195 lines
6.0 KiB
Go
Raw Permalink Normal View History

2019-02-08 20:31:59 +00:00
package auth
import (
"errors"
"fmt"
2019-02-25 03:01:53 +00:00
"io/ioutil"
"net/http"
"net/url"
2019-02-25 03:01:53 +00:00
"strings"
2019-02-08 20:31:59 +00:00
"github.com/aerogo/aero"
2019-11-17 07:48:27 +00:00
"github.com/aerogo/log"
2019-06-03 09:32:43 +00:00
"github.com/animenotifier/notify.moe/arn"
2019-06-01 04:55:49 +00:00
"github.com/animenotifier/notify.moe/assets"
2019-02-08 20:31:59 +00:00
"github.com/gomodule/oauth1/oauth"
jsoniter "github.com/json-iterator/go"
)
// TwitterUser is the user data we receive from Twitter
type TwitterUser struct {
2019-03-05 06:44:48 +00:00
ID string `json:"id_str"`
Email string `json:"email"`
Name string `json:"name"`
Description string `json:"description"`
ScreenName string `json:"screen_name"`
2019-02-08 20:31:59 +00:00
}
2019-11-17 07:48:27 +00:00
// Twitter enables Twitter login for the app.
func Twitter(app *aero.Application, authLog *log.Log) {
2019-02-08 20:31:59 +00:00
// oauth1 configuration defines the API keys,
// the url for the request token, the access token and the authorisation.
config := &oauth.Client{
TemporaryCredentialRequestURI: "https://api.twitter.com/oauth/request_token",
ResourceOwnerAuthorizationURI: "https://api.twitter.com/oauth/authenticate",
TokenRequestURI: "https://api.twitter.com/oauth/access_token",
Credentials: oauth.Credentials{
Token: arn.APIKeys.Twitter.ID,
Secret: arn.APIKeys.Twitter.Secret,
},
}
// When a user visits /auth/twitter, we ask OAuth1 to give us
// a request token and give us a URL to redirect the user to.
// Once the user has approved the application on that page,
// he'll be redirected back to our servers to the callback page.
2019-06-01 04:55:49 +00:00
app.Get("/auth/twitter", func(ctx aero.Context) error {
callback := "https://" + assets.Domain + "/auth/twitter/callback"
2019-02-08 20:31:59 +00:00
tempCred, err := config.RequestTemporaryCredentials(nil, callback, nil)
if err != nil {
fmt.Printf("Error: %s", err)
}
ctx.Session().Set("tempCred", tempCred)
url := config.AuthorizationURL(tempCred, nil)
2019-06-03 06:06:57 +00:00
return ctx.Redirect(http.StatusTemporaryRedirect, url)
2019-02-08 20:31:59 +00:00
})
// This is the redirect URL that we specified in /auth/twitter.
// The user has allowed the application to have access to his data.
// Now we have to check for fraud requests and request user information.
// If both Twitter ID and email can't be found in our DB, register a new user.
// Otherwise, log in the user with the given Twitter ID or email.
2019-06-01 04:55:49 +00:00
app.Get("/auth/twitter/callback", func(ctx aero.Context) error {
2019-02-08 20:31:59 +00:00
if !ctx.HasSession() {
return ctx.Error(http.StatusUnauthorized, "Twitter login failed", errors.New("Session does not exist"))
}
session := ctx.Session()
2019-02-25 03:01:53 +00:00
// Get back the request token to get the access token
2019-02-08 20:31:59 +00:00
tempCred, _ := session.Get("tempCred").(*oauth.Credentials)
2019-05-16 10:15:37 +00:00
session.Delete("tempCred")
2019-02-08 20:31:59 +00:00
if tempCred == nil || tempCred.Token != ctx.Query("oauth_token") {
return ctx.Error(http.StatusBadRequest, "Unknown OAuth request token", nil)
}
// Get the request token from twitter
tokenCred, _, err := config.RequestToken(nil, tempCred, ctx.Query("oauth_verifier"))
if err != nil {
return ctx.Error(http.StatusBadRequest, "Could not obtain OAuth access token", err)
}
// Fetch user data from Twitter
2019-03-04 02:33:08 +00:00
params := url.Values{
"include_email": {"true"},
"skip_status": {"true"},
}
response, err := config.Get(nil, tokenCred, "https://api.twitter.com/1.1/account/verify_credentials.json", params)
2019-02-08 20:31:59 +00:00
if err != nil {
return ctx.Error(http.StatusBadRequest, "Failed requesting user data from Twitter", err)
}
2019-03-04 02:33:08 +00:00
defer response.Body.Close()
body, _ := ioutil.ReadAll(response.Body)
2019-03-05 06:44:48 +00:00
fmt.Println(string(body))
2019-02-08 20:31:59 +00:00
// Construct a TwitterUser object
twUser := TwitterUser{}
err = jsoniter.Unmarshal(body, &twUser)
if err != nil {
return ctx.Error(http.StatusBadRequest, "Failed parsing user data (JSON)", err)
}
// Change googlemail.com to gmail.com
twUser.Email = strings.Replace(twUser.Email, "googlemail.com", "gmail.com", 1)
// Is this an existing user connecting another social account?
