freeCodeCamp/api-server/server/boot/user.js

import dedent from 'dedent';
import debugFactory from 'debug';
import { pick } from 'lodash';
import { Observable } from 'rx';

import { homeLocation } from '../../../config/env';
import {
  getProgress,
  normaliseUserFields,
  userPropsForSession
} from '../utils/publicUserProps';
import { fixCompletedChallengeItem } from '../../common/utils';
import { ifNoUser401, ifNoUserRedirectTo } from '../utils/middleware';
import { removeCookies } from '../utils/getSetAccessToken';

const log = debugFactory('fcc:boot:user');
const sendNonUserToHome = ifNoUserRedirectTo(homeLocation);

function bootUser(app) {
  const api = app.loopback.Router();

  const getSessionUser = createReadSessionUser(app);
  const postReportUserProfile = createPostReportUserProfile(app);
  const postDeleteAccount = createPostDeleteAccount(app);

  api.get('/account', sendNonUserToHome, getAccount);
  api.get('/account/unlink/:social', sendNonUserToHome, getUnlinkSocial);
  api.get('/user/get-session-user', getSessionUser);

  api.post('/account/delete', ifNoUser401, postDeleteAccount);
  api.post('/account/reset-progress', ifNoUser401, postResetProgress);
  api.post('/user/report-user/', ifNoUser401, postReportUserProfile);

  app.use('/internal', api);
}

function createReadSessionUser(app) {
  const { Donation } = app.models;

  return function getSessionUser(req, res, next) {
    const queryUser = req.user;

    const source =
      queryUser &&
      Observable.forkJoin(
        queryUser.getCompletedChallenges$(),
        queryUser.getPoints$(),
        Donation.getCurrentActiveDonationCount$(),
        (completedChallenges, progressTimestamps, activeDonations) => ({
          activeDonations,
          completedChallenges,
          progress: getProgress(progressTimestamps, queryUser.timezone)
        })
      );
    Observable.if(
      () => !queryUser,
      Observable.of({ user: {}, result: '' }),
      Observable.defer(() => source)
        .map(({ activeDonations, completedChallenges, progress }) => ({
          user: {
            ...queryUser.toJSON(),
            ...progress,
            completedChallenges: completedChallenges.map(
              fixCompletedChallengeItem
            )
          },
          sessionMeta: { activeDonations }
        }))
        .map(({ user, sessionMeta }) => ({
          user: {
            [user.username]: {
              ...pick(user, userPropsForSession),
              isEmailVerified: !!user.emailVerified,
              isGithub: !!user.githubProfile,
              isLinkedIn: !!user.linkedin,
              isTwitter: !!user.twitter,
              isWebsite: !!user.website,
              ...normaliseUserFields(user)
            }
          },
          sessionMeta,
          result: user.username
        }))
    ).subscribe(user => res.json(user), next);
  };
}

function getAccount(req, res) {
  const { username } = req.user;
  return res.redirect('/' + username);
}

function getUnlinkSocial(req, res, next) {
  const { user } = req;
  const { username } = user;

  let social = req.params.social;
  if (!social) {
    req.flash('danger', 'No social account found');
    return res.redirect('/' + username);
  }

  social = social.toLowerCase();
  const validSocialAccounts = ['twitter', 'linkedin'];
  if (validSocialAccounts.indexOf(social) === -1) {
    req.flash('danger', 'Invalid social account');
    return res.redirect('/' + username);
  }

  if (!user[social]) {
    req.flash('danger', `No ${social} account associated`);
    return res.redirect('/' + username);
  }

  const query = {
    where: {
      provider: social
    }
  };

  return user.identities(query, function(err, identities) {
    if (err) {
      return next(err);
    }

    // assumed user identity is unique by provider
    let identity = identities.shift();
    if (!identity) {
      req.flash('danger', 'No social account found');
      return res.redirect('/' + username);
    }

    return identity.destroy(function(err) {
      if (err) {
        return next(err);
      }

      const updateData = { [social]: null };

      return user.updateAttributes(updateData, err => {
        if (err) {
          return next(err);
        }
        log(`${social} has been unlinked successfully`);

        req.flash('info', `You've successfully unlinked your ${social}.`);
        return res.redirectWithFlash(`${homeLocation}/${username}`);
      });
    });
  });
}

