Added Instagram authentication

app.js

@@ -149,11 +149,17 @@ app.get('/api/twitter', passportConf.isAuthenticated, passportConf.isAuthorized,
 app.get('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getVenmo);
 app.post('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.postVenmo);
 app.get('/api/linkedin', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getLinkedin);
+app.get('/api/instagram', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getInstagram);
+app.post('/api/instagram', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.postInstagram);
 
 /**
  * OAuth routes for sign-in.
  */
 
+app.get('/auth/instagram', passport.authenticate('instagram'));
+app.get('/auth/instagram/callback', passport.authenticate('instagram', { failureRedirect: '/login' }), function(req, res) {
+  res.redirect(req.session.returnTo || '/');
+});
 app.get('/auth/facebook', passport.authenticate('facebook', { scope: ['email', 'user_location'] }));
 app.get('/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), function(req, res) {
   res.redirect(req.session.returnTo || '/');

config/passport.js

@@ -1,5 +1,6 @@
 var _ = require('underscore');
 var passport = require('passport');
+var InstagramStrategy = require('passport-instagram').Strategy;
 var LocalStrategy = require('passport-local').Strategy;
 var FacebookStrategy = require('passport-facebook').Strategy;
 var TwitterStrategy = require('passport-twitter').Strategy;
@@ -21,6 +22,49 @@ passport.deserializeUser(function(id, done) {
   });
 });
 
+// Sign in with Instagram.
+
+passport.use(new InstagramStrategy(secrets.instagram,function(req, accessToken, refreshToken, profile, done) {
+  if (req.user) {
+    User.findOne({ $or: [{ instagram: profile.id }, { email: profile.email }] }, function(err, existingUser) {
+      if (existingUser) {
+        req.flash('errors', { msg: 'There is already an Instagram account that belongs to you. Sign in with that account or delete it, then link it with your current account.' });
+        done(err);
+      } else {
+        User.findById(req.user.id, function(err, user) {
+          user.instagram = profile.id;
+          user.tokens.push({ kind: 'instagram', accessToken: accessToken });
+          user.profile.name = user.profile.name || profile.displayName;
+          user.profile.picture = user.profile.picture || profile._json.data.profile_picture;
+          user.profile.website = user.profile.website || profile._json.data.website;
+          user.save(function(err) {
+            req.flash('info', { msg: 'Instagram account has been linked.' });
+            done(err, user);
+          });
+        });
+      }
+    });
+  } else {
+    User.findOne({ instagram: profile.id }, function(err, existingUser) {
+      if (existingUser) return done(null, existingUser);
+
+      var user = new User();
+      user.instagram = profile.id;
+      user.tokens.push({ kind: 'instagram', accessToken: accessToken });
+      user.profile.name = profile.displayName;
+      // Similar to Twitter API, assigns a temporary e-mail address
+      // to get on with the registration process. It can be changed later
+      // to a valid e-mail address in Profile Management.
+      profile.username + "@instagram.com";
+      user.profile.website = profile._json.data.website;
+      user.profile.picture = profile._json.data.profile_picture;
+      user.save(function(err) {
+        done(err, user);
+      });
+    });
+  }
+}));
+
 // Sign in using Email and Password.
 
 passport.use(new LocalStrategy({ usernameField: 'email' }, function(email, password, done) {

models/User.js

@@ -10,6 +10,7 @@ var userSchema = new mongoose.Schema({
   twitter: String,
   google: String,
   github: String,
+  instagram: String,
   linkedin: String,
   tokens: Array,
 

views/account/login.jade

@@ -32,3 +32,6 @@ block content
       a.btn.btn-block.btn-linkedin.btn-social(href='/auth/linkedin')
         i.fa.fa-linkedin
         | Sign in with LinkedIn
+      a.btn.btn-block.btn-instagram.btn-social(href='/auth/instagram')
+        i.fa.fa-instagram
+        | Sign in with Instagram

views/account/profile.jade

@@ -73,6 +73,11 @@ block content
   .page-header
     h3 Linked Accounts
 
+  if user.instagram
+    p: a.text-danger(href='/account/unlink/instagram') Unlink your Instagram account
+  else
+    p: a(href='/auth/instagram') Link your Instagram account
+
   if user.google
     p: a.text-danger(href='/account/unlink/google') Unlink your Google account
   else