conf) {
// console.log(conf.goodreads.apiKey)
// console.log(conf.goodreads.secret)
var Strategy = require('passport-goodreads').Strategy;
// passport.use(new Strategy({
// consumerKey: conf.goodreads.apiKey,
// consumerSecret: conf.goodreads.secret,
// callbackURL: conf.baseURL + 'auth/goodreads/callback'
// }, exports.callback));
passport.use('goodreads-connect', new Strategy({
consumerKey: conf.goodreads.apiKey,
consumerSecret: conf.goodreads.secret,
callbackURL: conf.baseURL + 'connect/goodreads/callback'
}, exports.callbackConnect));
// Redirect to Twitter for account authorization.
app.get('/connect/goodreads',
passport.authorize('goodreads-connect', { failureRedirect: '/connect/accounts' })
);
app.get('/connect/goodreads/callback',
passport.authorize('goodreads-connect', { failureRedirect: '/connect/accounts' }),
function(req, res) {
var user = req.user;
// var account = req.account;
user.updateAttributes({
goodreadsId: req.account.goodreadsId,
goodreadsAccessToken: req.account.goodreadsAccessToken,
goodreadsAccessTokenSecret: req.account.goodreadsAccessTokenSecret,
updatedAt: new Date()
},function(err){
req.flash('info', 'goodreads account linked!');
res.redirect('/connect/accounts');
});
}
);
};
module.exports = function routes() {
this.root('pages#main');
this.match('crossview', {controller: 'pages', action: 'showCrossview'});
this.match('auth/facebook', passport.authenticate('facebook'));
this.match('/auth/facebook/callback',
passport.authenticate('facebook', { failureRedirect: '/login' }),
function(req, res) {
console.log("routes");
console.log(req.user);
res.redirect('/crossview');
});
this.match('/auth/google',
passport.authorize('google'));
this.match('/auth/google/callback',
passport.authorize('google', { failureRedirect: '/crossview' }),
function(req, res) {
console.log("routed");
console.log(req.account);
console.log(res);
res.redirect('/crossview');
});
}
exports.widgetLoginCallback = function( req, res, next ){
var loginType = req.params.loginType;
logger.info('authorizing', 'widget-' + req.params.widgetId + '-' + loginType);
passport.authorize('widget-' + req.params.widgetId + '-' + loginType)(req, res, function(){
logger.info('this is account',req.account);
try {
var loginDetails = { 'name': req.account.name.givenName, 'lastName': req.account.name.familyName, 'email': req.account.emails[0].value};
managers.widgetLogins.handleWidgetLogin(loginType, req.params.widgetId, loginDetails, _loginCallback(req, res));
}catch(e){
next(e);
}
});
};
app.get('/connect/callback', function (req, res) {
var callbackUrl = '/';
if ( req.session.authCallback ) {
callbackUrl = req.session.authCallback;
}
passport.authorize('openstreetmap', {
'successRedirect': callbackUrl,
'failureRedirect': callbackUrl +'/#oups'
})(req, res);
});
connectWithCallback: function(req, res, next) {
var provider = req.param("provider");
console.log("connectWithCallback", provider + "-connect")
passport.authorize(provider + "-connect", {
failureRedirect: '/callback.html'
},
function(a, b) {
console.log("a", a);
console.log("b", b);
console.log("after authorize", req.user);
// return res.json({ status : provider + " connected" });
return res.redirect('/callback.html');
}
)(req, res, next);
},
exports.init = function (conf) {
var Strategy = require('passport-foursquare').Strategy;
passport.use(new Strategy({
clientID: conf.foursquare.apiKey,
clientSecret: conf.foursquare.secret,
callbackURL: conf.baseURL + 'auth/foursquare/callback'
}, exports.callback));
passport.use('foursquare-connect', new Strategy({
clientID: conf.foursquare.apiKey,
clientSecret: conf.foursquare.secret,
callbackURL: conf.baseURL + 'connect/foursquare/callback'
}, exports.callbackConnect));
// Redirect to Twitter for account authorization.
app.get('/connect/foursquare',
passport.authorize('foursquare-connect', { failureRedirect: '/connect/accounts' })
);
app.get('/connect/foursquare/callback',
passport.authorize('foursquare-connect', { failureRedirect: '/connect/accounts' }),
function(req, res) {
var user = req.user;
// var account = req.account;
user.updateAttributes({
foursquareId: req.account.foursquareId,
foursquareAccessToken: req.account.foursquareAccessToken,
updatedAt: new Date()
},function(err){
req.flash('info', 'foursquare account linked!');
res.redirect('/connect/accounts');
});
}
);
};
(req, res, next) => {
passport.authorize(name, passportAuthOptions, (authorizeError, user, infoOrChallange, status) => {
if (authorizeError) {
return next(authorizeError);
}
if (user) {
req.account = user; // eslint-disable-line no-param-reassign
return next();
}
let errorMessage = infoOrChallange;
if (!_.isString(errorMessage)) {
try {
errorMessage = JSON.stringify(errorMessage);
} catch (stringifyError) {
logger.error('can not stringify errorMessage object', stringifyError);
}
}
const authorizeFailedError = new Error(errorMessage);
authorizeFailedError.status = status || 403;
return next(authorizeFailedError);
})(req, res, next);
},
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), (req, res) => {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), (req, res) => {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/linkedin', passport.authenticate('linkedin', { state: 'SOME STATE' }));
app.get('/auth/linkedin/callback', passport.authenticate('linkedin', { failureRedirect: '/login' }), (req, res) => {
res.redirect(req.session.returnTo || '/');
});
/**
* OAuth authorization routes. (API examples)
*/
app.get('/auth/foursquare', passport.authorize('foursquare'));
app.get('/auth/foursquare/callback', passport.authorize('foursquare', { failureRedirect: '/api' }), (req, res) => {
res.redirect('/api/foursquare');
});
app.get('/auth/tumblr', passport.authorize('tumblr'));
app.get('/auth/tumblr/callback', passport.authorize('tumblr', { failureRedirect: '/api' }), (req, res) => {
res.redirect('/api/tumblr');
});
app.get('/auth/steam', passport.authorize('openid', { state: 'SOME STATE' }));
app.get('/auth/steam/callback', passport.authorize('openid', { failureRedirect: '/login' }), (req, res) => {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/pinterest', passport.authorize('pinterest', { scope: 'read_public write_public' }));
app.get('/auth/pinterest/callback', passport.authorize('pinterest', { failureRedirect: '/login' }), (req, res) => {
res.redirect('/api/pinterest');
});
function load(app, fn){
var home = traceur.require(__dirname + '/../routes/home.js');
var users = traceur.require(__dirname + '/../routes/users.js');
var reports = traceur.require(__dirname + '/../routes/reports.js');
/* Passport Configuration */
var passport = require('passport');
require('../config/passport')(passport);
app.get('/', dbg, home.index);
app.get('/register', dbg, users.registration);
app.post('/register', dbg, passport.authenticate('local-register', {
successRedirect : '/profile',
failureRedirect : '/register',
failureFlash : true
}));
app.post('/login', dbg, passport.authenticate('local-login', {
successRedirect : '/profile',
failureRedirect : '/',
failureFlash : true
}));
app.get('/auth/facebook', passport.authenticate('facebook', {
scope: 'email'
})); // facebook does not provide email by default. Must add scope.
