From a1218f0a64135da684ab119aa1adf30f78723b6e Mon Sep 17 00:00:00 2001 From: brMonteiro-G Date: Wed, 15 Nov 2023 11:35:46 -0300 Subject: [PATCH 1/3] hotfix: workaround login issue --- app/setup/oauth.js | 160 +++++++++++++++++++++++++++------------------ 1 file changed, 97 insertions(+), 63 deletions(-) diff --git a/app/setup/oauth.js b/app/setup/oauth.js index c977f9f5..c616219c 100644 --- a/app/setup/oauth.js +++ b/app/setup/oauth.js @@ -6,119 +6,153 @@ const App = require('@/app') module.exports = async (app) => { app.server - .use(session({ secret: app.config.GRANT_SECRET, saveUninitialized: true, resave: true })) + .use( + session({ + secret: app.config.GRANT_SECRET, + saveUninitialized: true, + resave: true, + }) + ) .use(grant(app.config.GRANT_CONFIG)) .get('/oauth/facebook', app.helpers.routes.func(facebook)) .get('/oauth/google', app.helpers.routes.func(google)) } -async function facebook (context) { - const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) +async function facebook(context) { + // const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) - const accessToken = context.query.access_token - const url = `https://graph.facebook.com/me?fields=id,name,email,picture.width(640)&metadata=1&access_token=${accessToken}` - const resp = await Axios.get(url) + // const accessToken = context.query.access_token + // const url = `https://graph.facebook.com/me?fields=id,name,email,picture.width(640)&metadata=1&access_token=${accessToken}` + // const resp = await Axios.get(url) - const faceUser = resp.data - - if(!faceUser.id) { - throw new Error('Missing faceUser.id') - } + // const faceUser = resp.data - const findConditions = [ - { 'oauth.facebook': faceUser.id } - ] + // if(!faceUser.id) { + // throw new Error('Missing faceUser.id') + // } - if (userId) { - findConditions.push({ _id: userId.split('?')[0] }) - } + // const findConditions = [ + // { 'oauth.facebook': faceUser.id } + // ] + + //na tela de login + //vou clicar em login do face + //vou abrir um popup pedindo o email do facebook cadastrado e ra + //vou pegar esse dado + //vou fazer uma query and com o email e ra + //vou fazer uma busca no banco e verificar se ele existe + //vou autenticar pelo google + //ou seja, será o mesmo que associar uma conta google ao usuário -> fluxo da pagina de configurações + + const findConditions = [{ 'oauth.emailFacebook': context.query.email }] + + // if (userId) { + // findConditions.push({ _id: userId.split('?')[0] }) + // } // check if user exists in database + // let user = await App.models.users.findOne({ + // $or: findConditions + // }) + let user = await App.models.users.findOne({ - $or: findConditions + $or: findConditions, }) - - if(user) { - if (userId) user.set('active', true) - user.set('oauth.facebook', faceUser.id) - - if (faceUser.email) { - user.set('oauth.emailFacebook', faceUser.email) - } + if (user) { + return google(context,user) } else { - user = new App.models.users({ - oauth: { - email: faceUser.email, - facebook: faceUser.id, - picture: faceUser.picture.data.url - } - }) + throw new Error('Cannot login with facebook, please connect with google') } - await user.save() - - const WEB_URL = env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL - - return { - _redirect: inApp.split('?')[0] == 'true' - ? `ufabcnext://login?token=${await user.generateJWT()}&` - :`${WEB_URL}/login?token=${user.generateJWT()}` - } + // if(user) { + // if (userId) user.set('active', true) + // user.set('oauth.facebook', faceUser.id) + + // if (faceUser.email) { + // user.set('oauth.emailFacebook', faceUser.email) + // } + + // } else { + // user = new App.models.users({ + // oauth: { + // email: faceUser.email, + // facebook: faceUser.id, + // picture: faceUser.picture.data.url + // } + // }) + // } + + // await user.save(); + + // const WEB_URL = + // env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL; + + // return { + // _redirect: + // inApp.split('?')[0] == 'true' + // ? `ufabcnext://login?token=${await user.generateJWT()}&` + // : `${WEB_URL}/login?token=${user.generateJWT()}`, + // }; } -async function google(context) { - const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) +async function google(context, user) { + const { + inApp = '', + userId = '', + env = '', + } = _.get(context.session, 'grant.dynamic', {}) const accessToken = context.query.access_token const url = 'https://www.googleapis.com/plus/v1/people/me' - const resp = await Axios.get(url, { headers: { - Authorization: `Bearer ${accessToken}` - }}) + const resp = await Axios.get(url, { + headers: { + Authorization: `Bearer ${accessToken}`, + }, + }) const googleUser = resp.data - if(!googleUser.id) { + if (!googleUser.id) { throw new Error('Missing googleUser.id') } - const findConditions = [ - { 'oauth.google': googleUser.id }, - ] + const findConditions = [{ 'oauth.google': googleUser.id }] if (userId) { findConditions.push({ _id: userId.split('?')