Merge pull request #17217 from raisedadead/feat/authentication

fix(auth): Set domain cookies, and chain user
2018-05-22 23:05:49 +01:00 · 2018-05-22 23:05:49 +01:00 · 5fbf8a93a0
parent 8535669ea4 e35fbef5d1
commit 5fbf8a93a0
4 changed files with 36 additions and 19 deletions
--- a/common/models/User-Identity.js
+++ b/common/models/User-Identity.js
@ -53,6 +53,24 @@ export default function(UserIdent) {
      const email = profile.emails[0].value;
      return User.findOne$({ where: { email } })
        .flatMap(user => {
+          return user ?
+            Observable.of(user) :
+            User.create$({ email }).toPromise();
+        })
+        .flatMap(user => {
+          if (!user) {
+            throw wrapHandledError(
+              new Error('could not find or create a user'),
+              {
+                message: dedent`
+                  Oops... something is not right. We could not find or create a
+                  user with that email.
+                `,
+                type: 'info',
+                redirectTo: '/'
+              }
+            );
+          }
          const createToken = observeQuery(
            AccessToken,
            'create',
@ -62,17 +80,16 @@ export default function(UserIdent) {
              ttl: user.constructor.settings.ttl
            }
          );
-          if (!user) {
-            return Observable.combineLatest(
-              User.create$({ email }),
-              createToken,
-              (user, token) => ({ user, token })
-            );
-          }
+          const updateUser = user.update$({
+            emailVerified: true,
+            emailAuthLinkTTL: null,
+            emailVerifyTTL: null
+          });
          return Observable.combineLatest(
            Observable.of(user),
            createToken,
-            (user, token) => ({ user, token })
+            updateUser,
+            (user, token) => ({user, token})
          );
        })
        .subscribe(
@ -90,10 +107,9 @@ export default function(UserIdent) {
              {
                message: dedent`
                  New accounts can only be created using an email address.
-                  Please create an account below
                `,
                type: 'info',
-                redirectTo: '/signup'
+                redirectTo: '/'
              }
            );
          }
@ -113,7 +129,7 @@ export default function(UserIdent) {
                  new Error('user identity is not associated with a user'),
                  {
                    type: 'info',
-                    redirectTo: '/signup',
+                    redirectTo: '/',
                    message: dedent`
    The user account associated with the ${provider} user ${username || 'Anon'}
    no longer exists.
--- a/common/models/user.js
+++ b/common/models/user.js
@ -376,7 +376,7 @@ module.exports = function(User) {
        const config = {
          signed: !!req.signedCookies,
          maxAge: accessToken.ttl,
-          domain: '.freecodecamp.org'
+          domain: process.env.COOKIE_DOMAIN || 'localhost'
        };
        if (accessToken && accessToken.id) {
          res.cookie('access_token', accessToken.id, config);
--- a/server/boot/authentication.js
+++ b/server/boot/authentication.js
@ -29,16 +29,16 @@ module.exports = function enableAuthentication(app) {
  const api = app.loopback.Router();
  const { AuthToken, User } = app.models;

-  router.get('/signup', (req, res) => res.redirect(301, '/login'));
-  router.get('/email-signin', (req, res) => res.redirect(301, '/login'));
-  router.get('/signin', (req, res) => res.redirect(301, '/login'));
-  router.get('/signout', (req, res) => res.redirect(301, '/logout'));
+  router.get('/signup', (req, res) => res.redirect(301, '/signin'));
+  router.get('/email-signin', (req, res) => res.redirect(301, '/signin'));
+  router.get('/login', (req, res) => res.redirect(301, '/signin'));
+  router.get('/logout', (req, res) => res.redirect(301, '/signout'));

-  router.get('/login',
+  router.get('/signin',
  ifUserRedirect,
  (req, res) => res.redirect(301, '/auth/auth0'));

-  router.get('/logout', (req, res) => {
+  router.get('/signout', (req, res) => {
    req.logout();
    res.redirect('/');
  });
--- a/server/component-passport.js
+++ b/server/component-passport.js
@ -140,7 +140,8 @@ export default function setupPassport(app) {
              );
              const cookieConfig = {
                signed: !!req.signedCookies,
-                maxAge: accessToken.ttl
+                maxAge: accessToken.ttl,
+                domain: process.env.COOKIE_DOMAIN || 'localhost'
              };
              res.cookie('access_token', accessToken.id, cookieConfig);
              res.cookie('userId', accessToken.userId, cookieConfig);