janitor
janitor copied to clipboard
JanitorTechnology
[WIP] Fully implement "Sign in with GitHub"
This might help:
commit c14750daf21d604802a4064ae8d1a4f12f90e520
Author: Jan Keromnes <[email protected]>
Date: Sun Oct 1 09:45:56 2017 +0000
TEMP
diff --git a/app.js b/app.js
index 264f0ed..c55d626 100644
--- a/app.js
+++ b/app.js
@@ -163,22 +163,38 @@ boot.executeInParallel([
// User login via GitHub.
app.route(/^\/login\/github\/?$/, (data, match, end, query) => {
const { req: request, res: response } = query;
- const { user } = request;
- if (!user) {
- // Don't allow signing in only with GitHub just yet.
- routes.notFoundPage(response, user);
- return;
- }
-
github.authenticate(request, (error, accessToken, refreshToken) => {
+ const { user } = request;
if (error) {
log('[fail] github authenticate', error);
routes.notFoundPage(response, user);
return;
}
- users.refreshGitHubAccount(user, accessToken, refreshToken);
- routes.redirect(response, '/settings/integrations/');
+ if (user) {
+ users.refreshGitHubAccount(user, accessToken, refreshToken, error => {
+ if (error) {
+ log('[fail] could not refresh github account', error);
+ }
+
+ routes.redirect(response, '/settings/integrations/');
+ });
+ return;
+ }
+
+ // TODO multiple emails
+ github.getVerifiedEmails(accessToken, (error, verifiedEmails) => {
+ const users = db.get('users');
+ for (const verifiedEmail of verifiedEmails) {
+ if (users[verifiedEmail]) {
+ // TODO sign in
+ }
+ }
+
+ // Don't allow unregistered users to sign in with GitHub just yet.
+ // TODO "We don't have a Janitor account associated with the GitHub user that you used to sign in."
+ routes.notFoundPage(response, user);
+ });
});
});
diff --git a/lib/users.js b/lib/users.js
index 0154fa2..d4632ed 100644
--- a/lib/users.js
+++ b/lib/users.js
@@ -95,10 +95,10 @@ exports.resetSSHKeyPair = function (user) {
};
// Refresh a user's GitHub account details using an OAuth2 access token.
-exports.refreshGitHubAccount = function (user, accessToken, refreshToken) {
+exports.refreshGitHubAccount = function (user, accessToken, refreshToken, callback) {
github.getUserProfile(accessToken, (error, profile) => {
if (error) {
- log('[fail] could not get github username', error);
+ callback(error);
return;
}
@@ -109,6 +109,7 @@ exports.refreshGitHubAccount = function (user, accessToken, refreshToken) {
user.profile.name = user.profile.name || name;
db.save();
+ callback();
github.getSSHPublicKeys(username, (error, sshPublicKeys) => {
if (error) {
@@ -290,6 +291,11 @@ function getOrCreateUser (email) {
users[email] = user;
db.save();
}
+
+ // Follow email aliases.
+ while (typeof user === 'string') {
+ user = users[user];
+ }
// Temporary migration code: Previous users didn't have an SSH key pair.
if (!user.keys.ssh) {