[0] }) } - let user = await App.models.users.findOne({ - $or: findConditions - }) + // let user = await App.models.users.findOne({ + // $or: findConditions, + // }); - if(user) { + if (user) { if (userId) user.set('active', true) user.set('oauth.google', googleUser.id) if (googleUser.emails[0].value) { user.set('oauth.emailGoogle', googleUser.emails[0].value) } - } else { user = new App.models.users({ oauth: { email: googleUser.emails[0].value, - google: googleUser.id - } + google: googleUser.id, + }, }) } await user.save() - - const WEB_URL = env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL + + const WEB_URL = + env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL return { - _redirect: inApp.split('?')[0] == 'true' - ? `ufabcnext://login?token=${await user.generateJWT()}&` - :`${WEB_URL}/login?token=${user.generateJWT()}` + _redirect: + inApp.split('?')[0] == 'true' + ? `ufabcnext://login?token=${await user.generateJWT()}&` + : `${WEB_URL}/login?token=${user.generateJWT()}`, } } From 01ab4ba38c522f2e8266e1d205af7588812058e3 Mon Sep 17 00:00:00 2001 From: brMonteiro-G Date: Wed, 15 Nov 2023 23:52:05 -0300 Subject: [PATCH 2/3] chore: rollback changes --- app/api/facebook/func.js | 15 ++++ app/api/facebook/route.js | 5 ++ app/setup/oauth.js | 164 +++++++++++++++----------------------- 3 files changed, 85 insertions(+), 99 deletions(-) create mode 100644 app/api/facebook/func.js create mode 100644 app/api/facebook/route.js diff --git a/app/api/facebook/func.js b/app/api/facebook/func.js new file mode 100644 index 00000000..f2ee8c8c --- /dev/null +++ b/app/api/facebook/func.js @@ -0,0 +1,15 @@ +const app = require('@/app') + +module.exports = async (context) => { + let { ra, email } = context.body.ra + + const user = await app.models.users.findOne({ ra, email }) + + const { _id } = user + + if (user) { + return { userId: _id } + } + + return null +} diff --git a/app/api/facebook/route.js b/app/api/facebook/route.js new file mode 100644 index 00000000..e2fb8569 --- /dev/null +++ b/app/api/facebook/route.js @@ -0,0 +1,5 @@ +const app = require('@/app') + +module.exports = async (router) => { + router.post('/facebook/sync', app.helpers.routes.func(require('./func.js'))) +} diff --git a/app/setup/oauth.js b/app/setup/oauth.js index c616219c..f04613d1 100644 --- a/app/setup/oauth.js +++ b/app/setup/oauth.js @@ -6,153 +6,119 @@ const App = require('@/app') module.exports = async (app) => { app.server - .use( - session({ - secret: app.config.GRANT_SECRET, - saveUninitialized: true, - resave: true, - }) - ) + .use(session({ secret: app.config.GRANT_SECRET, saveUninitialized: true, resave: true })) .use(grant(app.config.GRANT_CONFIG)) .get('/oauth/facebook', app.helpers.routes.func(facebook)) .get('/oauth/google', app.helpers.routes.func(google)) } -async function facebook(context) { - // const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) - - // const accessToken = context.query.access_token - // const url = `https://graph.facebook.com/me?fields=id,name,email,picture.width(640)&metadata=1&access_token=${accessToken}` - // const resp = await Axios.get(url) - - // const faceUser = resp.data - - // if(!faceUser.id) { - // throw new Error('Missing faceUser.id') - // } - - // const findConditions = [ - // { 'oauth.facebook': faceUser.id } - // ] +async function facebook (context) { + const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) + console.log('this is the context', context.query) + const accessToken = context.query.access_token + const url = `https://graph.facebook.com/v18.0/me?fields=id,email&access_token=${accessToken}` + const resp = await Axios.get(url) - //na tela de login - //vou clicar em login do face - //vou abrir um popup pedindo o email do facebook cadastrado e ra - //vou pegar esse dado - //vou fazer uma query and com o email e ra - //vou fazer uma busca no banco e verificar se ele existe - //vou autenticar pelo google - //ou seja, será o mesmo que associar uma conta google ao usuário -> fluxo da pagina de configurações + const faceUser = resp.data + + if(!faceUser.id) { + throw new Error('Missing faceUser.id') + } - const findConditions = [{ 'oauth.emailFacebook': context.query.email }] + const findConditions = [ + { 'oauth.facebook': faceUser.id } + ] - // if (userId) { - // findConditions.push({ _id: userId.split('?')