From 90876ce02aa05ae807ad77a03ffc6d50f1020001 Mon Sep 17 00:00:00 2001
From: Mrugesh Mohapatra <me@raisedadead.com>
Date: Tue, 22 May 2018 18:10:00 +0530
Subject: [PATCH] fix(auth): Set domain cookies, and chain user

---
 common/models/User-Identity.js | 38 ++++++++++++++++++++++++----------
 server/component-passport.js   |  3 ++-
 2 files changed, 29 insertions(+), 12 deletions(-)

diff --git a/common/models/User-Identity.js b/common/models/User-Identity.js
index c7447314a7..44598149d4 100644
--- a/common/models/User-Identity.js
+++ b/common/models/User-Identity.js
@@ -53,6 +53,24 @@ export default function(UserIdent) {
       const email = profile.emails[0].value;
       return User.findOne$({ where: { email } })
         .flatMap(user => {
+          return user ?
+            Observable.of(user) :
+            User.create$({ email }).toPromise();
+        })
+        .flatMap(user => {
+          if (!user) {
+            throw wrapHandledError(
+              new Error('could not find or create an user'),
+              {
+                message: dedent`
+                  Oops... something is not right. We could not find create
+                  an user with that email.
+                `,
+                type: 'info',
+                redirectTo: '/'
+              }
+            );
+          }
           const createToken = observeQuery(
             AccessToken,
             'create',
@@ -62,17 +80,16 @@ export default function(UserIdent) {
               ttl: user.constructor.settings.ttl
             }
           );
-          if (!user) {
-            return Observable.combineLatest(
-              User.create$({ email }),
-              createToken,
-              (user, token) => ({ user, token })
-            );
-          }
+          const updateUser = user.update$({
+            emailVerified: true,
+            emailAuthLinkTTL: null,
+            emailVerifyTTL: null
+          });
           return Observable.combineLatest(
             Observable.of(user),
             createToken,
-            (user, token) => ({ user, token })
+            updateUser,
+            (user, token) => ({user, token})
           );
         })
         .subscribe(
@@ -90,10 +107,9 @@ export default function(UserIdent) {
               {
                 message: dedent`
                   New accounts can only be created using an email address.
-                  Please create an account below
                 `,
                 type: 'info',
-                redirectTo: '/signup'
+                redirectTo: '/'
               }
             );
           }
@@ -113,7 +129,7 @@ export default function(UserIdent) {
                   new Error('user identity is not associated with a user'),
                   {
                     type: 'info',
-                    redirectTo: '/signup',
+                    redirectTo: '/',
                     message: dedent`
     The user account associated with the ${provider} user ${username || 'Anon'}
     no longer exists.
diff --git a/server/component-passport.js b/server/component-passport.js
index 27dfc69617..796d779d4a 100644
--- a/server/component-passport.js
+++ b/server/component-passport.js
@@ -140,7 +140,8 @@ export default function setupPassport(app) {
               );
               const cookieConfig = {
                 signed: !!req.signedCookies,
-                maxAge: accessToken.ttl
+                maxAge: accessToken.ttl,
+                domain: process.env.COOKIE_DOMAIN || 'localhost'
               };
               res.cookie('access_token', accessToken.id, cookieConfig);
               res.cookie('userId', accessToken.userId, cookieConfig);