2019-11-17 07:59:34 +00:00
user := arn.GetUserFromContext(ctx)
2019-02-08 20:31:59 +00:00
if user != nil {
// Add TwitterToUser reference
user.ConnectTwitter(twUser.ID)
// Save in DB
2019-03-05 06:44:48 +00:00
user.Accounts.Twitter.Nick = twUser.ScreenName
2019-02-08 20:31:59 +00:00
user.Save()
// Log
2019-06-01 04:55:49 +00:00
authLog.Info("Added Twitter ID to existing account | %s | %s | %s | %s | %s", user.Nick, user.ID, ctx.IP(), user.Email, user.RealName())
2019-02-08 20:31:59 +00:00
2019-06-03 06:06:57 +00:00
return ctx.Redirect(http.StatusTemporaryRedirect, "/")
2019-02-08 20:31:59 +00:00
}
var getErr error
// Try to find an existing user via the Twitter user ID
user, getErr = arn.GetUserByTwitterID(twUser.ID)
if getErr == nil && user != nil {
2019-06-01 04:55:49 +00:00
authLog.Info("User logged in via Twitter ID | %s | %s | %s | %s | %s", user.Nick, user.ID, ctx.IP(), user.Email, user.RealName())
2019-02-08 20:31:59 +00:00
user.LastLogin = arn.DateTimeUTC()
user.Save()
session.Set("userId", user.ID)
2019-06-03 06:06:57 +00:00
return ctx.Redirect(http.StatusTemporaryRedirect, "/")
2019-02-08 20:31:59 +00:00
}
// Try to find an existing user via the associated e-mail address
user, getErr = arn.GetUserByEmail(twUser.Email)
if getErr == nil && user != nil {
2019-06-01 04:55:49 +00:00
authLog.Info("User logged in via Email | %s | %s | %s | %s | %s", user.Nick, user.ID, ctx.IP(), user.Email, user.RealName())
2019-02-08 20:31:59 +00:00
// Add TwitterToUser reference
user.ConnectTwitter(twUser.ID)
2019-03-05 06:44:48 +00:00
user.Accounts.Twitter.Nick = twUser.ScreenName
2019-02-08 20:31:59 +00:00
user.LastLogin = arn.DateTimeUTC()
user.Save()
session.Set("userId", user.ID)
2019-06-03 06:06:57 +00:00
return ctx.Redirect(http.StatusTemporaryRedirect, "/")
2019-02-08 20:31:59 +00:00
}
// Register new user
user = arn.NewUser()
user.Nick = "tw" + twUser.ID
user.Email = twUser.Email
user.LastLogin = arn.DateTimeUTC()
2019-02-25 03:01:53 +00:00
user.FirstName = twUser.Name
2019-02-08 20:31:59 +00:00
// Save basic user info already to avoid data inconsistency problems
user.Save()
// Register user
arn.RegisterUser(user)
// Connect account to a Twitter account
user.ConnectTwitter(twUser.ID)
2019-03-05 06:44:48 +00:00
// Copy fields
user.Accounts.Twitter.Nick = twUser.ScreenName
user.Introduction = twUser.Description
2019-02-08 20:31:59 +00:00
// Save user object again with updated data
user.Save()
// Login
session.Set("userId", user.ID)
// Log
2019-06-01 04:55:49 +00:00
authLog.Info("Registered new user via Twitter | %s | %s | %s | %s | %s", user.Nick, user.ID, ctx.IP(), user.Email, user.RealName())
2019-02-08 20:31:59 +00:00
// Redirect to starting page for new users
2019-06-03 06:06:57 +00:00
return ctx.Redirect(http.StatusTemporaryRedirect, newUserStartRoute)
2019-02-08 20:31:59 +00:00
})
}