function postResetProgress(req, res, next) {
  const { user } = req;
  return user.updateAttributes(
    {
      progressTimestamps: [Date.now()],
      currentChallengeId: '',
      isRespWebDesignCert: false,
      is2018DataVisCert: false,
      isFrontEndLibsCert: false,
      isJsAlgoDataStructCert: false,
      isApisMicroservicesCert: false,
      isInfosecQaCert: false,
      is2018FullStackCert: false,
      isFrontEndCert: false,
      isBackEndCert: false,
      isDataVisCert: false,
      isFullStackCert: false,
      completedChallenges: []
    },
    function(err) {
      if (err) {
        return next(err);
      }
      return res.sendStatus(200);
    }
  );
}

function createPostDeleteAccount(app) {
  const { User } = app.models;
  return function postDeleteAccount(req, res, next) {
    return User.destroyById(req.user.id, function(err) {
      if (err) {
        return next(err);
      }
      req.logout();
      removeCookies(req, res);
      return res.sendStatus(200);
    });
  };
}

function createPostReportUserProfile(app) {
  const { Email } = app.models;
  return function postReportUserProfile(req, res, next) {
    const { user } = req;
    const { username } = req.body;
    const report = req.sanitize('reportDescription').trimTags();

    log(username);
    log(report);

    if (!username || !report || report === '') {
      return res.json({
        type: 'danger',
        message: 'Check if you have provided a username and a report'
      });
    }
    return Email.send$(
      {
        type: 'email',
        to: 'team@freecodecamp.org',
        cc: user.email,
        from: 'team@freecodecamp.org',
        subject: `Abuse Report : Reporting ${username}'s profile.`,
        text: dedent(`
        Hello Team,\n
        This is to report the profile of ${username}.\n
        Report Details:\n
        ${report}\n\n
        Reported by:
        Username: ${user.username}
        Name: ${user.name}
        Email: ${user.email}\n
        Thanks and regards,
        ${user.name}
      `)
      },
      err => {
        if (err) {
          err.redirectTo = `${homeLocation}/${username}`;
          return next(err);
        }

        return res.json({
          typer: 'info',
          message: `A report was sent to the team with ${user.email} in copy.`
        });
      }
    );
  };
}
export default bootUser;
fix undefined username and remove old function fix many bugs and undefined fix linting errors 2015-10-01 20:55:55 -07:00			`import dedent from 'dedent';`
fix 401 account/delete if not auth 2015-08-20 09:40:03 -07:00			`import debugFactory from 'debug';`
chore(tidy) Tidy Friday 2018-09-07 13:35:42 +01:00			`import { pick } from 'lodash';`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`import { Observable } from 'rx';`
update all instances of progressTimestamp to check for objects 2015-08-07 13:31:48 -07:00
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`import { homeLocation } from '../../../config/env';`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`import {`
			`getProgress,`
			`normaliseUserFields,`
			`userPropsForSession`
			`} from '../utils/publicUserProps';`
			`import { fixCompletedChallengeItem } from '../../common/utils';`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`import { ifNoUser401, ifNoUserRedirectTo } from '../utils/middleware';`
fix: Do not try to parse an empty response 2019-02-26 21:17:57 +00:00			`import { removeCookies } from '../utils/getSetAccessToken';`
update all instances of progressTimestamp to check for objects 2015-08-07 13:31:48 -07:00
feat(welcome): Gatsby the Welcome page 2018-08-24 14:32:54 +01:00			`const log = debugFactory('fcc:boot:user');`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`const sendNonUserToHome = ifNoUserRedirectTo(homeLocation);`
fix current streak, longest streak still broken 2015-08-19 13:05:53 -07:00
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`function bootUser(app) {`
Add language routing 2016-06-17 12:35:10 -07:00			`const api = app.loopback.Router();`
Remove non-react Update email views and routes 2016-12-17 01:44:06 +05:30
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`const getSessionUser = createReadSessionUser(app);`
			`const postReportUserProfile = createPostReportUserProfile(app);`
			`const postDeleteAccount = createPostDeleteAccount(app);`

feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`api.get('/account', sendNonUserToHome, getAccount);`
			`api.get('/account/unlink/:social', sendNonUserToHome, getUnlinkSocial);`
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`api.get('/user/get-session-user', getSessionUser);`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`api.post('/account/delete', ifNoUser401, postDeleteAccount);`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`api.post('/account/reset-progress', ifNoUser401, postResetProgress);`
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`api.post('/user/report-user/', ifNoUser401, postReportUserProfile);`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
fix(api): Use /internal for API entry 2018-08-29 20:52:41 +01:00			`app.use('/internal', api);`
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`}`

			`function createReadSessionUser(app) {`
			`const { Donation } = app.models;`

			`return function getSessionUser(req, res, next) {`
			`const queryUser = req.user;`

