freeCodeCamp/common/models/User-Identity.js

import { Observable } from 'rx';
// import debug from 'debug';
import dedent from 'dedent';

import {
  getSocialProvider,
  getUsernameFromProvider
} from '../../server/utils/auth';
import { observeMethod, observeQuery } from '../../server/utils/rx';
import { wrapHandledError } from '../../server/utils/create-handled-error.js';

// const log = debug('fcc:models:userIdent');

export default function(UserIdent) {
  UserIdent.on('dataSourceAttached', () => {
    UserIdent.findOne$ = observeMethod(UserIdent, 'findOne');
  });
  // original source
  // github.com/strongloop/loopback-component-passport
  // find identity if it exist
  // if not redirect to email signup
  // if yes and github
  //   update profile
  //   update username
  //   update picture
  UserIdent.login = function(
    _provider,
    authScheme,
    profile,
    credentials,
    options,
    cb
  ) {
    const User = UserIdent.app.models.User;
    const AccessToken = UserIdent.app.models.AccessToken;
    const provider = getSocialProvider(_provider);
    options = options || {};
    if (typeof options === 'function' && !cb) {
      cb = options;
      options = {};
    }
    profile.id = profile.id || profile.openid;
    const query = {
      where: {
        provider: provider,
        externalId: profile.id
      },
      include: 'user'
    };

    if (provider === 'auth0') {

      const email = profile.emails[0].value;
      return User.findOne$({ where: { email } })
        .flatMap(user => {
          return user ?
            Observable.of(user) :
            User.create$({ email }).toPromise();
        })
        .flatMap(user => {
          if (!user) {
            throw wrapHandledError(
              new Error('could not find or create a user'),
              {
                message: dedent`
                  Oops... something is not right. We could not find or create a
                  user with that email.
                `,
                type: 'info',
                redirectTo: '/'
              }
            );
          }
          const createToken = observeQuery(
            AccessToken,
            'create',
            {
              userId: user.id,
              created: new Date(),
              ttl: user.constructor.settings.ttl
            }
          );
          const updateUser = user.update$({
            emailVerified: true,
            emailAuthLinkTTL: null,
            emailVerifyTTL: null
          });
          return Observable.combineLatest(
            Observable.of(user),
            createToken,
            updateUser,
            (user, token) => ({user, token})
          );
        })
        .subscribe(
          ({ user, token }) => cb(null, user, null, token),
          cb
        );

    } else {

      return UserIdent.findOne$(query)
        .flatMap(identity => {
          if (!identity) {
            throw wrapHandledError(
              new Error('user identity account not found'),
              {
                message: dedent`
    We cannot create new user accounts with the deprecated social sign in
    methods. If you already have an account with us, please sign in with your
    email address instead.
                `,
                type: 'info',
                redirectTo: '/'
              }
            );
          }
          const modified = new Date();
          const user = identity.user();
          if (!user) {
            const username = getUsernameFromProvider(provider, profile);
            return observeQuery(
              identity,
              'updateAttributes',
              {
                isOrphaned: username || true
              }
            )
              .do(() => {
                throw wrapHandledError(
                  new Error('user identity is not associated with a user'),
                  {
                    type: 'info',
                    redirectTo: '/',
                    message: dedent`
    The user account associated with the ${provider} user ${username || 'Anon'}
    no longer exists.
                    `
                  }
                );
              });
          }

          // identity already exists
          // find user and log them in
          identity.credentials = credentials;
          const attributes = {
            // we no longer want to keep the profile
            // this is information we do not need or use
            profile: null,
            credentials: credentials,
            modified
          };
          const updateIdentity = observeQuery(
            identity,
            'updateAttributes',
            attributes
          );
          const createToken = observeQuery(
            AccessToken,
            'create',
            {
              userId: user.id,
              created: new Date(),
              ttl: user.constructor.settings.ttl
            }
          );
          return Observable.combineLatest(
            Observable.of(user),
            updateIdentity,
            createToken,
            (user, identity, token) => ({ user, identity, token })
          );
        })
        .subscribe(
          ({ user, identity, token }) => cb(null, user, identity, token),
          cb
        );
    }
  };
}
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`import { Observable } from 'rx';`
			`// import debug from 'debug';`
			`import dedent from 'dedent';`
add pull in user image on signup when available 2015-06-11 11:38:08 -07:00
Move auth functions to central location 2015-08-12 12:15:19 -07:00			`import {`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`getSocialProvider,`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`getUsernameFromProvider`
Move auth functions to central location 2015-08-12 12:15:19 -07:00			`} from '../../server/utils/auth';`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`import { observeMethod, observeQuery } from '../../server/utils/rx';`
			`import { wrapHandledError } from '../../server/utils/create-handled-error.js';`
Move auth functions to central location 2015-08-12 12:15:19 -07:00
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`// const log = debug('fcc:models:userIdent');`
add pull in user image on signup when available 2015-06-11 11:38:08 -07:00
add github check on login with github. 2015-08-04 14:52:06 -07:00			`export default function(UserIdent) {`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`UserIdent.on('dataSourceAttached', () => {`
			`UserIdent.findOne$ = observeMethod(UserIdent, 'findOne');`
			`});`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`// original source`
			`// github.com/strongloop/loopback-component-passport`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`// find identity if it exist`
			`// if not redirect to email signup`
			`// if yes and github`
			`// update profile`
			`// update username`
			`// update picture`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`UserIdent.login = function(`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`_provider,`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`authScheme,`
			`profile,`
			`credentials,`
			`options,`
			`cb`
			`) {`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`const User = UserIdent.app.models.User;`
			`const AccessToken = UserIdent.app.models.AccessToken;`
			`const provider = getSocialProvider(_provider);`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`options = options \|\| {};`
			`if (typeof options === 'function' && !cb) {`
			`cb = options;`
			`options = {};`
			`}`
			`profile.id = profile.id \|\| profile.openid;`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`const query = {`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`where: {`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`provider: provider,`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`externalId: profile.id`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`},`
			`include: 'user'`
Remove o-auth account creation Accounts can only be created with Github or email 2016-04-21 20:35:19 -07:00			`};`
feat: update user identity login 2018-05-19 21:21:49 +05:30
			`if (provider === 'auth0') {`

