✨ Added twitter login
This commit is contained in:
parent
4f04a6c494
commit
d9d3a4d8f9
@ -13,6 +13,9 @@ func Install(app *aero.Application) {
|
|||||||
// Facebook
|
// Facebook
|
||||||
InstallFacebookAuth(app)
|
InstallFacebookAuth(app)
|
||||||
|
|
||||||
|
// Twitter
|
||||||
|
InstallTwitterAuth(app)
|
||||||
|
|
||||||
// Logout
|
// Logout
|
||||||
app.Get("/logout", func(ctx *aero.Context) string {
|
app.Get("/logout", func(ctx *aero.Context) string {
|
||||||
if ctx.HasSession() {
|
if ctx.HasSession() {
|
||||||
|
174
auth/twitter.go
Normal file
174
auth/twitter.go
Normal file
@ -0,0 +1,174 @@
|
|||||||
|
package auth
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"github.com/aerogo/aero"
|
||||||
|
"github.com/animenotifier/arn"
|
||||||
|
"github.com/animenotifier/notify.moe/utils"
|
||||||
|
"github.com/gomodule/oauth1/oauth"
|
||||||
|
jsoniter "github.com/json-iterator/go"
|
||||||
|
"io/ioutil"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TwitterUser is the user data we receive from Twitter
|
||||||
|
type TwitterUser struct {
|
||||||
|
ID string `json:"id_str"`
|
||||||
|
Email string `json:"email"`
|
||||||
|
Name string `json:"name"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// InstallTwitterAuth enables Twitter login for the app.
|
||||||
|
func InstallTwitterAuth(app *aero.Application) {
|
||||||
|
// oauth1 configuration defines the API keys,
|
||||||
|
// the url for the request token, the access token and the authorisation.
|
||||||
|
config := &oauth.Client{
|
||||||
|
TemporaryCredentialRequestURI: "https://api.twitter.com/oauth/request_token",
|
||||||
|
ResourceOwnerAuthorizationURI: "https://api.twitter.com/oauth/authenticate",
|
||||||
|
TokenRequestURI: "https://api.twitter.com/oauth/access_token",
|
||||||
|
Credentials: oauth.Credentials{
|
||||||
|
Token: arn.APIKeys.Twitter.ID,
|
||||||
|
Secret: arn.APIKeys.Twitter.Secret,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
// When a user visits /auth/twitter, we ask OAuth1 to give us
|
||||||
|
// a request token and give us a URL to redirect the user to.
|
||||||
|
// Once the user has approved the application on that page,
|
||||||
|
// he'll be redirected back to our servers to the callback page.
|
||||||
|
app.Get("/auth/twitter", func(ctx *aero.Context) string {
|
||||||
|
callback := "https://" + ctx.App.Config.Domain + "/auth/twitter/callback"
|
||||||
|
tempCred, err := config.RequestTemporaryCredentials(nil, callback, nil)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("Error: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx.Session().Set("tempCred", tempCred)
|
||||||
|
url := config.AuthorizationURL(tempCred, nil)
|
||||||
|
return ctx.Redirect(url)
|
||||||
|
})
|
||||||
|
|
||||||
|
// This is the redirect URL that we specified in /auth/twitter.
|
||||||
|
// The user has allowed the application to have access to his data.
|
||||||
|
// Now we have to check for fraud requests and request user information.
|
||||||
|
// If both Twitter ID and email can't be found in our DB, register a new user.
|
||||||
|
// Otherwise, log in the user with the given Twitter ID or email.
|
||||||
|
app.Get("/auth/twitter/callback", func(ctx *aero.Context) string {
|
||||||
|
if !ctx.HasSession() {
|
||||||
|
return ctx.Error(http.StatusUnauthorized, "Twitter login failed", errors.New("Session does not exist"))
|
||||||
|
}
|
||||||
|
|
||||||
|
session := ctx.Session()
|
||||||
|
|
||||||
|
// get back the request token to get the access token
|
||||||
|
tempCred, _ := session.Get("tempCred").(*oauth.Credentials)
|
||||||
|
|
||||||
|
if tempCred == nil || tempCred.Token != ctx.Query("oauth_token") {
|
||||||
|
return ctx.Error(http.StatusBadRequest, "Unknown OAuth request token", nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the request token from twitter
|
||||||
|
tokenCred, _, err := config.RequestToken(nil, tempCred, ctx.Query("oauth_verifier"))
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return ctx.Error(http.StatusBadRequest, "Could not obtain OAuth access token", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fetch user data from Twitter
|
||||||
|
resp, err := config.Get(nil, tokenCred, "https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true1skip_status=true", nil)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return ctx.Error(http.StatusBadRequest, "Failed requesting user data from Twitter", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
defer resp.Body.Close()
|
||||||
|
body, _ := ioutil.ReadAll(resp.Body)
|
||||||
|
|
||||||
|
// Construct a TwitterUser object
|
||||||
|
twUser := TwitterUser{}
|
||||||
|
err = jsoniter.Unmarshal(body, &twUser)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return ctx.Error(http.StatusBadRequest, "Failed parsing user data (JSON)", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Change googlemail.com to gmail.com
|
||||||
|
twUser.Email = strings.Replace(twUser.Email, "googlemail.com", "gmail.com", 1)
|
||||||
|
|
||||||
|
// Is this an existing user connecting another social account?
