fix(signup): signup auth (#15628)

* fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error
2017-07-13 11:39:07 -07:00
parent 7805d74ea7
commit 2fcd976700
17 changed files with 591 additions and 497 deletions
--- a/common/models/User-Credential.js
+++ b/common/models/User-Credential.js
@ -0,0 +1,88 @@
+import { Observable } from 'rx';
+import debug from 'debug';
+
+import { observeMethod, observeQuery } from '../../server/utils/rx';
+import {
+  createUserUpdatesFromProfile,
+  getSocialProvider
+} from '../../server/utils/auth';
+
+const log = debug('fcc:models:UserCredential');
+module.exports = function(UserCredential) {
+  UserCredential.link = function(
+    userId,
+    _provider,
+    authScheme,
+    profile,
+    credentials,
+    options = {},
+    cb
+  ) {
+    if (typeof options === 'function' && !cb) {
+      cb = options;
+      options = {};
+    }
+    const User = UserCredential.app.models.User;
+    const findCred = observeMethod(UserCredential, 'findOne');
+    const createCred = observeMethod(UserCredential, 'create');
+
+    const provider = getSocialProvider(_provider);
+    const query = {
+      where: {
+        provider: provider,
+        externalId: profile.id
+      }
+    };
+
+    // find createCred if they exist
+    // if not create it
+    // if yes, update credentials
+    // also if github
+    //  update profile
+    //  update username
+    //  update picture
+    log('link query', query);
+    return findCred(query)
+      .flatMap(_credentials => {
+        const modified = new Date();
+        const updateUser = User.update$(
+          { id: userId },
+          createUserUpdatesFromProfile(provider, profile)
+        );
+        let updateCredentials;
+        if (!_credentials) {
+          updateCredentials = createCred({
+            provider,
+            externalId: profile.id,
+            authScheme,
+            // we no longer want to keep the profile
+            // this is information we do not need or use
+            profile: null,
+            credentials,
+            userId,
+            created: modified,
+            modified
+          });
+        }
+        _credentials.credentials = credentials;
+        updateCredentials = observeQuery(
+          _credentials,
+          'updateAttributes',
+          {
+            profile: null,
+            credentials,
+            modified
+          }
+        );
+        return Observable.combineLatest(
+          updateUser,
+          updateCredentials,
+          (_, credentials) => credentials
+        );
+      })
+      .subscribe(
+        credentials => cb(null, credentials),
+        cb
+      );
+  };
+};