			`const source =`
			`queryUser &&`
			`Observable.forkJoin(`
			`queryUser.getCompletedChallenges$(),`
			`queryUser.getPoints$(),`
			`Donation.getCurrentActiveDonationCount$(),`
			`(completedChallenges, progressTimestamps, activeDonations) => ({`
			`activeDonations,`
			`completedChallenges,`
			`progress: getProgress(progressTimestamps, queryUser.timezone)`
			`})`
			`);`
			`Observable.if(`
			`() => !queryUser,`
			`Observable.of({ user: {}, result: '' }),`
			`Observable.defer(() => source)`
			`.map(({ activeDonations, completedChallenges, progress }) => ({`
			`user: {`
			`...queryUser.toJSON(),`
			`...progress,`
			`completedChallenges: completedChallenges.map(`
			`fixCompletedChallengeItem`
			`)`
			`},`
			`sessionMeta: { activeDonations }`
			`}))`
			`.map(({ user, sessionMeta }) => ({`
			`user: {`
			`[user.username]: {`
			`...pick(user, userPropsForSession),`
			`isEmailVerified: !!user.emailVerified,`
			`isGithub: !!user.githubProfile,`
			`isLinkedIn: !!user.linkedin,`
			`isTwitter: !!user.twitter,`
			`isWebsite: !!user.website,`
			`...normaliseUserFields(user)`
			`}`
			`},`
			`sessionMeta,`
			`result: user.username`
			`}))`
			`).subscribe(user => res.json(user), next);`
			`};`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`}`

			`function getAccount(req, res) {`
			`const { username } = req.user;`
			`return res.redirect('/' + username);`
			`}`
fix use app.use(router) to add sub router 2015-06-03 16:31:42 -07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`function getUnlinkSocial(req, res, next) {`
			`const { user } = req;`
			`const { username } = user;`

			`let social = req.params.social;`
			`if (!social) {`
			`req.flash('danger', 'No social account found');`
fix undefined username and remove old function fix many bugs and undefined fix linting errors 2015-10-01 20:55:55 -07:00			`return res.redirect('/' + username);`
refactor all boot to export func and use loopback 2015-06-03 16:19:23 -07:00			`}`
Adding in existing username checking, NOT WORKING AT THE MOMENT 2015-01-24 04:14:41 -05:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`social = social.toLowerCase();`
			`const validSocialAccounts = ['twitter', 'linkedin'];`
			`if (validSocialAccounts.indexOf(social) === -1) {`
			`req.flash('danger', 'Invalid social account');`
			`return res.redirect('/' + username);`
			`}`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`if (!user[social]) {`
			req.flash('danger', `No ${social} account associated`);
			`return res.redirect('/' + username);`
			`}`

			`const query = {`
			`where: {`
			`provider: social`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00			`}`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`};`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`return user.identities(query, function(err, identities) {`
			`if (err) {`
			`return next(err);`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00			`}`

feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`// assumed user identity is unique by provider`
			`let identity = identities.shift();`
			`if (!identity) {`
			`req.flash('danger', 'No social account found');`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00			`return res.redirect('/' + username);`
			`}`

feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`return identity.destroy(function(err) {`
			`if (err) {`
			`return next(err);`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00			`}`

feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`const updateData = { [social]: null };`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
fix(update$): Remove User.update$, refactor to use native loopback interfaces 2018-11-12 16:58:34 +00:00			`return user.updateAttributes(updateData, err => {`
			`if (err) {`
			`return next(err);`
			`}`
feat(welcome): Gatsby the Welcome page 2018-08-24 14:32:54 +01:00			log(`${social} has been unlinked successfully`);
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			req.flash('info', `You've successfully unlinked your ${social}.`);
fix(update$): Remove User.update$, refactor to use native loopback interfaces 2018-11-12 16:58:34 +00:00			return res.redirectWithFlash(`${homeLocation}/${username}`);
			`});`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`});`
			`});`
			`}`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`function postResetProgress(req, res, next) {`
			`const { user } = req;`
fix: Rework reset progress saga to wait for the updated user 2019-02-26 23:39:51 +00:00			`return user.updateAttributes(`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`{`
fix: Rework reset progress saga to wait for the updated user 2019-02-26 23:39:51 +00:00			`progressTimestamps: [Date.now()],`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`currentChallengeId: '',`
			`isRespWebDesignCert: false,`
			`is2018DataVisCert: false,`
			`isFrontEndLibsCert: false,`
			`isJsAlgoDataStructCert: false,`
			`isApisMicroservicesCert: false,`
			`isInfosecQaCert: false,`
			`is2018FullStackCert: false,`
			`isFrontEndCert: false,`
			`isBackEndCert: false,`
			`isDataVisCert: false,`
			`isFullStackCert: false,`
			`completedChallenges: []`
			`},`
			`function(err) {`
			`if (err) {`
			`return next(err);`
			`}`
fix: Rework reset progress saga to wait for the updated user 2019-02-26 23:39:51 +00:00			`return res.sendStatus(200);`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`}`
			`);`
			`}`
add ability to unlink social accounts (twitter, linkedin) 2016-09-28 21:26:17 +07:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`function createPostDeleteAccount(app) {`
			`const { User } = app.models;`
			`return function postDeleteAccount(req, res, next) {`
fix: Do not try to parse an empty response 2019-02-26 21:17:57 +00:00			`return User.destroyById(req.user.id, function(err) {`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`if (err) {`
			`return next(err);`
			`}`
refactor all boot to export func and use loopback 2015-06-03 16:19:23 -07:00			`req.logout();`
fix: Do not try to parse an empty response 2019-02-26 21:17:57 +00:00			`removeCookies(req, res);`
			`return res.sendStatus(200);`
Add reset progress option to user settings 2016-09-20 12:43:34 -05:00			`});`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`};`
			`}`
Add reset progress option to user settings 2016-09-20 12:43:34 -05:00
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`function createPostReportUserProfile(app) {`
			`const { Email } = app.models;`
			`return function postReportUserProfile(req, res, next) {`
feat(user): Report profiles This adds a simple email-based mechanism to report profiles for abuse. An email with text from the report is sent to Free Code Camp's support account with the reporter's account in copy. This also adds the reporter's details to the report for follow ups. 2016-12-15 02:54:59 +05:30			`const { user } = req;`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`const { username } = req.body;`
feat(user): Report profiles This adds a simple email-based mechanism to report profiles for abuse. An email with text from the report is sent to Free Code Camp's support account with the reporter's account in copy. This also adds the reporter's details to the report for follow ups. 2016-12-15 02:54:59 +05:30			`const report = req.sanitize('reportDescription').trimTags();`

feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`log(username);`
			`log(report);`

feat(user): Report profiles This adds a simple email-based mechanism to report profiles for abuse. An email with text from the report is sent to Free Code Camp's support account with the reporter's account in copy. This also adds the reporter's details to the report for follow ups. 2016-12-15 02:54:59 +05:30			`if (!username \|\| !report \|\| report === '') {`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`return res.json({`
			`type: 'danger',`
fix(client): Vague Error messages (#36047) Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com> 2019-06-19 15:31:03 +01:00			`message: 'Check if you have provided a username and a report'`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`});`
feat(user): Report profiles This adds a simple email-based mechanism to report profiles for abuse. An email with text from the report is sent to Free Code Camp's support account with the reporter's account in copy. This also adds the reporter's details to the report for follow ups. 2016-12-15 02:54:59 +05:30			`}`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`return Email.send$(`
			`{`
			`type: 'email',`
			`to: 'team@freecodecamp.org',`
			`cc: user.email,`
			`from: 'team@freecodecamp.org',`
chore: commit lint fixes for the api 2019-02-06 14:19:58 +00:00			subject: `Abuse Report : Reporting ${username}'s profile.`,
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			text: dedent(`
feat(user): Report profiles This adds a simple email-based mechanism to report profiles for abuse. An email with text from the report is sent to Free Code Camp's support account with the reporter's account in copy. This also adds the reporter's details to the report for follow ups. 2016-12-15 02:54:59 +05:30			`Hello Team,\n`
			`This is to report the profile of ${username}.\n`
			`Report Details:\n`
			`${report}\n\n`
			`Reported by:`
			`Username: ${user.username}`
			`Name: ${user.name}`
			`Email: ${user.email}\n`
			`Thanks and regards,`
			`${user.name}`
			`)
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`},`
			`err => {`
			`if (err) {`
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			err.redirectTo = `${homeLocation}/${username}`;
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`return next(err);`
			`}`
Remove reset-password logic 2016-12-16 10:35:38 +05:30
feat(report-user) Gatsby /user/:username/report-user 2018-09-07 13:32:38 +01:00			`return res.json({`
			`typer: 'info',`
			message: `A report was sent to the team with ${user.email} in copy.`
			`});`
feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`}`
			`);`
			`};`
			`}`
feat: Create and use dynamic active donation counts 2018-11-29 14:24:17 +00:00			`export default bootUser;`