From 90876ce02aa05ae807ad77a03ffc6d50f1020001 Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra Date: Tue, 22 May 2018 18:10:00 +0530 Subject: [PATCH 1/4] fix(auth): Set domain cookies, and chain user --- common/models/User-Identity.js | 38 ++++++++++++++++++++++++---------- server/component-passport.js | 3 ++- 2 files changed, 29 insertions(+), 12 deletions(-) diff --git a/common/models/User-Identity.js b/common/models/User-Identity.js index c7447314a7..44598149d4 100644 --- a/common/models/User-Identity.js +++ b/common/models/User-Identity.js @@ -53,6 +53,24 @@ export default function(UserIdent) { const email = profile.emails[0].value; return User.findOne$({ where: { email } }) .flatMap(user => { + return user ? + Observable.of(user) : + User.create$({ email }).toPromise(); + }) + .flatMap(user => { + if (!user) { + throw wrapHandledError( + new Error('could not find or create an user'), + { + message: dedent` + Oops... something is not right. We could not find create + an user with that email. + `, + type: 'info', + redirectTo: '/' + } + ); + } const createToken = observeQuery( AccessToken, 'create', @@ -62,17 +80,16 @@ export default function(UserIdent) { ttl: user.constructor.settings.ttl } ); - if (!user) { - return Observable.combineLatest( - User.create$({ email }), - createToken, - (user, token) => ({ user, token }) - ); - } + const updateUser = user.update$({ + emailVerified: true, + emailAuthLinkTTL: null, + emailVerifyTTL: null + }); return Observable.combineLatest( Observable.of(user), createToken, - (user, token) => ({ user, token }) + updateUser, + (user, token) => ({user, token}) ); }) .subscribe( @@ -90,10 +107,9 @@ export default function(UserIdent) { { message: dedent` New accounts can only be created using an email address. - Please create an account below `, type: 'info', - redirectTo: '/signup' + redirectTo: '/' } ); } @@ -113,7 +129,7 @@ export default function(UserIdent) { new Error('user identity is not associated with a user'), { type: 'info', - redirectTo: '/signup', + redirectTo: '/', message: dedent` The user account associated with the ${provider} user ${username || 'Anon'} no longer exists. diff --git a/server/component-passport.js b/server/component-passport.js index 27dfc69617..796d779d4a 100644 --- a/server/component-passport.js +++ b/server/component-passport.js @@ -140,7 +140,8 @@ export default function setupPassport(app) { ); const cookieConfig = { signed: !!req.signedCookies, - maxAge: accessToken.ttl + maxAge: accessToken.ttl, + domain: process.env.COOKIE_DOMAIN || 'localhost' }; res.cookie('access_token', accessToken.id, cookieConfig); res.cookie('userId', accessToken.userId, cookieConfig); From cc2ca6169520497a39ad1eefb7c9cd5f9a9be45b Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra Date: Tue, 22 May 2018 20:34:37 +0530 Subject: [PATCH 2/4] fix(routes): Make less redirections --- server/boot/authentication.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/server/boot/authentication.js b/server/boot/authentication.js index 29a1d6e249..27cf2dd3a8 100644 --- a/server/boot/authentication.js +++ b/server/boot/authentication.js @@ -29,16 +29,16 @@ module.exports = function enableAuthentication(app) { const api = app.loopback.Router(); const { AuthToken, User } = app.models; - router.get('/signup', (req, res) => res.redirect(301, '/login')); - router.get('/email-signin', (req, res) => res.redirect(301, '/login')); - router.get('/signin', (req, res) => res.redirect(301, '/login')); - router.get('/signout', (req, res) => res.redirect(301, '/logout')); + router.get('/signup', (req, res) => res.redirect(301, '/signin')); + router.get('/email-signin', (req, res) => res.redirect(301, '/signin')); + router.get('/login', (req, res) => res.redirect(301, '/signin')); + router.get('/logout', (req, res) => res.redirect(301, '/signout')); - router.get('/login', + router.get('/signin', ifUserRedirect, (req, res) => res.redirect(301, '/auth/auth0')); - router.get('/logout', (req, res) => { + router.get('/signout', (req, res) => { req.logout(); res.redirect('/'); }); From 75ac5962e03f03c80bdc52f4a4b8e030a9a6567f Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra Date: Tue, 22 May 2018 21:53:09 +0530 Subject: [PATCH 3/4] fix: add cookie domain to loginByRequest --- common/models/user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/models/user.js b/common/models/user.js index 61c8fd7bb8..af2a03b77a 100644 --- a/common/models/user.js +++ b/common/models/user.js @@ -376,7 +376,7 @@ module.exports = function(User) { const config = { signed: !!req.signedCookies, maxAge: accessToken.ttl, - domain: '.freecodecamp.org' + domain: process.env.COOKIE_DOMAIN || 'localhost' }; if (accessToken && accessToken.id) { res.cookie('access_token', accessToken.id, config); From e35fbef5d1ec7568ed9b01a5da0dfa6fe176bdcb Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra Date: Tue, 22 May 2018 21:56:12 +0530 Subject: [PATCH 4/4] fix: typo in the error message --- common/models/User-Identity.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/models/User-Identity.js b/common/models/User-Identity.js index 44598149d4..870e6a9c37 100644 --- a/common/models/User-Identity.js +++ b/common/models/User-Identity.js @@ -60,11 +60,11 @@ export default function(UserIdent) { .flatMap(user => { if (!user) { throw wrapHandledError( - new Error('could not find or create an user'), + new Error('could not find or create a user'), { message: dedent` - Oops... something is not right. We could not find create - an user with that email. + Oops... something is not right. We could not find or create a + user with that email. `, type: 'info', redirectTo: '/'