[0] }) - // } + if (userId) { + findConditions.push({ _id: userId.split('?')[0] }) + } // check if user exists in database - // let user = await App.models.users.findOne({ - // $or: findConditions - // }) - let user = await App.models.users.findOne({ - $or: findConditions, + $or: findConditions }) + + if(user) { + if (userId) user.set('active', true) + user.set('oauth.facebook', faceUser.id) + + if (faceUser.email) { + user.set('oauth.emailFacebook', faceUser.email) + } - if (user) { - return google(context,user) } else { - throw new Error('Cannot login with facebook, please connect with google') + user = new App.models.users({ + oauth: { + email: faceUser.email, + facebook: faceUser.id, + picture: faceUser.picture.data.url + } + }) } - // if(user) { - // if (userId) user.set('active', true) - // user.set('oauth.facebook', faceUser.id) - - // if (faceUser.email) { - // user.set('oauth.emailFacebook', faceUser.email) - // } - - // } else { - // user = new App.models.users({ - // oauth: { - // email: faceUser.email, - // facebook: faceUser.id, - // picture: faceUser.picture.data.url - // } - // }) - // } - - // await user.save(); - - // const WEB_URL = - // env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL; - - // return { - // _redirect: - // inApp.split('?')[0] == 'true' - // ? `ufabcnext://login?token=${await user.generateJWT()}&` - // : `${WEB_URL}/login?token=${user.generateJWT()}`, - // }; + await user.save() + + const WEB_URL = env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL + + return { + _redirect: inApp.split('?')[0] == 'true' + ? `ufabcnext://login?token=${await user.generateJWT()}&` + :`${WEB_URL}/login?token=${user.generateJWT()}` + } } -async function google(context, user) { - const { - inApp = '', - userId = '', - env = '', - } = _.get(context.session, 'grant.dynamic', {}) +async function google(context) { + const { inApp = '', userId = '', env = '' } = _.get(context.session, 'grant.dynamic', {}) const accessToken = context.query.access_token const url = 'https://www.googleapis.com/plus/v1/people/me' - const resp = await Axios.get(url, { - headers: { - Authorization: `Bearer ${accessToken}`, - }, - }) + const resp = await Axios.get(url, { headers: { + Authorization: `Bearer ${accessToken}` + }}) const googleUser = resp.data - if (!googleUser.id) { + if(!googleUser.id) { throw new Error('Missing googleUser.id') } - const findConditions = [{ 'oauth.google': googleUser.id }] + const findConditions = [ + { 'oauth.google': googleUser.id }, + ] if (userId) { findConditions.push({ _id: userId.split('?')[0] }) } - // let user = await App.models.users.findOne({ - // $or: findConditions, - // }); + let user = await App.models.users.findOne({ + $or: findConditions + }) - if (user) { + if(user) { if (userId) user.set('active', true) user.set('oauth.google', googleUser.id) if (googleUser.emails[0].value) { user.set('oauth.emailGoogle', googleUser.emails[0].value) } + } else { user = new App.models.users({ oauth: { email: googleUser.emails[0].value, - google: googleUser.id, - }, + google: googleUser.id + } }) } await user.save() - - const WEB_URL = - env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL + + const WEB_URL = env == 'development' ? 'http://localhost:7500' : App.config.WEB_URL return { - _redirect: - inApp.split('?')[0] == 'true' - ? `ufabcnext://login?token=${await user.generateJWT()}&` - : `${WEB_URL}/login?token=${user.generateJWT()}`, + _redirect: inApp.split('?')[0] == 'true' + ? `ufabcnext://login?token=${await user.generateJWT()}&` + :`${WEB_URL}/login?token=${user.generateJWT()}` } -} +} \ No newline at end of file From 63563cffee186e354fa21636576fd0ae546d5703 Mon Sep 17 00:00:00 2001 From: brMonteiro-G Date: Wed, 15 Nov 2023 23:57:50 -0300 Subject: [PATCH 3/3] chore: solve code issue --- app/api/facebook/func.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/api/facebook/func.js b/app/api/facebook/func.js index f2ee8c8c..ef68e3b1 100644 --- a/app/api/facebook/func.js +++ b/app/api/facebook/func.js @@ -5,9 +5,8 @@ module.exports = async (context) => { const user = await app.models.users.findOne({ ra, email }) - const { _id } = user - if (user) { + const { _id } = user return { userId: _id } }