login functionality

.gitignore

@@ -1 +1,2 @@
 config.local.yml
+tmp

app.rb

@@ -57,11 +57,11 @@
     $stderr.puts 'IndexTank search for "%s" (%.3f s)' % [payload[:query], ending - start]
   end
 
-  strip_params = %w[access_token client_id]
+  strip_params = %w[access_token client_id client_secret]
 
   ActiveSupport::Notifications.subscribe('request.faraday') do |name, start, ending, _, payload|
     url = payload[:url]
-    if (url.query_values.keys & strip_params).any?
+    if url.query_values and (url.query_values.keys & strip_params).any?
       url = url.dup
       url.query_values = url.query_values.reject { |k,| strip_params.include? k }
     end
@@ -173,6 +173,25 @@ def last_modified_from_photos(photos)
   builder :feed, layout: false
 end
 
+get '/login' do
+  return_url = request.url.split('?').first
+  begin
+    if params[:code]
+      token_response = Instagram::get_access_token(return_to: return_url, code: params[:code])
+      user = User.from_token token_response.body
+      redirect user_url(user.username)
+    elsif params[:error]
+      status 401
+      haml "%h1 Can't login: #{params[:error_description]}"
+    else
+      redirect Instagram::authorization_url(return_to: return_url).to_s
+    end
+  rescue Faraday::Error::ClientError => error
+    status 500
+    haml "%h1 Instagram error: #{error.response[:body]['error_message']}"
+  end
+end
+
 get '/users/:id.atom' do
   @user = User[params[:id]]
   @photos = @user.photos params[:max_id]

instagram.rb

@@ -19,7 +19,31 @@ def parse(body)
       Hashie::Mash.new(body)
     end
   end
-
+
+  class OAuthRequest < Faraday::Middleware
+    def initialize(app, options)
+      super(app)
+      @config = options[:config]
+    end
+
+    def call(env)
+      unless env[:request][:oauth] == false
+        params = %w[client_id client_secret access_token].each_with_object({}) do |key, hash|
+          value = @config.send(key)
+          hash[key] = value if value.present?
+        end
+        if env[:method] == :get
+          url = env[:url]
+          url.query_values = params.update(url.query_values || {})
+          env[:url] = url
+        else
+          env[:body] = params.update(env[:body] || {})
+        end
+      end
+      @app.call(env)
+    end
+  end
+
   class PreserveRawBody < Faraday::Response::Middleware
     def on_complete(env)
       env[:raw_body] = env[:body]
@@ -30,20 +54,18 @@ module Connection
     def connection
       @connection ||= begin
         conn = Faraday.new('https://api.instagram.com/v1/') do |b|
+          b.use OAuthRequest, config: self
+          b.request :url_encoded
           b.use Mashify
-          b.use FaradayStack::ResponseJSON, content_type: 'application/json'
-          b.use PreserveRawBody
           b.use FaradayStack::Caching, cache, strip_params: %w[access_token client_id] unless cache.nil?
           b.response :raise_error
+          b.use FaradayStack::ResponseJSON, content_type: 'application/json'
+          b.use PreserveRawBody
           b.use FaradayStack::Instrumentation
           b.adapter Faraday.default_adapter
         end
-
-        # conn.token_auth access_token unless access_token.nil?
-        conn.params['access_token'] = access_token unless access_token.nil?
-        conn.params['client_id'] = client_id
+
         conn.headers['User-Agent'] = 'instagram.heroku.com ruby client'
-
         conn
       end
     end
@@ -54,6 +76,18 @@ def get(path, params = nil)
       end
     end
   end
+
+  module OAuthMethods
+    def authorization_url(options)
+      connection.build_url '/oauth/authorize', client_id: client_id,
+        redirect_uri: options[:return_to], response_type: 'code'
+    end
+
+    def get_access_token(options)
+      connection.post '/oauth/access_token', code: options[:code],
+        grant_type: 'authorization_code', redirect_uri: options[:return_to]
+    end
+  end
 
   module ApiMethods
     def get(path, params = nil)
@@ -85,5 +119,6 @@ def tag_recent_media(tag, *args)
 
   extend Configuration
   extend Connection
+  extend OAuthMethods
   extend ApiMethods
 end

models.rb

@@ -31,6 +31,18 @@ def self.[](id)
       end
     end
   end
+
+  def self.from_token(token)
+    id = token.user.id
+    (first(user_id: id.to_i) || new(user_id: id.to_i)).tap do |user|
+      if user.username and user.username != token.user.username
+        user['old_username'] = user.username
+      end
+      user.username = token.user.username
+      user['access_token'] = token.access_token
+      user.save
+    end
+  end
 
   def self.find_by_instagram_url(url)
     id = Instagram::Discovery.discover_user_id(url)

views/help.haml

@@ -13,7 +13,12 @@
   %section
     %h2 How do I discover my own Instagram photos?
 
-    %p <strong>If you recently tweeted</strong> a link to your Instagram photo, enter your Twitter username and the app will search for that link and try to lookup your Instagram user.
+    %p To see your photo stream, you need to log in:
+
+    %p
+      %a#login{ href: '/login' } Log in with Instagram
+
+    %p Alternatively, you can enter a Twitter username of a person who <strong>recently tweeted</strong> a link to their Instagram photo:
 
     %form{ action: '/users/discover', method: 'post', class: 'detect' }
       %p
@@ -22,7 +27,7 @@
           %input{ type: 'text', name: 'twitter' }
           %input{ type: 'submit', value: 'Search' }
 
-    %p Alternatively, you can paste <strong>a permalink</strong> to one of your Instagram photos:
+    %p Another option is to paste <strong>a permalink</strong> to one of your Instagram photos:
 
     %form{ action: '/users/discover', method: 'post', class: 'detect' }
       %p

views/style.scss

@@ -68,6 +68,22 @@ article {
   max-width: 40em;
 }
 
+#login {
+  display: inline-block;
+  text-decoration: none;
+  @include border-radius(5px);
+  border: 1px solid silver;
+  padding: .5em 1em;
+  background: #ddd;
+  color: black;
+  text-shadow: rgba(white, .5) 1px 1px 1px;
+  font-variant: small-caps;
+  font-size: 1em;
+  font-weight: 600;
+  margin: 1.2em 1.5em;
+  &:hover { background: #eee; color: darkblue }
+}
+
 form.detect {
   padding: .1em 1em;
   background: #f8f8f8;