mirror of
https://github.com/filecoin-project/slate.git
synced 2024-11-27 10:52:41 +03:00
feat(account-linking): add twitter account linking endpoints
This commit is contained in:
Aminejv
parent
1554711b86
commit
4b9333efb8
108
pages/api/twitter/link-with-verification.js
Normal file
108
pages/api/twitter/link-with-verification.js
Normal file
@ -0,0 +1,108 @@
|
||||
import * as Environment from "~/node_common/environment";
|
||||
import * as Data from "~/node_common/data";
|
||||
import * as Utilities from "~/node_common/utilities";
|
||||
import * as Strings from "~/common/strings";
|
||||
import * as Validations from "~/common/validations";
|
||||
import * as Constants from "~/common/constants";
|
||||
|
||||
export default async (req, res) => {
|
||||
if (!Strings.isEmpty(Environment.ALLOWED_HOST) && req.headers.host !== Environment.ALLOWED_HOST) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_OAUTH_NOT_ALLOWED", error: true });
|
||||
}
|
||||
|
||||
if (!Validations.username(req.body.data.username)) {
|
||||
return res.status(500).send({ decorator: "SERVER_CREATE_USER_INVALID_USERNAME", error: true });
|
||||
}
|
||||
|
||||
if (!Validations.legacyPassword(req.body.data.password)) {
|
||||
return res.status(500).send({ decorator: "SERVER_CREATE_USER_INVALID_USERNAME", error: true });
|
||||
}
|
||||
|
||||
if (Strings.isEmpty(req.body.data.token)) {
|
||||
return res.status(500).send({ decorator: "SERVER_TWITTER_OAUTH_NO_OAUTH_TOKEN", error: true });
|
||||
}
|
||||
|
||||
if (!Validations.verificationPin(req.body.data.pin)) {
|
||||
return res
|
||||
.status(500)
|
||||
.send({ decorator: "SERVER_EMAIL_VERIFICATION_INVALID_PIN", error: true });
|
||||
}
|
||||
|
||||
const { token, password, username, pin } = req.body.data;
|
||||
|
||||
const user = await Data.getUserByUsername({
|
||||
username: username.toLowerCase(),
|
||||
});
|
||||
|
||||
if (!user || user.error) {
|
||||
return res
|
||||
.status(!user ? 404 : 500)
|
||||
.send({ decorator: "SERVER_SIGN_IN_USER_NOT_FOUND", error: true });
|
||||
}
|
||||
|
||||
// Note(amine): Twitter users won't have a password,
|
||||
// we should think in the future how to handle this use case
|
||||
if ((!user.salt || !user.password) && user.twitterId) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_ALREADY_LINKED", error: true });
|
||||
}
|
||||
|
||||
const hash = await Utilities.encryptPassword(password, user.salt);
|
||||
if (hash !== user.password) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_WRONG_CREDENTIALS", error: true });
|
||||
}
|
||||
|
||||
const verification = await Data.getVerificationBySid({
|
||||
sid: token,
|
||||
});
|
||||
|
||||
if (!verification) {
|
||||
return res.status(404).send({ decorator: "SERVER_EMAIL_VERIFICATION_FAILED", error: true });
|
||||
}
|
||||
|
||||
if (verification.error) {
|
||||
return res.status(404).send({ decorator: "SERVER_EMAIL_VERIFICATION_FAILED", error: true });
|
||||
}
|
||||
|
||||
const isTokenExpired =
|
||||
new Date() - new Date(verification.createdAt) > Constants.TOKEN_EXPIRATION_TIME;
|
||||
if (isTokenExpired) {
|
||||
return res.status(401).send({ decorator: "SERVER_EMAIL_VERIFICATION_FAILED", error: true });
|
||||
}
|
||||
|
||||
if (verification.type !== "email_twitter_verification") {
|
||||
return res.status(401).send({ decorator: "SERVER_EMAIL_VERIFICATION_FAILED", error: true });
|
||||
}
|
||||
|
||||
if (verification.pin !== pin) {
|
||||
return res
|
||||
.status(401)
|
||||
.send({ decorator: "SERVER_EMAIL_VERIFICATION_INVALID_PIN", error: true });
|
||||
}
|
||||
|
