Merge 5218bea into 0b6b192

.travis.yml

@@ -1,6 +1,6 @@
 language: node_js
 node_js:
-  - 11.14
+- 11.14
 dist: xenial
 services:
   - postgresql

server/config/auth.js

@@ -14,7 +14,7 @@ const setUpPassport = () => {
       {
         clientID: env.GOOGLE_CLIENT_ID,
         clientSecret: env.GOOGLE_CLIENT_SECRET,
-        callbackURL: 'http://localhost:3000/api/auth/google/callback'
+        callbackURL: `${env.GOOGLE_CALLBACK}`
       },
       socialAuthCallback
     )
@@ -25,7 +25,7 @@ const setUpPassport = () => {
       {
         clientID: env.FACEBOOK_CLIENT_ID,
         clientSecret: env.FACEBOOK_CLIENT_SECRET,
-        callbackURL: 'http://localhost:3000/api/auth/facebook/callback',
+        callbackURL: `${env.FACEBOOK_CALLBACK}`,
         profileFields: ['id', 'name', 'displayName', 'email', 'photos']
       },
       socialAuthCallback
@@ -37,7 +37,7 @@ const setUpPassport = () => {
       {
         consumerKey: env.TWITTER_CONSUMER_KEY,
         consumerSecret: env.TWITTER_CONSUMER_SECRET,
-        callbackURL: 'http://localhost:3000/api/auth/twitter/callback',
+        callbackURL: `${env.TWITTER_CALLBACK}`,
         userProfileURL:
           'https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true',
         includeEmail: true,

server/controllers/auth-controller.js

@@ -219,7 +219,8 @@ class UsersController {
    * @returns {undefined}
    */
   static changePassword(req, res) {
-    const token = req.headers.authorization || req.body.token;
+    const token =
+      req.headers.authorization || req.body.token || req.query.token;
     const { password } = req.body;
 
     try {

server/controllers/social-controller.js

@@ -1,8 +1,4 @@
-import {
-  generateToken,
-  successResponse,
-  errorResponse
-} from '../utils/helpers';
+import { generateToken, errorResponse } from '../utils/helpers';
 import db from '../models';
 
 const { User } = db;
@@ -26,16 +22,16 @@ const authUser = (req, res) => {
       socialProvider: userInfo.provider
     }
   }).then(([user]) => {
-    const {
-      dataValues: { email }
-    } = user;
+    const { id, email } = user;
     user.username = userInfo.displayName;
     user.image = userInfo.photos[0].value;
     user.email = userInfo.emails[0].value;
     user.socialProvider = userInfo.provider;
-    const verificationToken = generateToken({ email }, '1d');
+    const verificationToken = generateToken({ id, email }, '1d');
     user.token = verificationToken;
-    return successResponse(res, user.dataValues, 200);
+    return res.redirect(
+      `${process.env.UI_CLIENT_HOST}/api/auth?token=${user.token}`
+    );
   });
 };
 

server/routes/social-routes.js

@@ -15,7 +15,6 @@ router.get(
   passport.authenticate('google', { scope: ['profile', 'email'] })
 );
 router.get('/google/callback', passport.authenticate('google'), authUser);
-
 router.get(
   '/login/twitter',
   passport.authenticate('twitter', {

test/fixtures.js

@@ -76,3 +76,9 @@ export const randomSocialUser = {
   emails: [{ value: faker.internet.email() }],
   photos: [{ value: faker.image.image() }]
 };
+
+export const userWithNoEmail = {
+  id: faker.random.number(),
+  displayName: faker.random.alphaNumeric(10),
+  photos: [{ value: faker.image.image() }]
+};

test/mockStrategy.js

@@ -10,12 +10,13 @@ class MockStrategy extends passport.Strategy {
   /**
    * @param {*} name
    * @param {*} callback
+   * @param {*} user
    */
-  constructor(name, callback) {
+  constructor(name, callback, user) {
     super(name, callback);
     this.name = name;
     this._cb = callback;
-    this._user = { ...randomSocialUser, provider: name };
+    this._user = { ...user, provider: name };
   }
 
   /**
@@ -29,8 +30,10 @@ class MockStrategy extends passport.Strategy {
   }
 }
 
-passport.use(new MockStrategy('google', socialAuthCallback));
-passport.use(new MockStrategy('facebook', socialAuthCallback));
-passport.use(new MockStrategy('twitter', socialAuthCallback));
+passport.use(new MockStrategy('google', socialAuthCallback, randomSocialUser));
+passport.use(
+  new MockStrategy('facebook', socialAuthCallback, randomSocialUser)
+);
+passport.use(new MockStrategy('twitter', socialAuthCallback, randomSocialUser));
 
 export { MockStrategy, randomSocialUser };

test/recipes.spec.js

@@ -72,7 +72,9 @@ describe('Recipes', () => {
         .end((err, res) => {
           const { body } = res;
           expect(res).to.have.status(400);
-          expect(body.errors.title).to.be.an('array');
+          expect(body.errors.title)
+            .to.be.an('array')
+            .to.contain('is required');
           done(err);
         });
     });

