-
Notifications
You must be signed in to change notification settings - Fork 0
/
twitter-auth.js
110 lines (93 loc) · 4.18 KB
/
twitter-auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
const express = require('express');
const session = require('express-session');
const axios = require('axios');
require('dotenv').config();
const fs = require('fs');
const app = express();
const PORT = process.env.PORT || 3000;
// Set up session to store tokens temporarily
app.use(session({
name: 'twitter-auth-session',
secret: 'your-session-secret', // Use a secure secret in production
resave: false,
saveUninitialized: true,
}));
// At the start of your server setup
console.log(`Using Client ID: ${process.env.TWITTER_CLIENT_ID}`);
if (!process.env.TWITTER_CLIENT_ID) {
console.error('TWITTER_CLIENT_ID is not set. Check your .env file and environment variables.');
process.exit(1);
}
// Route to initiate Twitter authentication
app.get('/auth/twitter', (req, res) => {
const authUrl = `https://twitter.com/i/oauth2/authorize?response_type=code&client_id=${encodeURIComponent(process.env.TWITTER_CLIENT_ID)}&redirect_uri=${encodeURIComponent(process.env.TWITTER_CALLBACK_URL)}&scope=${encodeURIComponent('tweet.read tweet.write users.read offline.access')}&state=state123&code_challenge=challenge&code_challenge_method=plain`;
res.redirect(authUrl);
});
// Callback route where Twitter will redirect after authentication
app.get('/callback', async (req, res) => {
const { code } = req.query;
if (!code) {
res.status(400).send('Authorization code not found.');
return;
}
try {
// Exchange the authorization code for tokens
const response = await axios.post('https://api.twitter.com/2/oauth2/token', null, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Authorization: `Basic ${Buffer.from(`${process.env.TWITTER_CLIENT_ID}:${process.env.TWITTER_CLIENT_SECRET}`).toString('base64')}`,
},
params: {
grant_type: 'authorization_code',
code,
redirect_uri: process.env.TWITTER_CALLBACK_URL,
code_verifier: 'challenge',
},
});
const tokens = response.data;
// Save tokens to session
req.session.tokenSet = tokens;
// Save tokens to file
fs.writeFileSync('./data/token.json', JSON.stringify(tokens, null, 2));
// Display the tokens (including refresh token)
res.send(`Authentication successful! Token: <pre>${JSON.stringify(tokens, null, 2)}</pre>`);
} catch (error) {
console.error('Failed to exchange authorization code for tokens:', error.response ? error.response.data : error.message);
res.status(500).send('Authentication failed');
}
});
// Route to refresh the token
app.get('/refresh', async (req, res) => {
const refreshToken = req.session.tokenSet?.refresh_token;
if (!refreshToken) {
res.status(400).send('Refresh token not found. Please authenticate again.');
return;
}
try {
const clientId = process.env.TWITTER_CLIENT_ID;
console.log(`Attempting to refresh token using Client ID: ${clientId}`);
const response = await axios.post('https://api.twitter.com/2/oauth2/token', null, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Authorization: `Basic ${Buffer.from(`${clientId}:${process.env.TWITTER_CLIENT_SECRET}`).toString('base64')}`,
},
params: {
grant_type: 'refresh_token',
refresh_token: refreshToken,
client_id: clientId,
},
});
const newTokens = response.data;
req.session.tokenSet = newTokens;
fs.writeFileSync('./data/token.json', JSON.stringify(newTokens, null, 2));
res.send(`Token refreshed! New Token: <pre>${JSON.stringify(newTokens, null, 2)}</pre>`);
} catch (error) {
console.error('Failed to refresh token:', error.response ? error.response.data : error.message);
res.status(500).send('Failed to refresh token');
}
});
// Start the Express server
app.listen(PORT, () => {
console.log(`Server is running on http://localhost:${PORT}`);
console.log(`Please visit http://localhost:${PORT}/auth/twitter to authenticate with Twitter.`);
});