||||
const twitterUser = await Data.getTwitterToken({ token: verification.twitterToken });
|
||||
if (!twitterUser) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
|
||||
if (!twitterUser) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
|
||||
const updates = await Data.updateUserById({
|
||||
id: user.id,
|
||||
lastActive: new Date(),
|
||||
email: verification.email,
|
||||
twitterId: twitterUser.id_str,
|
||||
data: {
|
||||
twitter: {
|
||||
username: twitterUser.screen_name,
|
||||
verified: twitterUser.verified,
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
if (updates.error) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
return res.status(200).send({ decorator: "SERVER_TWITTER_LINKING" });
|
||||
};
|
||||
74
pages/api/twitter/link.js
Normal file
74
pages/api/twitter/link.js
Normal file
@ -0,0 +1,74 @@
|
||||
import * as Environment from "~/node_common/environment";
|
||||
import * as Data from "~/node_common/data";
|
||||
import * as Utilities from "~/node_common/utilities";
|
||||
import * as Strings from "~/common/strings";
|
||||
import * as Validations from "~/common/validations";
|
||||
|
||||
export default async (req, res) => {
|
||||
if (!Strings.isEmpty(Environment.ALLOWED_HOST) && req.headers.host !== Environment.ALLOWED_HOST) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_OAUTH_NOT_ALLOWED", error: true });
|
||||
}
|
||||
|
||||
if (Strings.isEmpty(req.body.data.token)) {
|
||||
return res.status(500).send({ decorator: "SERVER_TWITTER_OAUTH_NO_OAUTH_TOKEN", error: true });
|
||||
}
|
||||
|
||||
if (!Validations.username(req.body?.data?.username)) {
|
||||
return res.status(400).send({ decorator: "SERVER_CREATE_USER_INVALID_USERNAME", error: true });
|
||||
}
|
||||
|
||||
if (!Validations.legacyPassword(req.body?.data?.password)) {
|
||||
return res
|
||||
.status(400)
|
||||
.send({ decorator: "SERVER_CREATE_VERIFICATION_INVALID_PASSWORD", error: true });
|
||||
}
|
||||
|
||||
const { username, password, token } = req.body.data;
|
||||
|
||||
const user = await Data.getUserByUsername({
|
||||
username: username.toLowerCase(),
|
||||
});
|
||||
|
||||
if (!user || user.error) {
|
||||
return res
|
||||
.status(!user ? 404 : 500)
|
||||
.send({ decorator: "SERVER_SIGN_IN_USER_NOT_FOUND", error: true });
|
||||
}
|
||||
|
||||
// Note(amine): Twitter users won't have a password,
|
||||
// we should think in the future how to handle this use case
|
||||
if ((!user.salt || !user.password) && user.twitterId) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_ALREADY_LINKED", error: true });
|
||||
}
|
||||
|
||||
const hash = await Utilities.encryptPassword(password, user.salt);
|
||||
if (hash !== user.password) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_WRONG_CREDENTIALS", error: true });
|
||||
}
|
||||
|
||||
if (!user.email) {
|
||||
return res.status(200).send({ shouldMigrate: true });
|
||||
}
|
||||
|
||||
const twitterUser = await Data.getTwitterToken({ token: token });
|
||||
if (!twitterUser) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
|
||||
const updates = await Data.updateUserById({
|
||||
id: user.id,
|
||||
lastActive: new Date(),
|
||||
twitterId: twitterUser.id_str,
|
||||
data: {
|
||||
twitter: {
|
||||
username: twitterUser.screen_name,
|
||||
verified: twitterUser.verified,
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
if (updates.error) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
return res.status(200).send({ decorator: "SERVER_TWITTER_LINKING" });
|
||||
};
|
||||
Loading…
Reference in New Issue
Block a user