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
successRedirect: '/profile',
failureRedirect: '/'
}));
// locally --------------------------------
app.get('/connect/local', function(req, res) {
res.render('users/connect-local', { message: req.flash('registerMessage') });
});
app.post('/connect/local', passport.authenticate('local-register', {
successRedirect : '/profile',
failureRedirect : '/connect/local',
failureFlash : true
}));
// facebook -------------------------------
app.get('/connect/facebook', passport.authorize('facebook', { scope : 'email' }));
app.get('/connect/facebook/callback',
passport.authorize('facebook', {
successRedirect : '/profile',
failureRedirect : '/'
}));
// UNLINK ACCOUNTS =============================================================
// local -----------------------------------
app.get('/unlink/local', function(req, res) {
var user = req.user;
user.local.email = undefined;
user.local.password = undefined;
user.save(function(err) {
res.redirect('/profile');
});
});
// facebook -------------------------------
app.get('/unlink/facebook', function(req, res) {
var user = req.user;
user.facebook.token = undefined;
user.save(function(err) {
res.redirect('/profile');
});
});
// twitter --------------------------------
app.get('/unlink/twitter', function(req, res) {
var user = req.user;
user.twitter.token = undefined;
user.save(function(err) {
res.redirect('/profile');
});
});
app.all('*', users.bounce);
app.get('/profile', dbg, users.profile);
app.post('/logout', dbg, users.logout);
app.get('/users/password', dbg, users.password);
app.post('/users/password', dbg, users.updatePassword);
app.post('/reports/:id', dbg, reports.destroy);
app.post('/reports', dbg, reports.create);
console.log('Routes Loaded');
fn();
}
// AUTHORIZE (ALREADY LOGGED IN / CONNECTING OTHER SOCIAL ACCOUNT) =============
// locally --------------------------------
router.get('/connect/local', function(req, res) {
res.render('auth/connect-local', { message: req.flash('signupMessage') });
});
router.post('/connect/local', passport.authenticate('local-signup', {
successRedirect : '/auth/profile', // redirect to the secure profile section
failureRedirect : '/auth/connect/local', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// facebook -------------------------------
// send to facebook to do the authentication
router.get('/connect/facebook', passport.authorize('facebook', { scope : 'email' }));
// handle the callback after facebook has authorized the user
router.get('/connect/facebook/callback',
passport.authorize('facebook', {
successRedirect : '/auth/profile',
failureRedirect : '/auth/'
}));
// twitter --------------------------------
// send to twitter to do the authentication
router.get('/connect/twitter', passport.authorize('twitter', { scope : 'email' }));
// handle the callback after twitter has authorized the user
router.get('/connect/twitter/callback',
( function () {
"use strict";
var jaby = require( "./jaby" );
var express = require( "express" );
var session = require( "express-session" );
var MongoStore = require( "connect-mongo" )( session );
var cookieParser = require( "cookie-parser" );
var compress = require( "compression" );
var bodyParser = require( "body-parser" );
var logger = require( "morgan" );
var errorHandler = require( "errorhandler" );
var csrf = require( "lusca" ).csrf();
var methodOverride = require( "method-override" );
var _ = require( "lodash" );
var path = require( "path" );
var mongoose = require( "mongoose" );
var passport = require( "passport" );
var expressValidator = require( "express-validator" );
/**
* Controllers (route handlers).
*/
var jabyController = require( "./controllers/jaby" );
/**
* API keys and Passport configuration.
*/
var secrets = require( "./config/secrets" );
require( "./config/passport" );
/**
* CSRF white-list
*/
var csrfExclude = [ "/url1", "/url2" ];
var port = process.env.PORT || 3000;
/**
* Create Express server
*/
var app = express();
/**
* Setup Socket.io
*/
var server = require( "http" ).Server( app );
var io = require( "socket.io" )( server );
var passportSocketIo = require( "passport.socketio" );
var sessionStore;
var hour = 3600000; //milliseconds
var day = ( hour * 24 );
var week = ( day * 7 );
/**
* Connect to MongoDB
*/
mongoose.connect( secrets.jabyDB );
mongoose.connection.on( "error", function () {
console.error( "MongoDB Connection Error. Make sure MongoDB is running." );
} );
sessionStore = new MongoStore( {
mongooseConnection: mongoose.connections[ 0 ]
} );
/**
* Express configuration.
*/
app.set( "port", port );
app.use( compress() );
app.use( logger( "dev" ) );
app.use( bodyParser.json() );
app.use( bodyParser.urlencoded( {
extended: true
} ) );
app.use( expressValidator() );
app.use( methodOverride() );
app.use( cookieParser() );
app.use( session( {
resave: true,
saveUninitialized: true,
secret: secrets.sessionSecret,
store: sessionStore
} ) );
app.use( passport.initialize() );
app.use( passport.session() );
app.use( function ( req, res, next ) {
// CSRF protection.
if ( _.contains( csrfExclude, req.path ) ) {
return next();
}
csrf( req, res, next );
} );
app.use( function ( req, res, next ) {
// Make user object available in templates.
res.locals.user = req.user;
if ( req.user ) {
req.session.userDB = secrets.db + "/" + req.user._id.toString();
}
next();
} );
app.use( function ( req, res, next ) {
req.session.returnTo = "/";
next();
} );
app.use( express.static( path.join( __dirname, "public" ), {
maxAge: week
} ) );
/**
* Main routes.
*/
app.get( "/", jabyController.index );
app.get( "/login", jabyController.login );
app.get( "/logout", jabyController.logout );
/**
* OAuth sign-in routes.
*/
app.get( "/auth/instagram", passport.authenticate( "instagram" ) );
app.get( "/auth/instagram/callback", passport.authenticate( "instagram", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
app.get( "/auth/facebook", passport.authenticate( "facebook", {
scope: [ "email", "user_location" ]
} ) );
app.get( "/auth/facebook/callback", passport.authenticate( "facebook", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
app.get( "/auth/github", passport.authenticate( "github" ) );
app.get( "/auth/github/callback", passport.authenticate( "github", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
app.get( "/auth/google", passport.authenticate( "google", {
scope: "profile email"
} ) );
app.get( "/auth/google/callback", passport.authenticate( "google", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
app.get( "/auth/twitter", passport.authenticate( "twitter" ) );
app.get( "/auth/twitter/callback", passport.authenticate( "twitter", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
app.get( "/auth/linkedin", passport.authenticate( "linkedin", {
state: "SOME STATE"
} ) );
app.get( "/auth/linkedin/callback", passport.authenticate( "linkedin", {
failureRedirect: "/login"
} ), function ( req, res ) {
res.redirect( req.session.returnTo || "/" );
} );
/**
* OAuth authorization routes for API examples.
*/
// app.get( "/auth/foursquare", passport.authorize( "foursquare" ) );
// app.get( "/auth/foursquare/callback", passport.authorize( "foursquare", {
// failureRedirect: "/api"
// } ), function ( req, res ) {
// res.redirect( "/api/foursquare" );
// } );
app.get( "/auth/tumblr", passport.authorize( "tumblr" ) );
app.get( "/auth/tumblr/callback", passport.authorize( "tumblr", {
failureRedirect: "/api"
} ), function ( req, res ) {
res.redirect( "/api/tumblr" );
} );
app.get( "/auth/venmo", passport.authorize( "venmo", {
scope: "make_payments access_profile access_balance access_email access_phone"
} ) );
app.get( "/auth/venmo/callback", passport.authorize( "venmo", {
failureRedirect: "/api"
} ), function ( req, res ) {
res.redirect( "/api/venmo" );
} );
/**
* 500 Error Handler.
*/
app.use( errorHandler() );
/**
* Start Express server.
*/
server.listen( app.get( "port" ), function () {
console.log( "Jaby server listening on port %d in %s mode", app.get( "port" ), app.get( "env" ) );
} );
function onAuthorizeSuccess( data, accept ) {
accept();
}
function onAuthorizeFail( data, message, error, accept ) {
if ( error ) {
throw new Error( message );
}
console.log( "Failed connection to socket.io: ", message );
if ( error ) {
accept( new Error( message ) );
}
}
io.use( passportSocketIo.authorize( {
cookieParser: cookieParser,
key: "connect.sid",
secret: secrets.sessionSecret,
store: sessionStore,
success: onAuthorizeSuccess,
fail: onAuthorizeFail
} ) );
io.on( "connection", function ( socket ) {
jaby.registerSocket( io, socket );
} );
module.exports = app;
} ).call( this );
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/linkedin', passport.authenticate('linkedin', { state: 'SOME STATE' }));
app.get('/auth/linkedin/callback', passport.authenticate('linkedin', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/**
* OAuth authorization routes. (API examples)
*/
app.get('/auth/tumblr', passport.authorize('tumblr'));
app.get('/auth/tumblr/callback', passport.authorize('tumblr', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/tumblr');
});
/**
* Error Handler.
