Add twitter authentication

api/.env.sample

@@ -0,0 +1,6 @@
+DATABASE_URL="postgres://postgres:password@localhost:5432/fakenews"
+ADMIN_EMAIL="admin@fakenewsdetector.org"
+ADMIN_PASSWORD="123"
+ROCKET_SECRET_KEY="secretKeyJustForDevelopmentB3VRq9qA2y4lc+Mg="
+TWITTER_APP_KEY="you have to create a twitter app and fill this"
+TWITTER_APP_SECRET="you have to create a twitter app and fill this"

api/.gitignore

@@ -3,4 +3,5 @@ target/
 target/
 **/*.rs.bk
 node_modules*
-elm-stuff
+elm-stuff
+.env

api/Cargo.toml

@@ -16,6 +16,9 @@ r2d2 = "0.7.4"
 reqwest = "0.8.0"
 select = "0.4.2"
 md5 = "0.3.6"
+egg-mode = "0.12.0"
+tokio-core = "0.1.6"
+cookie = "0.9"
 
 [dependencies.rocket_contrib]
 version = "0.3.3"

api/Rocket.toml

@@ -2,3 +2,4 @@
 address = "0.0.0.0"
 port = 8000
 template_dir = "src/views/"
+secret_key = "secretKeyJustForDevelopmentB3VRq9qA2y4lc+Mg="

api/src/endpoints/mod.rs

@@ -4,3 +4,4 @@ pub mod votes;
 pub mod categories;
 pub mod links;
 pub mod admin;
+pub mod twitter;

api/src/endpoints/twitter.rs

@@ -0,0 +1,77 @@
+extern crate rocket;
+extern crate egg_mode;
+extern crate tokio_core;
+extern crate cookie;
+
+use rocket::response::{status, Redirect};
+use rocket::http::Status;
+use tokio_core::reactor;
+use rocket::http::{Cookie, Cookies};
+use cookie::SameSite;
+use std::env;
+
+#[get("/twitter/auth")]
+fn auth(mut cookies: Cookies) -> Result<Redirect, status::Custom<String>> {
+    let (mut core, handle, con_token) = get_config();
+    let request_token = core.run(egg_mode::request_token(
+        &con_token,
+        "http://localhost:8000/twitter/callback",
+        &handle,
+    )).map_err(|err| internal_error(&*format!("{}", err)))?;
+
+    let mut secret_cookie = Cookie::new("request_token_secret", request_token.secret.to_owned());
+    secret_cookie.set_same_site(SameSite::Lax);
+    cookies.add_private(secret_cookie);
+
+    Ok(Redirect::found(
+        &*egg_mode::authenticate_url(&request_token),
+    ))
+}
+
+#[derive(FromForm)]
+pub struct TwitterCallbackParams {
+    oauth_token: String,
+    oauth_verifier: String,
+}
+
+#[get("/twitter/callback?<params>")]
+fn callback(
+    mut cookies: Cookies,
+    params: TwitterCallbackParams,
+) -> Result<Redirect, status::Custom<String>> {
+    let (mut core, handle, con_token) = get_config();
+    let request_token_secret = cookies
+        .get_private("request_token_secret")
+        .map(|cookie| cookie.value().to_owned())
+        .unwrap_or(String::from(""));
+
+    if request_token_secret.is_empty() {
+        return Ok(Redirect::found("/twitter/auth"));
+    }
+
+    let request_token = egg_mode::KeyPair::new(params.oauth_token, request_token_secret);
+
+    let (_token, _user_id, screen_name) = core.run(egg_mode::access_token(
+        con_token,
+        &request_token,
+        params.oauth_verifier,
+        &handle,
+    )).map_err(|err| internal_error(&*format!("{}", err)))?;
+
+    Err(status::Custom(Status::Ok, String::from(screen_name)))
+}
+
+fn get_config() -> (tokio_core::reactor::Core, tokio_core::reactor::Handle, egg_mode::KeyPair) {
+    let core = reactor::Core::new().unwrap();
+    let handle = core.handle();
+    let con_token = egg_mode::KeyPair::new(
+        env::var("TWITTER_APP_KEY").unwrap(),
+        env::var("TWITTER_APP_SECRET").unwrap(),
+    );
+
+    (core, handle, con_token)
+}
+
+fn internal_error(text: &str) -> status::Custom<String> {
+    status::Custom(Status::InternalServerError, String::from(text))
+}

api/src/lib.rs

@@ -12,6 +12,9 @@ extern crate rocket;
 extern crate rocket_contrib;
 extern crate select;
 extern crate md5;
+extern crate egg_mode;
+extern crate tokio_core;
+extern crate cookie;
 
 pub mod data;
 pub mod endpoints;
@@ -39,6 +42,8 @@ pub fn start_server() {
             "/",
             routes![
                 endpoints::healthcheck::healthcheck,
+                endpoints::twitter::auth,
+                endpoints::twitter::callback,
                 endpoints::categories::get_categories,
                 endpoints::votes::get_votes,
                 endpoints::votes::get_votes_by_content,