			`const email = profile.emails[0].value;`
			`return User.findOne$({ where: { email } })`
			`.flatMap(user => {`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`return user ?`
			`Observable.of(user) :`
			`User.create$({ email }).toPromise();`
			`})`
			`.flatMap(user => {`
			`if (!user) {`
			`throw wrapHandledError(`
fix: typo in the error message 2018-05-22 21:56:12 +05:30			`new Error('could not find or create a user'),`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`{`
			message: dedent`
fix: typo in the error message 2018-05-22 21:56:12 +05:30			`Oops... something is not right. We could not find or create a`
			`user with that email.`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`,
			`type: 'info',`
			`redirectTo: '/'`
			`}`
			`);`
			`}`
fix: making login flow async again for cookies 2018-05-22 00:37:01 +05:30			`const createToken = observeQuery(`
			`AccessToken,`
			`'create',`
			`{`
			`userId: user.id,`
			`created: new Date(),`
			`ttl: user.constructor.settings.ttl`
			`}`
			`);`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`const updateUser = user.update$({`
			`emailVerified: true,`
			`emailAuthLinkTTL: null,`
			`emailVerifyTTL: null`
			`});`
fix: making login flow async again for cookies 2018-05-22 00:37:01 +05:30			`return Observable.combineLatest(`
			`Observable.of(user),`
			`createToken,`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`updateUser,`
			`(user, token) => ({user, token})`
fix: making login flow async again for cookies 2018-05-22 00:37:01 +05:30			`);`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`})`
			`.subscribe(`
fix: making login flow async again for cookies 2018-05-22 00:37:01 +05:30			`({ user, token }) => cb(null, user, null, token),`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`cb`
			`);`

			`} else {`
fix: add user object to Observables 2018-05-20 13:40:15 +05:30
feat: update user identity login 2018-05-19 21:21:49 +05:30			`return UserIdent.findOne$(query)`
			`.flatMap(identity => {`
			`if (!identity) {`
			`throw wrapHandledError(`
			`new Error('user identity account not found'),`
			`{`
			message: dedent`
fix: update the error messages (#17378) 2018-06-02 14:02:16 +05:30			`We cannot create new user accounts with the deprecated social sign in`
			`methods. If you already have an account with us, please sign in with your`
			`email address instead.`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`,
			`type: 'info',`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`redirectTo: '/'`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`}`
			`);`
			`}`
			`const modified = new Date();`
			`const user = identity.user();`
			`if (!user) {`
			`const username = getUsernameFromProvider(provider, profile);`
			`return observeQuery(`
			`identity,`
			`'updateAttributes',`
			`{`
			`isOrphaned: username \|\| true`
			`}`
			`)`
			`.do(() => {`
			`throw wrapHandledError(`
			`new Error('user identity is not associated with a user'),`
			`{`
			`type: 'info',`
fix(auth): Set domain cookies, and chain user 2018-05-22 18:10:00 +05:30			`redirectTo: '/',`
feat: update user identity login 2018-05-19 21:21:49 +05:30			message: dedent`
			`The user account associated with the ${provider} user ${username \|\| 'Anon'}`
			`no longer exists.`
			`
			`}`
			`);`
			`});`
			`}`

			`// identity already exists`
			`// find user and log them in`
			`identity.credentials = credentials;`
			`const attributes = {`
			`// we no longer want to keep the profile`
			`// this is information we do not need or use`
			`profile: null,`
			`credentials: credentials,`
			`modified`
			`};`
			`const updateIdentity = observeQuery(`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`identity,`
			`'updateAttributes',`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`attributes`
			`);`
			`const createToken = observeQuery(`
			`AccessToken,`
			`'create',`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`{`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`userId: user.id,`
			`created: new Date(),`
			`ttl: user.constructor.settings.ttl`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`}`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`);`
			`return Observable.combineLatest(`
fix: add user object to Observables 2018-05-20 13:40:15 +05:30			`Observable.of(user),`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`updateIdentity,`
			`createToken,`
			`(user, identity, token) => ({ user, identity, token })`
			`);`
			`})`
			`.subscribe(`
			`({ user, identity, token }) => cb(null, user, identity, token),`
			`cb`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`);`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`}`
fix override user identity login to reformat provider 2015-08-12 19:08:05 -07:00			`};`
add github check on login with github. 2015-08-04 14:52:06 -07:00			`}`