*/
app.use(errorHandler());
/**
* Start Express server.
*/
app.listen(app.get('port'), function() {
console.log('Express server listening on port %d in %s mode', app.get('port'), app.get('env'));
module.exports.controller = function (app) {
/**
* GET /api*
* *ALL* api routes must be authenticated first
*/
app.all('/api*', passportConf.isAuthenticated);
/**
* GET /api
* List of API examples.
*/
app.get('/api', function (req, res) {
res.render('api/index', {
url: req.url
});
});
/**
* GET /api/react
* React examples
*/
app.get('/api/react', function (req, res) {
res.render('api/react', {
url: req.url
});
});
/**
* GET /creditcard
* Credit Card Form Example.
*/
app.get('/api/creditcard', function (req, res) {
res.render('api/creditcard', {
url: req.url
});
});
/**
* GET /api/lastfm
* Last.fm API example.
*/
app.get('/api/lastfm', function (req, res, next) {
var lastfm = new LastFmNode(config.lastfm);
async.parallel({
artistInfo: function (done) {
lastfm.request('artist.getInfo', {
artist: 'Morcheeba',
handlers: {
success: function (data) {
done(null, data);
},
error: function (err) {
done(err);
}
}
});
},
artistTopAlbums: function (done) {
lastfm.request('artist.getTopAlbums', {
artist: 'Morcheeba',
handlers: {
success: function (data) {
var albums = [];
_.forEach(data.topalbums.album, function (album) {
albums.push(album.image.slice(-1)[0]['#text']);
});
done(null, albums.slice(0, 4));
},
error: function (err) {
done(err);
}
}
});
}
},
function (err, results) {
if (err) {
return next(err.message);
}
var artist = {
name: results.artistInfo.artist.name,
image: results.artistInfo.artist.image.slice(-1)[0]['#text'],
tags: results.artistInfo.artist.tags.tag,
bio: results.artistInfo.artist.bio.summary,
stats: results.artistInfo.artist.stats,
similar: results.artistInfo.artist.similar.artist,
topAlbums: results.artistTopAlbums
};
res.render('api/lastfm', {
artist: artist,
url: '/apiopen'
});
});
});
/**
* GET /api/nyt
* New York Times API example.
*/
app.get('/api/nyt', function (req, res, next) {
var query = querystring.stringify({ 'api-key': config.nyt.key, 'list-name': 'young-adult' });
var url = 'http://api.nytimes.com/svc/books/v2/lists?' + query;
request.get(url, function (error, request, body) {
if (request.statusCode === 403) {
return next(error('Missing or Invalid New York Times API Key'));
}
var bestsellers = {};
// NYT occasionally sends bad data :(
try {
bestsellers = JSON.parse(body);
}
catch (err) {
bestsellers.results = '';
req.flash('error', { msg: err.message });
}
res.render('api/nyt', {
url: '/apiopen',
books: bestsellers.results
});
});
});
/**
* GET /api/paypal
* PayPal SDK example.
*/
app.get('/api/paypal', function (req, res, next) {
paypal.configure(config.paypal);
var payment_details = {
intent: 'sale',
payer: {
payment_method: 'paypal'
},
redirect_urls: {
return_url: config.paypal.returnUrl,
cancel_url: config.paypal.cancelUrl
},
transactions: [
{
description: 'ITEM: Something Awesome!',
amount: {
currency: 'USD',
total: '2.99'
}
}
]
};
paypal.payment.create(payment_details, function (error, payment) {
if (error) {
// TODO FIXME
console.log(error);
} else {
req.session.payment_id = payment.id;
var links = payment.links;
for (var i = 0; i < links.length; i++) {
if (links[i].rel === 'approval_url') {
res.render('api/paypal', {
url: '/apilocked',
approval_url: links[i].href
});
}
}
}
});
});
/**
* GET /api/paypal/success
* PayPal SDK example.
*/
app.get('/api/paypal/success', function (req, res, next) {
var payment_id = req.session.payment_id;
var payment_details = { payer_id: req.query.PayerID };
paypal.payment.execute(payment_id, payment_details, function (error, payment) {
if (error) {
res.render('api/paypal', {
url: req.url,
result: true,
success: false
});
} else {
res.render('api/paypal', {
url: '/apilocked',
result: true,
success: true
});
}
});
});
/**
* GET /api/paypal/cancel
* PayPal SDK example.
*/
app.get('/api/paypal/cancel', function (req, res, next) {
req.session.payment_id = null;
res.render('api/paypal', {
url: '/apilocked',
result: true,
canceled: true
});
});
/**
* GET /api/scraping
* Web scraping example using Cheerio library.
*/
app.get('/api/scraping', function (req, res, next) {
request.get({ url: 'https://news.ycombinator.com/', timeout: 3000 }, function (err, response, body) {
if (!err && response.statusCode === 200) {
var $ = cheerio.load(body);
// Get Articles
var links = [];
$('.title a[href^="http"], .title a[href^="https"], .title a[href^="item"]').each(function () {
if ($(this).text() !== 'scribd') {
if ($(this).text() !== 'Bugs') {
links.push($(this));
}
}
});
// Get Comments
var comments = [];
$('.subtext a[href^="item"]').each(function () {
comments.push('<a href="https://news.ycombinator.com/' + $(this).attr('href') + '">' + $(this).text() + '</a>');
});
// Render Page
res.render('api/scraping', {
url: '/apiopen',
links: links,
comments: comments
});
} else {
req.flash('error', { msg: 'Sorry, something went wrong! MSG: ' + err.message });
return res.redirect('back');
}
});
});
/**
* GET /api/socrata
* Web scraping example using Cheerio library.
*/
app.get('/api/socrata', function (req, res, next) {
// Get the socrata open data as JSON
// http://dev.socrata.com/docs/queries.html
request.get({ url: 'http://controllerdata.lacity.org/resource/qjfm-3srk.json?$order=q4_earnings DESC&$where=year = 2014&$limit=20', timeout: 5000 }, function (err, response, body) {
if (!err && response.statusCode === 200) {
// Parse the data
var payroll = JSON.parse(body);
// Render the page
res.render('api/socrata', {
url: '/apiopen',
data: payroll
});
} else {
req.flash('error', { msg: 'Sorry, something went wrong! MSG: ' + err.message });
return res.redirect('back');
}
});
});
/**
* GET /api/stripe
* Stripe API example.
*/
app.get('/api/stripe', function (req, res, next) {
res.render('api/stripe', {
title: 'Stripe API'
});
});
/**
* POST /api/stripe
* @param stipeToken
* @param stripeEmail
*/
app.post('/api/stripe', function (req, res, next) {
var stripeToken = req.body.stripeToken;
var stripeEmail = req.body.stripeEmail;
stripe.charges.create({
amount: 395,
currency: 'usd',
card: stripeToken,
description: stripeEmail
}, function (err, charge) {
if (err && err.type === 'StripeCardError') {
req.flash('error', { msg: 'Your card has been declined.' });
res.redirect('/api/stripe');
}
req.flash('success', { msg: 'Your card has been charged successfully.' });
res.redirect('/api/stripe');
});
});
/**
* GET /api/twilio
* Twilio API example.
*/
app.get('/api/twilio', function (req, res, next) {
res.render('api/twilio', {
url: '/apiopen'
});
});
/**
* POST /api/twilio
* Twilio API example.
* @param telephone
*/
app.post('/api/twilio', function (req, res, next) {
var message = {
to: req.body.telephone,
from: config.twilio.phone,
body: 'Hello from ' + app.locals.application + '. We are happy you are testing our code!'
