Added github auth

krushiraj · krushiraj · commit cd7e1bb8d795 · 2019-11-26T11:48:06.000+05:30
diff --git a/src/resolvers/authentication/github.js b/src/resolvers/authentication/github.js
@@ -1,22 +1,43 @@
 import passport from 'passport'
 import { Strategy as GitHubStrategy } from 'passport-github'
-import { User } from "../../models";
 
-const {
-  GITHUB_CLIENT_ID,
-  GITHUB_CLIENT_SECRET
-} = process.env
+import models from '../../models'
+import { GIT_CONFIG } from '../../utils/constants'
 
-const GIT_CONFIG = {
-  clientID: GITHUB_CLIENT_ID,
-  clientSecret: GITHUB_CLIENT_SECRET,
-  callbackURL: "http://127.0.0.1:8000/auth/github/callback"
-}
+passport.serializeUser((user, done) => {
+  done(null, user)
+})
+
+passport.deserializeUser((user, done) => {
+  done(null, user)
+})
 
 passport.use(
-  new GitHubStrategy(GIT_CONFIG, (accessToken, refreshToken, profile, cb) => {
-    User.findOrCreate({ githubId: profile.id }, function(err, user) {
-      return cb(err, user);
-    });
-  })
-);
+  new GitHubStrategy(
+    GIT_CONFIG,
+    async (accessToken, refreshToken, profile, cb) => {
+      const data = profile['_json']
+      if (data['type'] === 'User') {
+        const [user, created] = await models.User.findOrCreate({
+          where: {
+            email: data.email
+          },
+          defaults: {
+            profilePic: data.avatar_url,
+            name: data.name,
+            username: data.login,
+            gitProfile: profile.profileUrl
+          }
+        })
+        return cb(
+          created || user
+            ? null
+            : new Error('There was an error during authentication.'),
+          user
+        )
+      } else {
+        throw TypeError('The Github profile must belong to a User.')
+      }
+    }
+  )
+)
diff --git a/src/resolvers/authentication/index.js b/src/resolvers/authentication/index.js
@@ -1,13 +1,67 @@
 import passport from 'passport'
+import session from 'express-session'
+import jwt from 'jsonwebtoken'
 
 import './github'
+import { TOKEN_EXPIRES_IN, JWT_SECRET } from '../../utils/constants'
 
-export default (app) => {
-  app.get("/auth/:strategy", (req, res) =>
-    passport.authenticate(req.params.strategy)(req, res)
-  );
+const generateOrRefreshToken = async (req, res) => {
+  let token = req.headers['x-token'] || 'NO_TOKEN'
+  let newToken = false
+  const auth = req.isAuthenticated()
+  if (auth) {
+    try {
+      const user = await jwt.verify(token, JWT_SECRET)
+      if (user.id !== req.user.id) {
+        throw new EvalError('Token courrpted. Please get a new one.')
+      }
+    } catch (e) {
+      token = await jwt.sign(
+        {
+          id: req.user.id,
+          email: req.user.email
+        },
+        JWT_SECRET,
+        {
+          expiresIn: TOKEN_EXPIRES_IN
+        }
+      )
+      newToken = true
+    }
+  }
+  res.send({
+    auth,
+    newToken,
+    token
+  })
+}
 
-  app.post("/auth/:strategy/callback", (req, res) =>
-    passport.authenticate(req.params.strategy)(req, res)
-  );
-}
+export default app => {
+  app.use(
+    session({
+      secret: 'session-secret',
+      saveUninitialized: true,
+      resave: false
+    })
+  )
+
+  app.use(passport.initialize())
+
+  app.use(passport.session())
+
+  app.get('/auth/:strategy', (req, res, next) =>
+    passport.authenticate(req.params.strategy)(req, res, next)
+  )
+
+  app.get('/auth/:strategy/callback', (req, res, next) => {
+    if (req.query.success) {
+      generateOrRefreshToken(req, res, next)
+    } else {
+      const strategy = req.params.strategy
+      passport.authenticate(strategy, {
+        failureRedirect: `/auth/${strategy}/callback?success=false`,
+        successRedirect: `/auth/${strategy}/callback?success=true`
+      })(req, res, next)
+    }
+  })
+}
diff --git a/src/resolvers/authorization.js b/src/resolvers/authorization.js
@@ -1,13 +1,13 @@
-import { ForbiddenError } from 'apollo-server';
-import { combineResolvers, skip } from 'graphql-resolvers';
+import { ForbiddenError } from 'apollo-server'
+import { combineResolvers, skip } from 'graphql-resolvers'
 
 export const isAuthenticated = (parent, args, { loggedInUser }) =>
-  loggedInUser ? skip : new ForbiddenError('Not authenticated as user.');
+  loggedInUser ? skip : new ForbiddenError('Not authenticated as user.')
 
