From 7121cbfe83f315b209c085cb00d1863ed5d75362 Mon Sep 17 00:00:00 2001
From: Dan Stroot <dan.stroot@gmail.com>
Date: Tue, 4 Feb 2014 08:23:52 -0800
Subject: [PATCH] Better approach to Twitter email and Facebook location

---
 app.js             | 4 ++--
 config/passport.js | 6 +++++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/app.js b/app.js
index 5996534e22..8604328ca0 100755
--- a/app.js
+++ b/app.js
@@ -79,7 +79,7 @@ app.use(passport.initialize());
 app.use(passport.session());
 app.use(function(req, res, next) {
   res.locals.user = req.user;
-  res.locals.token = req.csrfToken(); 
+  res.locals.token = req.csrfToken();
   next();
 });
 app.use(flash());
@@ -126,7 +126,7 @@ app.get('/api/paypal/cancel', apiController.getPayPalCancel);
  * OAuth routes for sign-in.
  */
 
-app.get('/auth/facebook', passport.authenticate('facebook', { scope: 'email' }));
+app.get('/auth/facebook', passport.authenticate('facebook', { scope: ['email', 'user_location'] }));
 app.get('/auth/facebook/callback', passport.authenticate('facebook', { successRedirect: '/', failureRedirect: '/login' }));
 app.get('/auth/github', passport.authenticate('github'));
 app.get('/auth/github/callback', passport.authenticate('github', { successRedirect: '/', failureRedirect: '/login' }));
diff --git a/config/passport.js b/config/passport.js
index 518e89a3fa..c10c13fed8 100755
--- a/config/passport.js
+++ b/config/passport.js
@@ -68,6 +68,7 @@ passport.use(new FacebookStrategy(secrets.facebook, function (req, accessToken,
       user.profile.name = profile.displayName;
       user.profile.gender = profile._json.gender;
       user.profile.picture = 'https://graph.facebook.com/' + profile.id + '/picture?type=large';
+      user.profile.location = profile._json.location.name;
       user.save(function(err) {
         done(err, user);
       });
@@ -147,7 +148,10 @@ passport.use(new TwitterStrategy(secrets.twitter, function(req, accessToken, tok
     User.findOne({ twitter: profile.id }, function(err, existingUser) {
       if (existingUser) return done(null, existingUser);
       var user = new User();
-      user.email = profile.displayName;
+      // Twitter will not provide an email address.  Period.
+      // But a person’s twitter username is guaranteed to be unique
+      // so we can “fake” a twitter email address as follows:
+      user.email = profile.username + "@twitter.com";
       user.twitter = profile.id;
       user.tokens.push({ kind: 'twitter', accessToken: accessToken, tokenSecret: tokenSecret });
       user.profile.name = profile.displayName;