};
twilio.sendMessage(message, function (err, responseData) {
if (err) {
return next(err);
}
req.flash('success', { msg: 'Text sent to ' + responseData.to + '.' });
res.redirect('/api/twilio');
});
});
/**
* GET /api/foursquare
* Foursquare API example.
*/
app.get('/api/foursquare', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res, next) {
var token = _.find(req.user.tokens, { kind: 'foursquare' });
async.parallel({
trendingVenues: function (callback) {
foursquare.Venues.getTrending('40.7222756', '-74.0022724', { limit: 50 }, token.accessToken, function (err, results) {
callback(err, results);
});
},
venueDetail: function (callback) {
foursquare.Venues.getVenue('49da74aef964a5208b5e1fe3', token.accessToken, function (err, results) {
callback(err, results);
});
},
userCheckins: function (callback) {
foursquare.Users.getCheckins('self', null, token.accessToken, function (err, results) {
callback(err, results);
});
}
},
function (err, results) {
if (err) {
return next(err);
}
res.render('api/foursquare', {
url: '/apilocked',
trendingVenues: results.trendingVenues,
venueDetail: results.venueDetail,
userCheckins: results.userCheckins
});
});
});
/**
* GET /api/tumblr
* Tumblr API example.
*/
app.get('/api/tumblr', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res) {
var token = _.find(req.user.tokens, { kind: 'tumblr' });
var client = tumblr.createClient({
consumer_key: config.tumblr.key,
consumer_secret: config.tumblr.secret,
token: token.token,
token_secret: token.tokenSecret
});
client.posts('danielmoyerdesign.tumblr.com', { type: 'photo' }, function (err, data) {
res.render('api/tumblr', {
url: '/apilocked',
blog: data.blog,
photoset: data.posts[0].photos
});
});
});
/**
* GET /api/facebook
* Facebook API example.
*/
app.get('/api/facebook', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res, next) {
var token = _.find(req.user.tokens, { kind: 'facebook' });
graph.setAccessToken(token.accessToken);
async.parallel({
getMe: function (done) {
graph.get(req.user.facebook, function (err, me) {
done(err, me);
});
},
getMyFriends: function (done) {
graph.get(req.user.facebook + '/friends', function (err, friends) {
debug('Friends: ' + JSON.stringify(friends));
done(err, friends);
});
}
},
function (err, results) {
if (err) {
return next(err);
}
res.render('api/facebook', {
url: '/apilocked',
me: results.getMe,
friends: results.getMyFriends
});
});
});
/**
* GET /api/github
* GitHub API Example.
*/
app.get('/api/github', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res) {
var token = _.find(req.user.tokens, { kind: 'github' });
var github = new Github({ token: token.accessToken });
var repo = github.getRepo('dstroot', 'skeleton');
repo.show(function (err, repo) {
res.render('api/github', {
url: '/apilocked',
repo: repo
});
});
});
/**
* GET /api/twitter
* Twitter API example.
* https://dev.twitter.com/rest/reference/get/search/tweets
*/
app.get('/api/twitter', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res, next) {
var token = _.find(req.user.tokens, { kind: 'twitter' });
var params = { q: 'iPhone 6', since_id: 24012619984051000, count: 10, result_type: 'popular' };
var T = new Twit({
consumer_key: config.twitter.consumerKey,
consumer_secret: config.twitter.consumerSecret,
access_token: token.token,
access_token_secret: token.tokenSecret
});
T.get('search/tweets', params, function (err, data, response) {
if (err) {
return next(err);
}
res.render('api/twitter', {
url: '/apilocked',
tweets: data.statuses
});
});
});
/**
* POST /api/twitter
* Post a tweet.
*/
app.post('/api/twitter', passportConf.isAuthenticated, passportConf.isAuthorized, function (req, res, next) {
req.assert('tweet', 'Tweet cannot be empty.').notEmpty();
var errors = req.validationErrors();
if (errors) {
req.flash('errors', errors);
return res.redirect('/api/twitter');
}
var token = _.find(req.user.tokens, { kind: 'twitter' });
var T = new Twit({
consumer_key: config.twitter.consumerKey,
consumer_secret: config.twitter.consumerSecret,
access_token: token.token,
access_token_secret: token.tokenSecret
});
T.post('statuses/update', { status: req.body.tweet }, function (err, data, response) {
if (err) {
return next(err);
}
req.flash('success', { msg: 'Tweet has been posted.' });
res.redirect('/api/twitter');
});
});
/**
* OAuth routes for API examples that require authorization.
*/
app.get('/auth/foursquare', passport.authorize('foursquare'));
app.get('/auth/foursquare/callback', passport.authorize('foursquare', { failureRedirect: '/api' }), function (req, res) {
res.redirect('/api/foursquare');
});
app.get('/auth/tumblr', passport.authorize('tumblr'));
app.get('/auth/tumblr/callback', passport.authorize('tumblr', { failureRedirect: '/api' }), function (req, res) {
res.redirect('/api/tumblr');
});
};
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/linkedin', passport.authenticate('linkedin', { state: 'SOME STATE' }));
app.get('/auth/linkedin/callback', passport.authenticate('linkedin', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/**
* OAuth authorization routes. (API examples)
*/
app.get('/auth/foursquare', passport.authorize('foursquare'));
app.get('/auth/foursquare/callback', passport.authorize('foursquare', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/foursquare');
});
app.get('/auth/tumblr', passport.authorize('tumblr'));
app.get('/auth/tumblr/callback', passport.authorize('tumblr', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/tumblr');
});
app.get('/auth/venmo', passport.authorize('venmo', { scope: 'make_payments access_profile access_balance access_email access_phone' }));
app.get('/auth/venmo/callback', passport.authorize('venmo', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/venmo');
});
app.get('/auth/steam', passport.authorize('openid', { state: 'SOME STATE' }));
app.get('/auth/steam/callback', passport.authorize('openid', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/* Authenticate a user based on the credentials returned,
* whether those are provided by 'local' user/password
* logins or by OAuth authentication + REST profile from
* remote server.
*/
function authenticate (req, res, strategy, json) {
if (req.user && json) req.logout();
if (req.user) {
passport.authorize(strategy, function (err, user, info)
{
if (json) {
res.send(userUtils.cleanUser(req.user, req.user.id));
} else {
if (info && info.message) req.flash('message', info.message);
res.redirect('/profile/edit');
}
return;
})(req, res, function (err) {
if (err) {
sails.log.error('Authentication Error:', err);
return res.send(500, { message: "An internal error occurred while trying to authenticate. Please try again later.", error: err });
}
});
} else {
passport.authenticate(strategy, function (err, user, info) {
if ((err) || (!user))
{
var message = '';
if (info && info.message) {
message = info.message;
}
// if local strategy, don't show user what actually happened for security purposes
sails.log.debug('Authentication Error:', err, info);
if (json === true) {
res.send(403, {
error: err,
message: message
});
} else {
res.redirect('/auth');
}
return;
}
// process additional registration information if available
if (strategy === 'register') {
}
req.logIn(user, function (err)
{
if (err)
{
sails.log.debug('Authentication Error:', err, info);
if (json === true) {
res.send(403, {
error: err,
message: info.message
});
} else {
res.redirect('/');
}
return;
}
if (json === true) {
res.send(userUtils.cleanUser(user, user.id));
}
else {
res.redirect(req.session.logged_in_path || sails.config.ui.home.logged_in_path);
delete req.session.logged_in_path;
}
return;
});
})(req, res, function (err) {
if (err) {
sails.log.error('Authentication Error:', err);
return res.send(500, { message: "An internal error occurred while trying to authenticate. Please try again later.", error: err });
}
});
}
}
var User = require('../../models/User');
var facebook = require('./strategies/facebook');
passport.serializeUser(function(user, callback) {
callback(null, user.id);
});
passport.deserializeUser(function(id, callback) {
User.findById(id, function(err, user) {
callback(err, user);
});
});
passport.use('facebook', facebook.strategy);
module.exports = {
facebook: {
signin: passport.authenticate('facebook'),
callback: passport.authenticate('facebook', {
successRedirect: '/',
failureRedirect: '/'
}),
// these two are not used right now!