|
||||||
|
user := utils.GetUser(ctx)
|
||||||
|
|
||||||
|
if user != nil {
|
||||||
|
// Add TwitterToUser reference
|
||||||
|
user.ConnectTwitter(twUser.ID)
|
||||||
|
|
||||||
|
// Save in DB
|
||||||
|
user.Save()
|
||||||
|
|
||||||
|
// Log
|
||||||
|
authLog.Info("Added Twitter ID to existing account", user.ID, user.Nick, ctx.RealIP(), user.Email, user.RealName())
|
||||||
|
|
||||||
|
return ctx.Redirect("/")
|
||||||
|
}
|
||||||
|
|
||||||
|
var getErr error
|
||||||
|
|
||||||
|
// Try to find an existing user via the Twitter user ID
|
||||||
|
user, getErr = arn.GetUserByTwitterID(twUser.ID)
|
||||||
|
|
||||||
|
if getErr == nil && user != nil {
|
||||||
|
authLog.Info("User logged in via Twitter ID", user.ID, user.Nick, ctx.RealIP(), user.Email, user.RealName())
|
||||||
|
|
||||||
|
user.LastLogin = arn.DateTimeUTC()
|
||||||
|
user.Save()
|
||||||
|
|
||||||
|
session.Set("userId", user.ID)
|
||||||
|
return ctx.Redirect("/")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Try to find an existing user via the associated e-mail address
|
||||||
|
user, getErr = arn.GetUserByEmail(twUser.Email)
|
||||||
|
|
||||||
|
if getErr == nil && user != nil {
|
||||||
|
authLog.Info("User logged in via Email", user.ID, user.Nick, ctx.RealIP(), user.Email, user.RealName())
|
||||||
|
|
||||||
|
user.LastLogin = arn.DateTimeUTC()
|
||||||
|
user.Save()
|
||||||
|
|
||||||
|
session.Set("userId", user.ID)
|
||||||
|
return ctx.Redirect("/")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Register new user
|
||||||
|
user = arn.NewUser()
|
||||||
|
user.Nick = "tw" + twUser.ID
|
||||||
|
user.Email = twUser.Email
|
||||||
|
// The full name is in Name and separated like other services
|
||||||
|
user.FirstName = twUser.Name
|
||||||
|
user.LastLogin = arn.DateTimeUTC()
|
||||||
|
|
||||||
|
// Save basic user info already to avoid data inconsistency problems
|
||||||
|
user.Save()
|
||||||
|
|
||||||
|
// Register user
|
||||||
|
arn.RegisterUser(user)
|
||||||
|
|
||||||
|
// Connect account to a Twitter account
|
||||||
|
user.ConnectTwitter(twUser.ID)
|
||||||
|
|
||||||
|
// Save user object again with updated data
|
||||||
|
user.Save()
|
||||||
|
|
||||||
|
// Login
|
||||||
|
session.Set("userId", user.ID)
|
||||||
|
|
||||||
|
// Log
|
||||||
|
authLog.Info("Registered new user via Twitter", user.ID, user.Nick, ctx.RealIP(), user.Email, user.RealName())
|
||||||
|
|
||||||
|
// Redirect to starting page for new users
|
||||||
|
return ctx.Redirect(newUserStartRoute)
|
||||||
|
})
|
||||||
|
}
|
@ -78,3 +78,9 @@ const frontpage-bg-color = rgb(32, 32, 32)
|
|||||||
|
|
||||||
:hover
|
:hover
|
||||||
background hsl(222, 67%, 47%)
|
background hsl(222, 67%, 47%)
|
||||||
|
|
||||||
|
.login-button-twitter
|
||||||
|
background hsl(203, 89%, 53%)
|
||||||
|
|
||||||
|
:hover
|
||||||
|
background hsl(203, 89%, 58%)
|
@ -9,3 +9,8 @@ component Login(target string)
|
|||||||
a.login-button.login-button-facebook(href="/auth/facebook", target=target, data-ajax="false")
|
a.login-button.login-button-facebook(href="/auth/facebook", target=target, data-ajax="false")
|
||||||
Icon("facebook")
|
Icon("facebook")
|
||||||
span Sign in via Facebook
|
span Sign in via Facebook
|
||||||
|
|
||||||
|
if arn.APIKeys.Twitter.Secret != ""
|
||||||
|
a.login-button.login-button-twitter(href="/auth/twitter", target=target, data-ajax="false")
|
||||||
|
Icon("twitter")
|
||||||
|
span Sign in via Twitter
|
@ -51,6 +51,17 @@ component SettingsAccounts(user *arn.User)
|
|||||||
Icon("circle-o")
|
Icon("circle-o")
|
||||||
span Not connected
|
span Not connected
|
||||||
|
|
||||||
|
.widget-section.social-account
|
||||||
|
label(for="twitter") Twitter:
|
||||||
|
|
||||||
|
a#twitter.button.social-account-button(href="/auth/twitter", data-ajax="false")
|
||||||
|
if user.Accounts.Twitter.ID != ""
|
||||||
|
Icon("check")
|
||||||
|
span Connected
|
||||||
|
else
|
||||||
|
Icon("circle-o")
|
||||||
|
span Not connected
|
||||||
|
|
||||||
.widget.mountable
|
.widget.mountable
|
||||||
h3.widget-title
|
h3.widget-title
|
||||||
Icon("download")
|
Icon("download")
|
||||||
|
@ -418,6 +418,8 @@ var routeTests = map[string][]string{
|
|||||||
"/auth/google/callback": nil,
|
"/auth/google/callback": nil,
|
||||||
"/auth/facebook": nil,
|
"/auth/facebook": nil,
|
||||||
"/auth/facebook/callback": nil,
|
"/auth/facebook/callback": nil,
|
||||||
|
"/auth/twitter": nil,
|
||||||
|
"/auth/twitter/callback": nil,
|
||||||
"/dashboard": nil,
|
"/dashboard": nil,
|
||||||
"/import": nil,
|
"/import": nil,
|
||||||
"/import/anilist/animelist": nil,
|
"/import/anilist/animelist": nil,
|
||||||
|
Loading…
Reference in New Issue
Block a user