Skip to content

Commit

Permalink
Merge pull request freeCodeCamp#17217 from raisedadead/feat/authentic…
Browse files Browse the repository at this point in the history 
…ation

fix(auth): Set domain cookies, and chain user
  • Loading branch information
@Bouncey
Bouncey committed May 22, 2018
2 parents 8535669 + e35fbef commit 5fbf8a9
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 19 deletions.
38 changes: 27 additions & 11 deletions common/models/User-Identity.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,24 @@ export default function(UserIdent) {
const email = profile.emails[0].value;
return User.findOne$({ where: { email } })
.flatMap(user => {
return user ?
Observable.of(user) :
User.create$({ email }).toPromise();
})
.flatMap(user => {
if (!user) {
throw wrapHandledError(
new Error('could not find or create a user'),
{
message: dedent`
Oops... something is not right. We could not find or create a
user with that email.
`,
type: 'info',
redirectTo: '/'
}
);
}
const createToken = observeQuery(
AccessToken,
'create',
Expand All @@ -62,17 +80,16 @@ export default function(UserIdent) {
ttl: user.constructor.settings.ttl
}
);
if (!user) {
return Observable.combineLatest(
User.create$({ email }),
createToken,
(user, token) => ({ user, token })
);
}
const updateUser = user.update$({
emailVerified: true,
emailAuthLinkTTL: null,
emailVerifyTTL: null
});
return Observable.combineLatest(
Observable.of(user),
createToken,
(user, token) => ({ user, token })
updateUser,
(user, token) => ({user, token})
);
})
.subscribe(
Expand All @@ -90,10 +107,9 @@ export default function(UserIdent) {
{
message: dedent`
New accounts can only be created using an email address.
Please create an account below
`,
type: 'info',
redirectTo: '/signup'
redirectTo: '/'
}
);
}
Expand All @@ -113,7 +129,7 @@ export default function(UserIdent) {
new Error('user identity is not associated with a user'),
{
type: 'info',
redirectTo: '/signup',
redirectTo: '/',
message: dedent`
The user account associated with the ${provider} user ${username || 'Anon'}
no longer exists.
Expand Down
2 changes: 1 addition & 1 deletion common/models/user.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -376,7 +376,7 @@ module.exports = function(User) {
const config = {
signed: !!req.signedCookies,
maxAge: accessToken.ttl,
domain: '.freecodecamp.org'
domain: process.env.COOKIE_DOMAIN || 'localhost'
};
if (accessToken && accessToken.id) {
res.cookie('access_token', accessToken.id, config);
Expand Down
12 changes: 6 additions & 6 deletions server/boot/authentication.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,16 @@ module.exports = function enableAuthentication(app) {
const api = app.loopback.Router();
const { AuthToken, User } = app.models;

router.get('/signup', (req, res) => res.redirect(301, '/login'));
router.get('/email-signin', (req, res) => res.redirect(301, '/login'));
router.get('/signin', (req, res) => res.redirect(301, '/login'));
router.get('/signout', (req, res) => res.redirect(301, '/logout'));
router.get('/signup', (req, res) => res.redirect(301, '/signin'));
router.get('/email-signin', (req, res) => res.redirect(301, '/signin'));
router.get('/login', (req, res) => res.redirect(301, '/signin'));
router.get('/logout', (req, res) => res.redirect(301, '/signout'));

router.get('/login',
router.get('/signin',
ifUserRedirect,
(req, res) => res.redirect(301, '/auth/auth0'));

router.get('/logout', (req, res) => {
router.get('/signout', (req, res) => {
req.logout();
res.redirect('/');
});
Expand Down
3 changes: 2 additions & 1 deletion server/component-passport.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,8 @@ export default function setupPassport(app) {
);
const cookieConfig = {
signed: !!req.signedCookies,
maxAge: accessToken.ttl
maxAge: accessToken.ttl,
domain: process.env.COOKIE_DOMAIN || 'localhost'
};
res.cookie('access_token', accessToken.id, cookieConfig);
res.cookie('userId', accessToken.userId, cookieConfig);
Expand Down

0 comments on commit 5fbf8a9

Please sign in to comment.