link: passport.authorize('facebook'),
linkCallback: passport.authorize('facebook', {
successRedirect: '/',
failureRedirect: '/'
})
}
};
const source_redirect_url = get_callback_url('github');
passport.use('github-source', new GithubStrategy({
clientID: secrets.get('GITHUB_CLIENT_ID'),
clientSecret: secrets.get('GITHUB_CLIENT_SECRET'),
callbackURL: source_redirect_url,
passReqToCallback: true,
}, save_source));
router.get(
'/',
ensured_logged_in,
passport.authorize('github-source', {
scope: GITHUB_SCOPES,
})
);
router.get(
'/callback',
ensured_logged_in,
passport.authorize('github-source', {
failureRedirect: get_static_url(),
}),
send_home_redirects
);
router.get(
function authorize(provider, options, middleware) {
var passport = require('passport');
return passport.authorize(provider, options, middleware);
}
PassportConfigurator.prototype.configureProvider = function(name, options) {
var self = this;
options = options || {};
var link = options.link;
var AuthStrategy = require(options.module)[options.strategy || 'Strategy'];
if (!AuthStrategy) {
AuthStrategy = require(options.module);
}
var authScheme = options.authScheme;
if (!authScheme) {
// Guess the authentication scheme
if (options.consumerKey) {
authScheme = 'oAuth1';
} else if (options.realm) {
authScheme = 'OpenID';
} else if (options.clientID) {
authScheme = 'oAuth 2.0';
} else if (options.usernameField) {
authScheme = 'local';
} else {
authScheme = 'local';
}
}
var provider = options.provider || name;
var clientID = options.clientID;
var clientSecret = options.clientSecret;
var callbackURL = options.callbackURL;
var authPath = options.authPath || ((link ? '/link/' : '/auth/') + name);
var callbackPath = options.callbackPath || ((link ? '/link/' : '/auth/') +
name + '/callback');
var callbackHTTPMethod = options.callbackHTTPMethod !== 'post' ? 'get' : 'post';
// remember returnTo position, set by ensureLoggedIn
var successRedirect = function(req, accessToken) {
if (!!req && req.session && req.session.returnTo) {
var returnTo = req.session.returnTo;
delete req.session.returnTo;
return appendAccessToken(returnTo, accessToken);
}
return appendAccessToken(options.successRedirect, accessToken) ||
(link ? '/link/account' : '/auth/account');
};
var appendAccessToken = function(url, accessToken) {
if (!accessToken) {
return url;
}
return url + '?access-token=' + accessToken.id + '&user-id=' + accessToken.userId;
};
var failureRedirect = options.failureRedirect ||
(link ? '/link.html' : '/login.html');
var scope = options.scope;
var authType = authScheme.toLowerCase();
var session = !!options.session;
var loginCallback = options.loginCallback || function(req, done) {
return function(err, user, identity, token) {
var authInfo = {
identity: identity,
};
if (token) {
authInfo.accessToken = token;
}
done(err, user, authInfo);
};
};
var strategy;
switch (authType) {
case 'ldap':
strategy = new AuthStrategy(_.defaults({
usernameField: options.usernameField || 'username',
passwordField: options.passwordField || 'password',
session: options.session, authInfo: true,
passReqToCallback: true,
}, options),
function(req, user, done) {
if (user) {
var profile = self.buildUserLdapProfile(user, options);
var OptionsForCreation = _.defaults({
autoLogin: true,
}, options);
self.userIdentityModel.login(provider, authScheme, profile, {},
OptionsForCreation, loginCallback(req, done));
} else {
done(null);
}
}
);
break;
case 'local':
strategy = new AuthStrategy(_.defaults({
usernameField: options.usernameField || 'username',
passwordField: options.passwordField || 'password',
session: options.session, authInfo: true,
}, options),
function(username, password, done) {
var query = {
where: {
or: [
{username: username},
{email: username},
],
},
};
self.userModel.findOne(query, function(err, user) {
if (err)
return done(err);
var errorMsg = g.f('Invalid username/password or email has not been verified');
if (user) {
var u = user.toJSON();
delete u.password;
var userProfile = {
provider: 'local',
id: u.id,
username: u.username,
emails: [
{
value: u.email,
},
],
status: u.status,
accessToken: null,
};
// If we need a token as well, authenticate using Loopbacks
// own login system, else defer to a simple password check
// will grab user info from providers.json file. Right now
// this only can use email and username, which are the 2 most common
var login = function(creds) {
self.userModel.login(creds,
function(err, accessToken) {
if (err) {
return err.code === 'LOGIN_FAILED' ?
done(null, false, {message: g.f('Failed to create token.')}) :
done(err);
}
if (accessToken && user.emailVerified) {
userProfile.accessToken = accessToken;
done(null, userProfile, {accessToken: accessToken});
} else {
done(null, false, {message: g.f('Failed to create token.')});
}
});
};
if (options.setAccessToken) {
switch (options.usernameField) {
case 'email':
login({email: username, password: password});
break;
case 'username':
login({username: username, password: password});
break;
}
} else {
return user.hasPassword(password, function(err, ok) {
// Fail to login if email is not verified or invalid username/password.
// Unify error message in order not to give indication about the error source for
// security purposes.
if (ok && user.emailVerified)
return done(null, userProfile);
done(null, false, {message: errorMsg});
});
}
} else {
done(null, false, {message: errorMsg});
}
});
}
);
break;
case 'oauth':
case 'oauth1':
case 'oauth 1.0':
strategy = new AuthStrategy(_.defaults({
consumerKey: options.consumerKey,
consumerSecret: options.consumerSecret,
callbackURL: callbackURL,
passReqToCallback: true,
}, options),
function(req, token, tokenSecret, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(
req.user.id, provider, authScheme, profile,
{token: token, tokenSecret: tokenSecret}, options, done);
} else {
done(g.f('No user is logged in'));
}
} else {
self.userIdentityModel.login(provider, authScheme, profile,
{
token: token,
tokenSecret: tokenSecret,
}, options, loginCallback(req, done));
}
}
);
break;
case 'openid':
strategy = new AuthStrategy(_.defaults({
returnURL: options.returnURL,
realm: options.realm,
callbackURL: callbackURL,
passReqToCallback: true,
}, options),
function(req, identifier, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(
req.user.id, provider, authScheme, profile,
{identifier: identifier}, options, done);
} else {
done(g.f('No user is logged in'));
}
} else {
self.userIdentityModel.login(provider, authScheme, profile,
{identifier: identifier}, options, loginCallback(req, done));
}
}
);
break;
case 'openid connect':
strategy = new AuthStrategy(_.defaults({
clientID: clientID,
clientSecret: clientSecret,
callbackURL: callbackURL,
passReqToCallback: true,
}, options),
// https://github.com/jaredhanson/passport-openidconnect/blob/master/lib/strategy.js#L220-L244
function(req, iss, sub, profile, jwtClaims, accessToken, refreshToken,
params, done) {
// Azure openid connect profile returns oid
profile.id = profile.id || profile.oid;
if (link) {
if (req.user) {
self.userCredentialModel.link(
req.user.id, provider, authScheme, profile,
{
accessToken: accessToken,
refreshToken: refreshToken,
}, options, done);
} else {
done(g.f('No user is logged in'));
}
} else {
self.userIdentityModel.login(provider, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken},
options, loginCallback(req, done));
}
}
);
break;
case 'saml':
strategy = new AuthStrategy(_.defaults({
callbackUrl: callbackURL,
cert: options.certPath ? fs.readFileSync(options.certPath, 'utf-8') : options.cert,
privateCert: options.privateCertPath ?
