From a890f5e2b36fc12913870b10cf01cbf39cf09d0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9e=20Kooi?= Date: Tue, 12 Jun 2018 15:50:41 +0200 Subject: [PATCH 1/4] Add pending signup state for social accounts. --- src/controllers/authenticate.js | 56 +++++++++++++++++++++++++++++++-- src/routes/authenticate.js | 9 ++++-- 2 files changed, 60 insertions(+), 5 deletions(-) diff --git a/src/controllers/authenticate.js b/src/controllers/authenticate.js index bcb9d46f..fb4dcc6d 100644 --- a/src/controllers/authenticate.js +++ b/src/controllers/authenticate.js @@ -88,13 +88,36 @@ export async function login(options, req, res) { }); } -export async function socialLoginCallback(options, req, res) { +export async function socialLoginCallback(options, service, req, res) { const { user } = req; if (await user.isBanned()) { throw new PermissionError('You have been banned.'); } + let script = ''; + if (user.pendingActivation) { + script = ` + var opener = window.opener; + if (opener) { + opener.postMessage({ + pending: true, + suggestedName: ${JSON.stringify(user.username)}, + type: ${JSON.stringify(service)} + }, '*'); + } + window.close(); + `; + } else { + script = ` + var opener = window.opener; + if (opener) { + opener.postMessage({ pending: false }, '*'); + } + window.close(); + `; + } + await refreshSession(res, req.uwaveHttp, user, { ...options, session: 'cookie', @@ -107,14 +130,41 @@ export async function socialLoginCallback(options, req, res) { Success - + You can now close this window. - + `); } +export async function socialLoginFinish(options, service, req, res) { + const { user } = req; + const sessionType = req.query.session === 'cookie' ? 'cookie' : 'token'; + + if (await user.isBanned()) { + throw new PermissionError('You have been banned.'); + } + + const { username } = req.body; + + user.username = username; + user.pendingActivation = undefined; + await user.save(); + + const { token, socketToken } = await refreshSession(res, req.uwaveHttp, user, { + ...options, + session: sessionType, + }); + + return toItemResponse(user, { + meta: { + jwt: sessionType === 'token' ? token : 'cookie', + socketToken, + }, + }); +} + export async function getSocketToken(req) { const { user } = req; const { authRegistry } = req.uwaveHttp; diff --git a/src/routes/authenticate.js b/src/routes/authenticate.js index b745e0d4..22c8511c 100644 --- a/src/routes/authenticate.js +++ b/src/routes/authenticate.js @@ -70,11 +70,16 @@ export default function authenticateRoutes(api, options) { passport.authenticate('google'), route(controller.login.bind(null, options)), ) - // GET /auth/service/google/callback - Finish a social login using Google. + // GET /auth/service/google/callback - Receive social login data from Google. .get( '/service/google/callback', passport.authenticate('google'), - route(controller.socialLoginCallback.bind(null, options)), + route(controller.socialLoginCallback.bind(null, options, 'google')), + ) + // POST /auth/service/google/finish - Finish creating an account with Google. + .post( + '/service/google/finish', + route(controller.socialLoginFinish.bind(null, options, 'google')), ); } From 816f01082b50fb4ed2df45bf40e248168278d676 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9e=20Kooi?= Date: Sat, 29 Sep 2018 17:21:18 +0200 Subject: [PATCH 2/4] Discard google account name. --- src/passport.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/passport.js b/src/passport.js index 9c323c47..cdd16eb7 100644 --- a/src/passport.js +++ b/src/passport.js @@ -32,11 +32,18 @@ export default function configurePassport(uw, options) { }, callbackify(localLogin))); if (options.auth && options.auth.google) { + async function googleLogin(accessToken, refreshToken, profile) { + return socialLogin(accessToken, refreshToken, { + id: profile.id, + photos: profile.photos + }); + } + passport.use('google', new GoogleStrategy({ callbackURL: '/auth/service/google/callback', ...options.auth.google, scope: ['profile'], - }, callbackify(socialLogin))); + }, callbackify(googleLogin))); } passport.use('jwt', new JWTStrategy(options.secret, user => uw.getUser(user.id))); From 57a3c5920c57f7db50315d05e0f7898c294e0360 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9e=20Kooi?= Date: Sat, 29 Sep 2018 17:23:14 +0200 Subject: [PATCH 3/4] Send suggested avatar instead of username to client signup dialog. --- src/controllers/authenticate.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/authenticate.js b/src/controllers/authenticate.js index fb4dcc6d..c6b86746 100644 --- a/src/controllers/authenticate.js +++ b/src/controllers/authenticate.js @@ -102,7 +102,7 @@ export async function socialLoginCallback(options, service, req, res) { if (opener) { opener.postMessage({ pending: true, - suggestedName: ${JSON.stringify(user.username)}, + socialAvatar: ${JSON.stringify(user.avatar)}, type: ${JSON.stringify(service)} }, '*'); } From 1342daea025cf409de983a595fab79b3aef5b125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9e=20Kooi?= Date: Sat, 29 Sep 2018 17:24:21 +0200 Subject: [PATCH 4/4] lint --- src/passport.js | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/passport.js b/src/passport.js index cdd16eb7..718b4a01 100644 --- a/src/passport.js +++ b/src/passport.js @@ -18,6 +18,13 @@ export default function configurePassport(uw, options) { }); } + async function googleLogin(accessToken, refreshToken, profile) { + return socialLogin(accessToken, refreshToken, { + id: profile.id, + photos: profile.photos, + }); + } + async function serializeUser(user) { return user.id; } @@ -32,13 +39,6 @@ export default function configurePassport(uw, options) { }, callbackify(localLogin))); if (options.auth && options.auth.google) { - async function googleLogin(accessToken, refreshToken, profile) { - return socialLogin(accessToken, refreshToken, { - id: profile.id, - photos: profile.photos - }); - } - passport.use('google', new GoogleStrategy({ callbackURL: '/auth/service/google/callback', ...options.auth.google,