 export const isSelfDeleteAuth = combineResolvers(
   isAuthenticated,
   (parent, { id }, { loggedInUser }) =>
     id === loggedInUser.id
       ? skip
-      : new ForbiddenError('Not authorized as admin.'),
+      : new ForbiddenError('Not authorized as admin.')
 )
diff --git a/src/resolvers/user.js b/src/resolvers/user.js
@@ -1,15 +1,16 @@
-import jwt from 'jsonwebtoken'
 import { combineResolvers } from 'graphql-resolvers'
-import { AuthenticationError, UserInputError } from 'apollo-server'
 
 import { isSelfDeleteAuth, isAuthenticated } from './authorization'
 
-const createToken = async (user, secret, expiresIn) => {
-  const { id, email } = user
-  return await jwt.sign({ id, email }, secret, {
-    expiresIn
-  })
-}
+/*
+User - Base user model used in profiles feature
+
+Extends each new profile for each feature.
+
+- Add new queries under Query
+- Whenever a new extension added please add it as field under User
+- Add necessary mutations if needed.
+*/
 
 export default {
   Query: {
@@ -18,82 +19,64 @@ export default {
       return allUsers
     },
     userById: async (parent, { id }, { models }) => {
-      return await models.User.findByPk(id)
+      const user = await models.User.findByPk(id)
+      return user
     },
     userByEmail: async (parent, { email }, { models }) => {
-      return await models.User.findOne({
+      const user = await models.User.findOne({
         where: {
           email
         }
       })
+      return user
     },
     currentUser: async (parent, args, { models, loggedInUser }) => {
       if (!loggedInUser) {
-        return null;
+        return null
       }
 
-      return await models.User.findByPk(loggedInUser.id);
+      const currentUser = await models.User.findByPk(loggedInUser.id)
+      return currentUser
     }
   },
 
   Mutation: {
-    signUp: async (parent, { email, password }, { models, secret }) => {
-      const user = await models.User.create({
-        email,
-        password
-      });
-
-      return { token: createToken(user, secret, "30m") };
-    },
-
-    signIn: async (parent, { login, password }, { models, secret }) => {
-      const user = await models.User.findByLogin(login);
-
-      if (!user) {
-        throw new UserInputError("No user found with this login credentials.");
-      }
-
-      const isValid = await user.validatePassword(password);
-
-      if (!isValid) {
-        throw new AuthenticationError("Invalid password.");
-      }
-
-      return { token: createToken(user, secret, "30m") };
-    },
-
     updateUser: combineResolvers(
       isAuthenticated,
       async (parent, args, { models, loggedInUser }) => {
-        const user = await models.User.findByPk(loggedInUser.id);
-        return await user.update({ ...args });
+        const user = await models.User.findByPk(loggedInUser.id)
+        const updatedUser = await user.update({ ...args })
+        return updatedUser
       }
     ),
 
     deleteUser: combineResolvers(
       isSelfDeleteAuth,
       async (parent, { id }, { models }) => {
-        return await models.User.destroy({
+        const isDestroyed = await models.User.destroy({
           where: { id }
-        });
+        })
+        return isDestroyed
       }
     )
   },
 
   User: {
     socialProfile: async (user, args, { models }) => {
-      return await models.SocialProfile.findOne({
+      const socialProfile = await models.SocialProfile.findOne({
         where: {
           userId: user.id
         }
-      });
+      })
+      return socialProfile
     },
     eventProfile: async (user, args, { models }) => {
-      return await models.EventProfile.findOne({
+      const eventProfile = await models.EventProfile.findOne({
         where: {
           userId: user.id
         }
-      });
+      })
+      return eventProfile
     }
   }
-};
+}