fs.readFileSync(options.privateCertPath, 'utf-8') : options.privateCert,
decryptionPvk: options.decryptionPvkPath ?
fs.readFileSync(options.decryptionPvkPath, 'utf-8') : options.decryptionPvk,
passReqToCallback: true,
}, options),
function(req, profile, done) {
// Azure saml profile returns http://schemas.microsoft.com/identity/claims/objectidentifier
profile.id = profile.id || profile['http://schemas.microsoft.com/identity/claims/objectidentifier'];
if (link) {
if (req.user) {
self.userCredentialModel.link(req.user.id, name, authScheme,
profile, {}, options, done);
} else {
done('No user is logged in');
}
} else {
self.userIdentityModel.login(name, authScheme, profile, {},
options, loginCallback(req, done));
}
}
);
break;
default:
strategy = new AuthStrategy(_.defaults({
clientID: clientID,
clientSecret: clientSecret,
callbackURL: callbackURL,
passReqToCallback: true,
}, options),
function(req, accessToken, refreshToken, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(
req.user.id, provider, authScheme, profile,
{
accessToken: accessToken,
refreshToken: refreshToken,
}, options, done);
} else {
done(g.f('No user is logged in'));
}
} else {
self.userIdentityModel.login(provider, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken},
options, loginCallback(req, done));
}
}
);
}
passport.use(name, strategy);
var defaultCallback = function(req, res, next) {
// The default callback
passport.authenticate(name, _.defaults({session: session},
options.authOptions), function(err, user, info) {
if (err) {
return next(err);
}
if (!user) {
if (!!options.json) {
return res.status(401).json(g.f('authentication error'));
}
if (options.failureQueryString && info) {
return res.redirect(appendErrorToQueryString(failureRedirect, info));
}
return res.redirect(failureRedirect);
}
if (session) {
req.logIn(user, function(err) {
if (err) {
return next(err);
}
if (info && info.accessToken) {
if (!!options.json) {
return res.json({
'access_token': info.accessToken.id,
userId: user.id,
});
} else {
res.cookie('access_token', info.accessToken.id,
{
signed: req.signedCookies ? true : false,
// maxAge is in ms
maxAge: 1000 * info.accessToken.ttl,
domain: (options.domain) ? options.domain : null,
});
res.cookie('userId', user.id.toString(), {
signed: req.signedCookies ? true : false,
maxAge: 1000 * info.accessToken.ttl,
domain: (options.domain) ? options.domain : null,
});
}
}
return res.redirect(successRedirect(req));
});
} else {
if (info && info.accessToken) {
if (!!options.json) {
return res.json({
'access_token': info.accessToken.id,
userId: user.id,
});
} else {
res.cookie('access_token', info.accessToken.id, {
signed: req.signedCookies ? true : false,
maxAge: 1000 * info.accessToken.ttl,
});
res.cookie('userId', user.id.toString(), {
signed: req.signedCookies ? true : false,
maxAge: 1000 * info.accessToken.ttl,
});
}
}
return res.redirect(successRedirect(req, info.accessToken));
}
})(req, res, next);
};
/*!
* Setup the authentication request URLs.
*/
if (authType === 'local') {
self.app.post(authPath, passport.authenticate(
name, options.fn || _.defaults({
successReturnToOrRedirect: options.successReturnToOrRedirect,
successRedirect: options.successRedirect,
failureRedirect: options.failureRedirect,
successFlash: options.successFlash,
failureFlash: options.failureFlash,
scope: scope, session: session,
}, options.authOptions)));
} else if (authType === 'ldap') {
var ldapCallback = options.customCallback || defaultCallback;
self.app.post(authPath, ldapCallback);
} else if (link) {
self.app.get(authPath, passport.authorize(name, _.defaults({
scope: scope,
session: session,
}, options.authOptions)));
} else {
self.app.get(authPath, passport.authenticate(name, _.defaults({
scope: scope,
session: session,
}, options.authOptions)));
}
/*!
* Setup the authentication callback URLs.
*/
if (link) {
self.app[callbackHTTPMethod](callbackPath, passport.authorize(name, _.defaults({
session: session,
// successReturnToOrRedirect: successRedirect,
successRedirect: successRedirect(),
failureRedirect: failureRedirect,
}, options.authOptions)),
// passport.authorize doesn't handle redirect
function(req, res, next) {
res.redirect(successRedirect(req));
}, function(err, req, res, next) {
if (options.failureFlash) {
if (typeof req.flash !== 'function') {
next(new TypeError(g.f('{{req.flash}} is not a function')));
}
var flash = options.failureFlash;
if (typeof flash === 'string') {
flash = {type: 'error', message: flash};
}
var type = flash.type || 'error';
var msg = flash.message || err.message;
if (typeof msg === 'string') {
req.flash(type, msg);
}
}
if (options.failureQueryString) {
return res.redirect(appendErrorToQueryString(failureRedirect, err));
}
res.redirect(failureRedirect);
});
} else {
var customCallback = options.customCallback || defaultCallback;
// Register the path and the callback.
self.app[callbackHTTPMethod](callbackPath, customCallback);
}
function appendErrorToQueryString(url, err) {
var hasQueryString = (url.indexOf('?') !== -1);
var separator = (hasQueryString) ? '&' : '?';
var fieldValuePair = 'error=' + encodeURIComponent(err);
var queryString = url + separator + fieldValuePair;
return queryString;
}
return strategy;
};
exports.expressConfigure = function (hook_name, args, cb) {
var app = args.app;
app.set('trust proxy', 1) // trust first proxy
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: { secure: true }
}));
app.use(bodyParser.json()); // to support JSON-encoded bodies
app.use(bodyParser.urlencoded({ // to support URL-encoded bodies
extended: true
}));
app.use(json()); // to support JSON-encoded bodies
app.use(passport.initialize());
app.use(passport.session());
app.get('/auth/dataporten', passport.authorize('dataporten'));
app.get('/dataporten/callback', passport.authorize('dataporten', { failureRedirect: '/login' }),
function(req, res) {
req.session.user = req.account;
res.redirect("/");
});
app.use('/logout', function(req, res) {
req.session.destroy();
res.redirect("https://auth.dataporten.no/logout");
});
app.use('/p/', function(req, res, next) {
var maxAge = 3600*24*365;
var until = (new Date).getTime() + (maxAge);
console.log("Middleware to do session handling");
if (!req.cookies['sessionID']) {
console.log("Session cookie is not set, obtaining new session.");
EAPI.getSession(req.session.user, function(data) {
var sessionID = data.join(',');
console.log("Setting session ID ", sessionID);
res.cookie('sessionID', sessionID, { "maxAge": maxAge, "httpOnly": false });
next();
});
} else {
console.log("Session cookie is set");
next();
}
});
app.use('/p/', function(req, res, next) {
next();
});
app.get('/dashboard-api/setupSession', function(req, res, next) {
var maxAge = 3600*24*365;
var until = (new Date).getTime() + (maxAge);
var body = "Creating session\n\n";
EAPI.getSession(req.session.user, function(data) {
var sessionID = data.join(',');
body += 'Setting session identifier in sessionID Cookie: ' + sessionID + "\n";
res.cookie('sessionID', sessionID, { "maxAge": maxAge, "httpOnly": false });
res.writeHead(200, {"Content-Type": "text/plain; charset=utf-8"});
res.end(body);
});
});
app.get('/dashboard-api/session', function(req, res, next) {
EAPI.getSession(req.session.user, function(data) {
var body = '';
body += "\n\nSession data: \n" + JSON.stringify(data, undefined, 2);
body += "\nGroups:\n" + JSON.stringify(req.session.user.groups, undefined, 2);
res.writeHead(200, {"Content-Type": "text/plain; charset=utf-8"});
res.end(body);
});
});
app.get('/dashboard-api/padshtml', function(req, res, next) {
EAPI.listPads(req.session.user, function(data) {
res.writeHead(200, {"Content-Type": "text/html; charset=utf-8"});
var body = '';
body += '<h2>List of pads</h2>';
body += '<ul>';
for(var i =0; i < data.length; i++) {
body += '<li><a target="_blank" href="/p/' + data[i].padID + '">' + data[i].padID + '</a>' +
