Merge pull request #32 from sahat/merge-auth

Proper multi-auth linking
2014-01-31 21:09:17 -08:00
parent a3a0ce8868 fdecdc5b53
commit 1d7950b7fa
3 changed files with 90 additions and 45 deletions
--- a/README.md
+++ b/README.md
@ -638,12 +638,6 @@ If you want to see a really cool real-time dashboard check out this [live exampl
 TODO
 ----
 - Pages that require login, should automatically redirect to last attempted URL on successful sign-in.
- Authentication strategies should handles all edge cases below:
- - A user has never used your site before. They have no User model and no Identities either.
- - A user is logged out but they have logged into your site with a provider previously. They are now signing in with the same one again.
- - Just as above but they are now signing in with a different provider.
- - A user is logged in with a provider but they try to login with the same provider again.
- - A user is logged in but they try to login with a different provider.

 Contributing
 ------------
--- a/config/passport.js
+++ b/config/passport.js
@ -33,20 +33,33 @@ passport.use(new LocalStrategy({ usernameField: 'email' }, function(email, passw
  });
 }));

+/**
+ * Sign in with Facebook.
+ */
+
 passport.use(new FacebookStrategy(secrets.facebook, function (req, accessToken, refreshToken, profile, done) {
  if (req.user) {
-    User.findById(req.user.id, function(err, user) {
-      user.facebook = profile.id;
-      user.tokens.push({ kind: 'facebook', accessToken: accessToken });
-      user.profile.name = user.profile.name || profile.displayName;
-      user.profile.gender = user.profile.gender || profile._json.gender;
-      user.profile.picture = user.profile.picture || profile._json.profile_image_url;
-      user.save(function(err) {
-        done(err, user);
-      });
+    User.findOne({ $or: [{ facebook: profile.id }, { email: profile.email }] }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already a Facebook account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.facebook = profile.id;
+          user.tokens.push({ kind: 'facebook', accessToken: accessToken });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.gender = user.profile.gender || profile._json.gender;
+          user.profile.picture = user.profile.picture || 'https://graph.facebook.com/' + profile.id + '/picture?type=large';
+          user.save(function(err) {
+            req.flash('info', { msg: 'Facebook account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
    });
  } else {
    User.findOne({ facebook: profile.id }, function(err, existingUser) {
+      console.log(profile)
      if (existingUser) return done(null, existingUser);
      var user = new User();
      user.email = profile._json.email;
@ -54,7 +67,7 @@ passport.use(new FacebookStrategy(secrets.facebook, function (req, accessToken,
      user.tokens.push({ kind: 'facebook', accessToken: accessToken });
      user.profile.name = profile.displayName;
      user.profile.gender = profile._json.gender;
-      user.profile.picture = profile._json.profile_image_url;
+      user.profile.picture = 'https://graph.facebook.com/' + profile.id + '/picture?type=large';
      user.save(function(err) {
        done(err, user);
      });
@ -62,18 +75,30 @@ passport.use(new FacebookStrategy(secrets.facebook, function (req, accessToken,
  }
 }));

+/**
+ * Sign in with GitHub.
+ */
+
 passport.use(new GitHubStrategy(secrets.github, function(req, accessToken, refreshToken, profile, done) {
  if (req.user) {
-    User.findById(req.user.id, function(err, user) {
-      user.github = profile.id;
-      user.tokens.push({ kind: 'github', accessToken: accessToken });
-      user.profile.name = user.profile.name || profile.displayName;
-      user.profile.picture = user.profile.picture || profile._json.avatar_url;
-      user.profile.location = user.profile.location || profile._json.location;
-      user.profile.website = user.profile.website || profile._json.blog;
-      user.save(function(err) {
-        done(err, user);
-      });
+    User.findOne({ $or: [{ github: profile.id }, { email: profile.email }] }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already a GitHub account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.github = profile.id;
+          user.tokens.push({ kind: 'github', accessToken: accessToken });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.picture = user.profile.picture || profile._json.avatar_url;
+          user.profile.location = user.profile.location || profile._json.location;
+          user.profile.website = user.profile.website || profile._json.blog;
+          user.save(function(err) {
+            req.flash('info', { msg: 'GitHub account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
    });
  } else {
    User.findOne({ github: profile.id }, function(err, existingUser) {
@ -93,18 +118,31 @@ passport.use(new GitHubStrategy(secrets.github, function(req, accessToken, refre
  }
 }));

+/**
+ * Sign in with Twitter.
+ */
+
 passport.use(new TwitterStrategy(secrets.twitter, function(req, accessToken, tokenSecret, profile, done) {
  if (req.user) {
-    User.findById(req.user.id, function(err, user) {
-      user.twitter = profile.id;
-      user.tokens.push({ kind: 'twitter', accessToken: accessToken, tokenSecret: tokenSecret });
-      user.profile.name = user.profile.name || profile.displayName;
-      user.profile.location = user.profile.location || profile._json.location;
-      user.profile.picture = user.profile.picture || profile._json.profile_image_url;
-      user.save(function(err) {
-        done(err, user);
-      });
+    User.findOne({ twitter: profile.id }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already a Twitter account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.twitter = profile.id;
+          user.tokens.push({ kind: 'twitter', accessToken: accessToken, tokenSecret: tokenSecret });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.location = user.profile.location || profile._json.location;
+          user.profile.picture = user.profile.picture || profile._json.profile_image_url;
+          user.save(function(err) {
+            req.flash('info', { msg: 'Twitter account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
    });
+
  } else {
    User.findOne({ twitter: profile.id }, function(err, existingUser) {
      if (existingUser) return done(null, existingUser);
@ -122,17 +160,29 @@ passport.use(new TwitterStrategy(secrets.twitter, function(req, accessToken, tok
  }
 }));

+/**
+ * Sign in with Google.
+ */
+
 passport.use(new GoogleStrategy(secrets.google, function(req, accessToken, refreshToken, profile, done) {
  if (req.user) {
-    User.findById(req.user.id, function(err, user) {
-      user.google = profile.id;
-      user.tokens.push({ kind: 'google', accessToken: accessToken });
-      user.profile.name = user.profile.name || profile.displayName;
-      user.profile.gender = user.profile.gender || profile._json.gender;
-      user.profile.picture = user.profile.picture || profile._json.picture;
-      user.save(function(err) {
-        done(err, user);
-      });
+    User.findOne({ $or: [{ google: profile.id }, { email: profile.email }] }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already a Google account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.google = profile.id;
+          user.tokens.push({ kind: 'google', accessToken: accessToken });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.gender = user.profile.gender || profile._json.gender;
+          user.profile.picture = user.profile.picture || profile._json.picture;
+          user.save(function(err) {
+            req.flash('info', { msg: 'Google account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
    });
  } else {
    User.findOne({ google: profile.id }, function(err, existingUser) {
--- a/controllers/user.js
+++ b/controllers/user.js
@ -90,7 +90,7 @@ exports.postSignup = function(req, res, next) {
  user.save(function(err) {
    if (err) {
      if (err.code === 11000) {
-        req.flash('errors', { msg: 'User already exists.' });
+        req.flash('errors', { msg: 'User with that email already exists.' });
      }
      return res.redirect('/signup');
    }
@ -195,6 +195,7 @@ exports.getOauthUnlink = function(req, res, next) {

    user.save(function(err) {
      if (err) return next(err);
+      req.flash('info', { msg: provider + ' account has been unlinked.' });
      res.redirect('/account');
    });
  });