From fc55e385e400ea46bfc3e36843329f3a86a3ea93 Mon Sep 17 00:00:00 2001
From: Sahat Yalkabov <sakhat@gmail.com>
Date: Tue, 22 Apr 2014 15:00:27 -0400
Subject: [PATCH] Added Instagram authentication

---
 app.js                     |  6 ++++++
 config/passport.js         | 44 ++++++++++++++++++++++++++++++++++++++
 models/User.js             |  1 +
 views/account/login.jade   |  3 +++
 views/account/profile.jade |  5 +++++
 5 files changed, 59 insertions(+)

diff --git a/app.js b/app.js
index 49094a465a..eb415e2e4b 100755
--- a/app.js
+++ b/app.js
@@ -149,11 +149,17 @@ app.get('/api/twitter', passportConf.isAuthenticated, passportConf.isAuthorized,
 app.get('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getVenmo);
 app.post('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.postVenmo);
 app.get('/api/linkedin', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getLinkedin);
+app.get('/api/instagram', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getInstagram);
+app.post('/api/instagram', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.postInstagram);
 
 /**
  * OAuth routes for sign-in.
  */
 
+app.get('/auth/instagram', passport.authenticate('instagram'));
+app.get('/auth/instagram/callback', passport.authenticate('instagram', { failureRedirect: '/login' }), function(req, res) {
+  res.redirect(req.session.returnTo || '/');
+});
 app.get('/auth/facebook', passport.authenticate('facebook', { scope: ['email', 'user_location'] }));
 app.get('/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), function(req, res) {
   res.redirect(req.session.returnTo || '/');
diff --git a/config/passport.js b/config/passport.js
index 2826852787..40fb315637 100755
--- a/config/passport.js
+++ b/config/passport.js
@@ -1,5 +1,6 @@
 var _ = require('underscore');
 var passport = require('passport');
+var InstagramStrategy = require('passport-instagram').Strategy;
 var LocalStrategy = require('passport-local').Strategy;
 var FacebookStrategy = require('passport-facebook').Strategy;
 var TwitterStrategy = require('passport-twitter').Strategy;
@@ -21,6 +22,49 @@ passport.deserializeUser(function(id, done) {
   });
 });
 
+// Sign in with Instagram.
+
+passport.use(new InstagramStrategy(secrets.instagram,function(req, accessToken, refreshToken, profile, done) {
+  if (req.user) {
+    User.findOne({ $or: [{ instagram: profile.id }, { email: profile.email }] }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already an Instagram account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.instagram = profile.id;
+          user.tokens.push({ kind: 'instagram', accessToken: accessToken });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.picture = user.profile.picture || profile._json.data.profile_picture;
+          user.profile.website = user.profile.website || profile._json.data.website;
+          user.save(function(err) {
+            req.flash('info', { msg: 'Instagram account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
+    });
+  } else {
+    User.findOne({ instagram: profile.id }, function(err, existingUser) {
+      if (existingUser) return done(null, existingUser);
+
+      var user = new User();
+      user.instagram = profile.id;
+      user.tokens.push({ kind: 'instagram', accessToken: accessToken });
+      user.profile.name = profile.displayName;
+      // Similar to Twitter API, assigns a temporary e-mail address
+      // to get on with the registration process. It can be changed later
+      // to a valid e-mail address in Profile Management.
+      profile.username + "@instagram.com";
+      user.profile.website = profile._json.data.website;
+      user.profile.picture = profile._json.data.profile_picture;
+      user.save(function(err) {
+        done(err, user);
+      });
+    });
+  }
+}));
+
 // Sign in using Email and Password.
 
 passport.use(new LocalStrategy({ usernameField: 'email' }, function(email, password, done) {
diff --git a/models/User.js b/models/User.js
index 605df96b0b..9f9ed09556 100644
--- a/models/User.js
+++ b/models/User.js
@@ -10,6 +10,7 @@ var userSchema = new mongoose.Schema({
   twitter: String,
   google: String,
   github: String,
+  instagram: String,
   linkedin: String,
   tokens: Array,
 
diff --git a/views/account/login.jade b/views/account/login.jade
index 6171e469a8..a8d3ef71ea 100644
--- a/views/account/login.jade
+++ b/views/account/login.jade
@@ -32,3 +32,6 @@ block content
       a.btn.btn-block.btn-linkedin.btn-social(href='/auth/linkedin')
         i.fa.fa-linkedin
         | Sign in with LinkedIn
+      a.btn.btn-block.btn-instagram.btn-social(href='/auth/instagram')
+        i.fa.fa-instagram
+        | Sign in with Instagram
\ No newline at end of file
diff --git a/views/account/profile.jade b/views/account/profile.jade
index c31cc5fe39..a5e4498e95 100644
--- a/views/account/profile.jade
+++ b/views/account/profile.jade
@@ -73,6 +73,11 @@ block content
   .page-header
     h3 Linked Accounts
 
+  if user.instagram
+    p: a.text-danger(href='/account/unlink/instagram') Unlink your Instagram account
+  else
+    p: a(href='/auth/instagram') Link your Instagram account
+
   if user.google
     p: a.text-danger(href='/account/unlink/google') Unlink your Google account
   else