'<pre>' + JSON.stringify(data[i], undefined, 2) + '</pre>' +
'</li>';
}
if (data.length === 0) {
body += '<li style="color: #ccc">No pads available</li>';
}
body += '</ul>';
res.end(body);
});
});
app.get('/dashboard-api/userinfo', function(req, res, next) {
res.writeHead(200, {"Content-Type": "application/json; charset=utf-8"});
res.end(JSON.stringify(req.session.user, undefined, 2));
});
app.get('/dashboard-api/pads', function(req, res, next) {
EAPI.listPads(req.session.user, function(data) {
res.writeHead(200, {"Content-Type": "application/json; charset=utf-8"});
res.end(JSON.stringify(data, undefined, 2));
});
});
app.post('/dashboard-api/pad/create', function(req, res, next) {
var newObject = req.body;
EAPI.createPad(newObject.name, newObject.groupid, function(data) {
res.writeHead(200, {"Content-Type": "application/json; charset=utf-8"});
res.end(JSON.stringify(data, undefined, 2));
});
});
app.get('/login', function(req, res, next) {
res.end("You need to authenticate first");
});
app.use('/', function (req, res, next) {
if(req.session.user && req.session.user.data.provider == "Dataporten") {
next();
} else {
res.redirect('/auth/dataporten');
}
});
app.use('/', exp.static(__dirname + '/webapp/'));
};
function authorize(req, res, next) {
if (req.user) return next();
req.flash("redirect", req.path);
return passport.authorize('local', { failureRedirect: '/forms/sign-in', failureFlash: "Sign in required." })(req, res, next);
}
module.exports = function(app, db) {
var User = db.model('user');
var GithubAccount = db.model('githubAccount');
var githubConfig = app.getValue('env').GITHUB;
var githubCredentials = {
clientID: githubConfig.clientID,
clientSecret: githubConfig.clientSecret,
callbackURL: githubConfig.callbackURL,
passReqToCallback: true
}
var verifyCallback = function(req, accessToken, refreshToken, profile, done) {
var user = req.user;
console.log('Access Token(prior): ', accessToken);
var updatedGithubAccount = {
username: profile.username,
profileUrl: profile.profileUrl,
accessToken: accessToken
};
if (!user) {
var err = new Error('You must be signed in to use the app!');
err.status = 401;
done(err);
} else {
GithubAccount.findOrCreate({
where: {
id: profile.id
},
defaults: updatedGithubAccount
})
.spread(function(githubAccount, created) {
if (!created) {
githubAccount.update(updatedGithubAccount);
}
User.findById(user.id)
.then(function(user) {
user.setGithubAccount(githubAccount)
.then(function(user) {
console.log("Access Token: ", accessToken);
done(null, githubAccount);
})
.catch(done);
})
.catch(done);
})
.catch(done);
}
};
passport.use(new GithubStrategy(githubCredentials, verifyCallback));
app.get('/auth/github', passport.authorize('github', { scope: [ 'user', 'repo' ] }));
app.get('/auth/github/callback', passport.authorize('github', {
successRedirect: '/connections',
failureRedirect: '/connections'
}));
app.get('/unlink/github', function(req, res, next) {
var member = req.user;
User.findById(member.id)
.then(function(member) {
member.setGithubAccount(null)
.then(function(member) {
res.redirect('/connections'); // NEED TO CHANGE
})
})
.catch(next);
});
}
router.get('/logout', function(req, res) {
req.logout();
res.redirect('/');
});
router.get('/auth/linkedin', passport.authenticate('linkedin'));
router.get('/auth/linkedin/callback',
passport.authenticate('linkedin', { failureRedirect: '/' }),
function(req, res) {
// res.json(req.user);
res.render('profile', { user : req.user });
});
router.get('/connect/linkedin', passport.authorize('linkedin'));
// handle the callback after twitter has authorized the user
router.get('/connect/linkedin/callback',
passport.authorize('linkedin', {failureRedirect : '/'}),
function(req, res) {
res.render('profile', { user : req.user });
}
);
router.get('/auth/facebook', passport.authenticate('facebook', { scope : 'email' }));
// handle the callback after facebook has authenticated the user
router.get('/auth/facebook/callback',
passport.authenticate('facebook', { failureRedirect : '/' }),
function(req, res) {
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
/* Routes */
// authentication
app.get("/login/success", passport.authenticate("dropbox"),
appCon.login);
app.get("/auth/facebook", passport.authorize("facebook", {
scope: "publish_stream",
failureRedirect: "/error"
}));
app.get("/auth/facebook/success", passport.authorize("facebook", {
failureRedirect: "/error"
}), appCon.fbUpload);
app.get("/logout", appCon.logout);
// app
app.get("/", appCon.index);
app.get("/home", appCon.auth, appCon.home);
app.get("/error", appCon.error);
app.get("/login", passport.authenticate("dropbox"));
app.get("/all", appCon.auth, photoCon.all);
app.get("/help", appCon.help);
/**
* OAuth authentication routes. (Sign in)
*/
app.get('/auth/facebook', passport.authenticate('facebook', { scope: ['email', 'user_location'] }));
app.get('/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
app.get('/auth/google', passport.authenticate('google', { scope: 'profile email' }));
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/**
* OAuth authorization routes. (API examples)
*/
app.get('/auth/venmo', passport.authorize('venmo', { scope: 'make_payments access_profile access_balance access_email access_phone' }));
app.get('/auth/venmo/callback', passport.authorize('venmo', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/venmo');
});
app.get('/auth/steam', passport.authorize('openid', { state: 'SOME STATE' }));
app.get('/auth/steam/callback', passport.authorize('openid', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/**
* Character select routes
*/
app.get('/charSelect', userController.getCharSelect)
app.post('/charSelect', userController.postCreateNewChar)
/**
});
};
});
app.get('/auth/google/paperwork/done', function(req,res) {
req.logIn(req.session.tmpuser,function(){
console.log('in paperwork/done, session:\n'+JSON.stringify(req.session,null,2));
res.render('paperwork-google-done', {user:req.user});
delete req.session.tmpuser;
});
});
// This route starts to link a new google account to a logged in user
app.get( '/auth/link/google'
, passport.authorize('google-link'
,{ scope: ['https://www.googleapis.com/auth/userinfo.profile'
,'https://www.googleapis.com/auth/userinfo.email']
})
);
app.get( '/auth/link/google/callback'
, passport.authorize('google-link', {failureRedirect:'/auth/failure'})
, function(req, res) { // if we got here then auth succeeded
req.user.google = req.account;
db.createOrUpdateUser(req.user, function(){
delete req.account;
res.redirect( '/auth/success' );
});
});
user.local.email = undefined;
user.local.password = undefined;
user.save(function(err) {
next();
});
}
},
facebook : {
login: passport.authenticate("facebook", { scope: "email" }),
callback: passport.authenticate("facebook", {
successRedirect : "/profile",
failureRedirect : "/"
}),
connect: passport.authorize("facebook", { scope: "email" }),
connectCallback: passport.authorize("facebook", {
successRedirect : "/profile",
failureRedirect : "/profile"
}),
disconnect : function(req, res, next) {
var user = req.user;
user.facebook.id = undefined;
user.facebook.email = undefined;
user.facebook.token = undefined;
user.save(function(err) {
next();
});
}
PassportConfigurator.prototype.configureProvider = function (name, options) {
var self = this;
options = options || {};
var link = options.link;
var AuthStrategy = require(options.module)[options.strategy || 'Strategy'];
var authScheme = options.authScheme;
if (!authScheme) {
// Guess the authentication scheme
if (options.consumerKey) {
authScheme = 'oAuth1';
} else if (options.realm) {
authScheme = 'OpenID';
} else if (options.clientID) {
authScheme = 'oAuth 2.0';
} else if (options.usernameField) {
authScheme = 'local';
} else {
authScheme = 'local';
}
}
var clientID = options.clientID;
var clientSecret = options.clientSecret;