test/socialAuth.spec.js

@@ -1,50 +1,112 @@
 import chai, { expect } from 'chai';
 import chaiHttp from 'chai-http';
+import passport from 'passport';
 import server from '../server';
-import { randomSocialUser } from './mockStrategy';
+import { MockStrategy, randomSocialUser } from './mockStrategy';
+import { userWithNoEmail } from './fixtures';
+import { socialAuthCallback } from '../server/utils/helpers';
 
 chai.use(chaiHttp);
 
 describe('GET Social Authentication', () => {
   describe('GET Social Auth Callback', () => {
     it('should save a twitter user to database', done => {
-      chai
-        .request(server)
-        .get('/api/auth/twitter/callback')
+      const app = chai.request(server).keepOpen();
+      app
+        .get('/api/auth/twitter/callback', socialAuthCallback, randomSocialUser)
         .end((err, res) => {
-          expect(res).to.have.status(200);
-          expect(res.body.username).to.equal(randomSocialUser.displayName);
-          expect(res.body.email).to.equal(randomSocialUser.emails[0].value);
-          expect(res.body.image).to.equal(randomSocialUser.photos[0].value);
-          expect(res.body.socialProvider).to.equal('twitter');
-          done(err);
+          if (err) {
+            done(err);
+          } else {
+            expect(res.redirects.length).to.equal(1);
+            expect(res.redirects[0].includes('/api/auth?token=')).to.equal(
+              true
+            );
+            const token = res.redirects[0].split('token=')[1];
+            app
+              .get('/api/user')
+              .set('authorization', token)
+              .end((secondErr, secondRes) => {
+                const { user } = secondRes.body;
+                expect(user.username).to.equal(randomSocialUser.displayName);
+                expect(user.email).to.equal(randomSocialUser.emails[0].value);
+                expect(user.image).to.equal(randomSocialUser.photos[0].value);
+                expect(user.socialProvider).to.equal('twitter');
+                done(secondErr);
+              });
+          }
         });
     });
 
     it('should save a facebook user to database', done => {
-      chai
-        .request(server)
-        .get('/api/auth/facebook/callback')
+      const app = chai.request(server).keepOpen();
+      app
+        .get(
+          '/api/auth/facebook/callback',
+          socialAuthCallback,
+          randomSocialUser
+        )
         .end((err, res) => {
-          expect(res).to.have.status(200);
-          expect(res.body.username).to.equal(randomSocialUser.displayName);
-          expect(res.body.email).to.equal(randomSocialUser.emails[0].value);
-          expect(res.body.image).to.equal(randomSocialUser.photos[0].value);
-          expect(res.body.socialProvider).to.equal('facebook');
-          done(err);
+          if (err) {
+            done(err);
+          } else {
+            expect(res.redirects.length).to.equal(1);
+            expect(res.redirects[0].includes('/api/auth?token=')).to.equal(
+              true
+            );
+            const token = res.redirects[0].split('token=')[1];
+            app
+              .get('/api/user')
+              .set('authorization', token)
+              .end((secondErr, secondRes) => {
+                const { user } = secondRes.body;
+                expect(user.username).to.equal(randomSocialUser.displayName);
+                expect(user.email).to.equal(randomSocialUser.emails[0].value);
+                expect(user.image).to.equal(randomSocialUser.photos[0].value);
+                expect(user.provider).to.equal(randomSocialUser.socialProvider);
+                done(secondErr);
+              });
+          }
         });
     });
 
     it('should save a google user to database', done => {
+      const app = chai.request(server).keepOpen();
+      app
+        .get('/api/auth/google/callback', socialAuthCallback, randomSocialUser)
+        .end((err, res) => {
+          if (err) {
+            done(err);
+          } else {
+            expect(res.redirects.length).to.equal(1);
+            expect(res.redirects[0].includes('/api/auth?token=')).to.equal(
+              true
+            );
+            const token = res.redirects[0].split('token=')[1];
+            app
+              .get('/api/user')
+              .set({ authorization: token })
+              .end((secondErr, secondRes) => {
+                const { user } = secondRes.body;
+                expect(user.username).to.equal(randomSocialUser.displayName);
+                expect(user.email).to.equal(randomSocialUser.emails[0].value);
+                expect(user.image).to.equal(randomSocialUser.photos[0].value);
+                expect(user.provider).to.equal(randomSocialUser.socialProvider);
+                done(secondErr);
+              });
+          }
+        });
+    });
+
+    it('should return an error if no email is present', done => {
+      passport.use(
+        new MockStrategy('facebook', socialAuthCallback, userWithNoEmail)
+      );
       chai
         .request(server)
-        .get('/api/auth/google/callback')
+        .get('/api/auth/facebook/callback')
         .end((err, res) => {
-          expect(res).to.have.status(200);
-          expect(res.body.username).to.equal(randomSocialUser.displayName);
-          expect(res.body.email).to.equal(randomSocialUser.emails[0].value);
-          expect(res.body.image).to.equal(randomSocialUser.photos[0].value);
-          expect(res.body.socialProvider).to.equal('google');
+          expect(res.body.errors[0]).to.equal('No email found. Add email');
           done(err);
         });
     });