fix(auth): on-boarding, signup and welcome flows (#16882)

* fix(auth): Route should have specific targets

* fix(signup): Redirection should be to signup

Closes #16945

* feat(redirect): All fallback redirects to signin

* fix: send back to originating route

* fix(server,secrets): Specify profile field for LinkedIn provider.

* fix(profile): Add route to react profile page

common/app/routes/Profile/index.js

@@ -3,5 +3,5 @@ import { types } from './redux';
 export { default } from './Profile.jsx';
 
 export const routes = {
-  [types.onRouteProfile]: '/:username'
+  [types.onRouteProfile]: '/portfolio/:username'
 };

common/app/routes/Settings/Settings.jsx

@@ -89,7 +89,7 @@ export class Settings extends React.Component {
     return (
       <div className={ `${ns}-container` }>
         <FullWidthRow>
-          <Link to={ `/${username}` }>
+          <Link to={ `/portfolio/${username}` }>
             <Button
               block={ true }
               bsSize='lg'

common/models/user.js

@@ -234,7 +234,7 @@ module.exports = function(User) {
               throw wrapHandledError(
                 new Error('user already exists'),
                 {
-                  redirectTo: '/email-signin',
+                  redirectTo: '/signin',
                   message: dedent`
         The ${user.email} email address is already associated with an account.
         Try signing in with it here instead.

config/secrets.js

@@ -38,6 +38,7 @@ module.exports = {
     clientID: process.env.LINKEDIN_ID,
     clientSecret: process.env.LINKEDIN_SECRET,
     callbackURL: '/auth/linkedin/callback',
+    profileFields: ['public-profile-url'],
     scope: ['r_basicprofile', 'r_emailaddress'],
     passReqToCallback: true
   },

server/boot/authentication.js

@@ -31,6 +31,8 @@ module.exports = function enableAuthentication(app) {
 
   router.get('/login', (req, res) => res.redirect(301, '/signin'));
   router.get('/logout', (req, res) => res.redirect(301, '/signout'));
+  router.get('/signup', (req, res) => res.redirect(301, '/signin'));
+  router.get('/email-signin', (req, res) => res.redirect(301, '/signin'));
 
   function getEmailSignin(req, res) {
     if (isSignUpDisabled) {
@@ -43,9 +45,7 @@ module.exports = function enableAuthentication(app) {
     });
   }
 
-  router.get('/signup', ifUserRedirect, getEmailSignin);
   router.get('/signin', ifUserRedirect, getEmailSignin);
-  router.get('/email-signin', ifUserRedirect, getEmailSignin);
 
   router.get('/signout', (req, res) => {
     req.logout();
@@ -94,7 +94,7 @@ module.exports = function enableAuthentication(app) {
         {
           type: 'info',
           message: 'The email encoded in the link is incorrectly formatted',
-          redirectTo: '/email-sign'
+          redirectTo: '/signin'
         }
       ));
     }
@@ -107,7 +107,7 @@ module.exports = function enableAuthentication(app) {
             {
               type: 'info',
               message: defaultErrorMsg,
-              redirectTo: '/email-signin'
+              redirectTo: '/signin'
             }
           );
         }
@@ -121,7 +121,7 @@ module.exports = function enableAuthentication(app) {
                 {
                   type: 'info',
                   message: defaultErrorMsg,
-                  redirectTo: '/email-signin'
+                  redirectTo: '/signin'
                 }
               );
             }
@@ -132,7 +132,7 @@ module.exports = function enableAuthentication(app) {
                   {
                     type: 'info',
                     message: defaultErrorMsg,
-                    redirectTo: '/email-signin'
+                    redirectTo: '/signin'
                   }
                 );
               }
@@ -148,7 +148,7 @@ module.exports = function enableAuthentication(app) {
                         Looks like the link you clicked has expired,
                         please request a fresh link, to sign in.
                       `,
-                      redirectTo: '/email-signin'
+                      redirectTo: '/signin'
                     }
                   );
                 }
@@ -187,7 +187,7 @@ module.exports = function enableAuthentication(app) {
     '/passwordless-auth',
     ifUserRedirect,
     passwordlessGetValidators,
-    createValidatorErrorHandler('errors', '/email-signup'),
+    createValidatorErrorHandler('errors', '/signin'),
     getPasswordlessAuth
   );
 
@@ -215,7 +215,19 @@ module.exports = function enableAuthentication(app) {
         )
         .flatMap(user => user.requestAuthEmail(!_user))
       )
-      .do(msg => res.status(200).send({ message: msg }))
+      .do(msg => {
+        let redirectTo = '/';
+
+        if (
+          req.session &&
+          req.session.returnTo
+        ) {
+          redirectTo = req.session.returnTo;
+        }
+
+        req.flash('info', msg);
+        return res.redirect(redirectTo);
+      })
       .subscribe(_.noop, next);
   }
 
@@ -223,7 +235,7 @@ module.exports = function enableAuthentication(app) {
     '/passwordless-auth',
     ifUserRedirect,
     passwordlessPostValidators,
-    createValidatorErrorHandler('errors', '/email-signup'),
+    createValidatorErrorHandler('errors', '/signin'),
     postPasswordlessAuth
   );
 

server/boot/react.js

@@ -22,7 +22,7 @@ const routes = [
   '/map',
   '/settings',
   '/settings/*',
-  '/:username'
+  '/portfolio/:username'
 ];
 
 const devRoutes = [];

server/passport-providers.js

@@ -11,7 +11,7 @@ export default {
     passwordField: 'password',
     authPath: '/auth/local',
     successRedirect: successRedirect,
-    failureRedirect: '/email-signin',
+    failureRedirect: failureRedirect,
     session: true,
     failureFlash: true
   },
@@ -109,6 +109,7 @@ export default {
     failureRedirect: failureRedirect,
     clientID: process.env.LINKEDIN_ID,
     clientSecret: process.env.LINKEDIN_SECRET,
+    profileFields: ['public-profile-url'],
     scope: ['r_basicprofile', 'r_emailaddress'],
     authOptions: {
       state: process.env.LINKEDIN_STATE
@@ -126,6 +127,7 @@ export default {
     failureRedirect: linkFailureRedirect,
     clientID: process.env.LINKEDIN_ID,
     clientSecret: process.env.LINKEDIN_SECRET,
+    profileFields: ['public-profile-url'],
     scope: ['r_basicprofile', 'r_emailaddress'],
     authOptions: {
       state: process.env.LINKEDIN_STATE

server/views/account/deprecated-signin.jade

@@ -1,7 +1,7 @@
 extends ../layout
 block content
     .text-center
-        h2 If you original signed up using one of these methods, you can sign in and add your email address to your account:
+        h2 If you originally signed up using one of these methods, you can sign in and add your email address to your account:
         br
         a.btn.btn-lg.btn-block.btn-social.btn-github(href='/auth/github')
             i.fa.fa-github

server/views/partials/navbar.jade

@@ -29,7 +29,7 @@ nav.navbar.navbar-default.navbar-static-top.nav-height
                 a(href='https://www.freecodecamp.org/donate', target='_blank' rel='noopener') Donate
             if !user
                 li
-                    a(href='/signin') Sign Up
+                    a(href='/signin') Start Coding
             else
                 li
                   a(href='/settings') My Profile