var callbackURL = options.callbackURL;
var authPath = options.authPath || ((link ? '/link/' : '/auth/') + name);
var callbackPath = options.callbackPath || ((link ? '/link/' : '/auth/') + name + '/callback');
var successRedirect = options.successRedirect || (link ? '/link/account' : '/auth/account');
var failureRedirect = options.failureRedirect || (link ? '/link.html' : '/login.html');
var scope = options.scope;
var authType = authScheme.toLowerCase();
var session = !!options.session;
function loginCallback(req, done) {
return function (err, user, identity, token) {
var authInfo = {
identity: identity
};
if (token) {
authInfo.accessToken = token;
}
done(err, user, authInfo);
};
}
switch (authType) {
case 'local':
passport.use(name, new AuthStrategy(_.defaults({
usernameField: options.usernameField || 'username',
passwordField: options.passwordField || 'password',
session: options.session
}, options),
function (username, password, done) {
var query = {where: {or: [
{username: username},
{email: username}
]}};
self.userModel.findOne(query, function (err, user) {
if (err) {
return done(err);
}
if (user) {
user.hasPassword(password, function (err, ok) {
if (ok) {
var u = user.toJSON();
delete u.password;
var userProfile = {
provider: 'local',
id: u.id,
username: u.username,
emails: [
{
value: u.email
}
],
status: u.status
};
done(null, userProfile);
} else {
return done(null, false, { message: 'Incorrect password.' });
}
});
} else {
return done(null, false, { message: 'Incorrect username.' });
}
});
}
));
break;
case 'oauth':
case 'oauth1':
case 'oauth 1.0':
passport.use(name, new AuthStrategy(_.defaults({
consumerKey: options.consumerKey,
consumerSecret: options.consumerSecret,
callbackURL: callbackURL,
passReqToCallback: true
}, options),
function (req, token, tokenSecret, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(req.user.id, name, authScheme, profile,
{token: token, tokenSecret: tokenSecret}, options, done);
} else {
done('No user is logged in');
}
} else {
self.userIdentityModel.login(name, authScheme, profile,
{token: token, tokenSecret: tokenSecret}, options, loginCallback(req, done));
}
}
));
break;
case 'openid':
passport.use(name, new AuthStrategy(_.defaults({
returnURL: options.returnURL,
realm: options.realm,
callbackURL: callbackURL,
passReqToCallback: true
}, options),
function (req, identifier, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(req.user.id, name, authScheme, profile,
{identifier: identifier}, options, done);
} else {
done('No user is logged in');
}
} else {
self.userIdentityModel.login(name, authScheme, profile,
{identifier: identifier}, options, loginCallback(req, done));
}
}
));
break;
case 'openid connect':
passport.use(name, new AuthStrategy(_.defaults({
clientID: clientID,
clientSecret: clientSecret,
callbackURL: callbackURL,
passReqToCallback: true
}, options),
function (req, accessToken, refreshToken, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(req.user.id, name, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken}, options, done);
} else {
done('No user is logged in');
}
} else {
self.userIdentityModel.login(name, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken},
options, loginCallback(req, done));
}
}
));
break;
default:
passport.use(name, new AuthStrategy(_.defaults({
clientID: clientID,
clientSecret: clientSecret,
callbackURL: callbackURL,
passReqToCallback: true
}, options),
function (req, accessToken, refreshToken, profile, done) {
if (link) {
if (req.user) {
self.userCredentialModel.link(req.user.id, name, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken}, options, done);
} else {
done('No user is logged in');
}
} else {
self.userIdentityModel.login(name, authScheme, profile,
{accessToken: accessToken, refreshToken: refreshToken},
options, loginCallback(req, done));
}
}
));
}
/*
* Redirect the user to Facebook for authentication. When complete,
* Facebook will redirect the user back to the application at
* /auth/facebook/callback with the authorization code
*/
if (authType === 'local') {
self.app.post(authPath, passport.authenticate(name, options.fn || _.defaults({
successReturnToOrRedirect: options.successReturnToOrRedirect,
successRedirect: options.successRedirect,
failureRedirect: options.failureRedirect,
successFlash: options.successFlash,
failureFlash: options.failureFlash,
scope: scope, session: session
}, options.authOptions)));
} else if (link) {
self.app.get(authPath, passport.authorize(name, _.defaults({scope: scope, session: session}, options.authOptions)));
} else {
self.app.get(authPath, passport.authenticate(name, _.defaults({scope: scope, session: session}, options.authOptions)));
}
/*
* Facebook will redirect the user to this URL after approval. Finish the
* authentication process by attempting to obtain an access token using the
* authorization code. If access was granted, the user will be logged in.
* Otherwise, authentication has failed.
*/
if (link) {
self.app.get(callbackPath, passport.authorize(name, _.defaults({
session: session,
// successReturnToOrRedirect: successRedirect,
successRedirect: successRedirect,
failureRedirect: failureRedirect }, options.authOptions)),
// passport.authorize doesn't handle redirect
function (req, res, next) {
res.redirect(successRedirect);
}, function (err, req, res, next) {
res.redirect(failureRedirect);
});
} else {
var customCallback = options.customCallback || function (req, res, next) {
// The default callback
passport.authenticate(name, _.defaults({session: session}, options.authOptions), function (err, user, info) {
if (err) {
return next(err);
}
if (!user) {
return res.redirect(failureRedirect);
}
if (session) {
req.logIn(user, function (err) {
if (err) {
return next(err);
}
if (info && info.accessToken) {
if (!!options.json) {
return res.json({'access_token': info.accessToken.id, userId: user.id});
} else {
res.cookie('access_token', info.accessToken.id, { signed: req.signedCookies ? true : false,
maxAge: info.accessToken.ttl });
res.cookie('userId', user.id.toString(), { signed: req.signedCookies ? true : false,
maxAge: info.accessToken.ttl });
}
}
return res.redirect(successRedirect);
});
} else {
if (info && info.accessToken) {
if (!!options.json) {
return res.json({'access_token': info.accessToken.id, userId: user.id});
} else {
res.cookie('access_token', info.accessToken.id, { signed: req.signedCookies ? true : false,
maxAge: info.accessToken.ttl });
res.cookie('userId', user.id.toString(), { signed: req.signedCookies ? true : false,
maxAge: info.accessToken.ttl });
}
}
return res.redirect(successRedirect);
}
})(req, res, next);
};
// Register the path and the callback.
self.app.get(callbackPath, customCallback);
}
};
app.post('/api/bitgo', apiController.postBitGo);
app.get('/api/upload', apiController.getFileUpload);
app.post('/api/upload', upload.single('myFile'), apiController.postFileUpload);
/**
* OAuth authentication routes. (Sign in)
*/
app.get('/auth/google', passport.authenticate('google', { scope: 'profile email' }));
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
res.redirect(req.session.returnTo || '/');
});
/**
* OAuth authorization routes. (API examples)
*/
app.get('/auth/venmo', passport.authorize('venmo', { scope: 'make_payments access_profile access_balance access_email access_phone' }));
app.get('/auth/venmo/callback', passport.authorize('venmo', { failureRedirect: '/api' }), function(req, res) {
res.redirect('/api/venmo');
});
/**
* Error Handler.
*/
app.use(errorHandler());
/**
* Start Express server.
*/
app.listen(app.get('port'), function() {
console.log('Express server listening on port %d in %s mode', app.get('port'), app.get('env'));
});
function(req, res, next) {
passport.authorize('google-authz', function(err) {
logger.debug('google Passport error', err);
next();
})(req, res, next);
},