Merge branch 'social'

.env.tmpl

@@ -7,5 +7,9 @@ RANDOM_BYTES=
 DB_URL=
 EMAIL_USER=
 EMAIL_PASS=
+FACEBOOK_APP_ID=
+FACEBOOK_APP_SECRET=
+VKONTAKTE_APP_ID=
+VKONTAKTE_APP_SECRET=
 MEDIA_DIR=
 MEDIA_URL=

Dockerfile

@@ -6,6 +6,7 @@ COPY package*.json ./
 
 # install dependencies
 RUN npm install
+RUN npm postinstall
 
 COPY . .
 

config/config.js

@@ -24,14 +24,22 @@ const common = {
       user: process.env.EMAIL_USER || PASS.EMAIL.user,
       pass: process.env.EMAIL_PASS || PASS.EMAIL.pass,
     },
+    FACEBOOK: {
+      id: process.env.FACEBOOK_APP_ID || PASS.FACEBOOK.id,
+      secret: process.env.FACEBOOK_APP_SECRET || PASS.FACEBOOK.secret,
+    },
+    VKONTAKTE: {
+      id: process.env.VKONTAKTE_APP_ID || PASS.VKONTAKTE.id,
+      secret: process.env.VKONTAKTE_APP_SECRET || PASS.VKONTAKTE.secret,
+    }
   },
   MESSAGES,
 };
 
 const development = {
   ...common,
-  HOST: process.env.HOST || 'http://127.0.0.1:8082',
-  MEDIA_URL: process.env.MEDIA_URL || 'http://127.0.0.1:8082/media',
+  HOST: process.env.HOST || 'http://localhost:8082',
+  MEDIA_URL: process.env.MEDIA_URL || 'http://localhost:8082/media',
   CORS_ENABLED: true,
 };
 

config/mailer.js

@@ -26,10 +26,12 @@ mailer.extend(app, {
 });
 
 export const sendVerifyEmail = (email, id, clientHost) => {
+  const client = clientHost.slice(-1) === '/' ? clientHost.slice(0, -1) : clientHost;
+
   app.mailer.send('pages/verify-email.html', {
     to: email,
     subject: 'Verify account',
-    verifyLink: `${clientHost}/verify?id=${id}`,
+    verifyLink: `${client}/verify?id=${id}`,
   }, (err) => {
     if (err) {
       // console.log('Ошибка отправки письма для верификации!');

config/messages.js

@@ -1,11 +1,15 @@
 const MESSAGES = {
-  auth_400: { message: 'Authentication / Registration failed' },
-  auth_422: { message: 'Email password pair incorrect' },
-  verify_200: { message: 'Account is verify' },
-  verify_400: { message: 'Failed to verify account' },
-  remind_pass_422: { message: 'No such user' },
-  remind_pass_200: { message: 'Letter to the specified address sent' },
-  set_pass_400: { message: 'Failed to save password' },
+  auth_400: 'Authentication / Registration failed',
+  auth_422:'Email password pair incorrect',
+  verify_200: 'Account is verify',
+  verify_400: 'Failed to verify account',
+  remind_pass_422: 'No such user',
+  remind_pass_200: 'Letter to the specified address sent',
+  set_pass_400: 'Failed to save password',
+  set_pass_200: 'Password changed successfully',
+  validation_no_user: 'There is no such user',
+  validation_social: 'You used to go through a social network',
+  validation_password_invalid: 'Password is invalid',
 };
 
 export default MESSAGES;

config/passport.js

@@ -1,22 +1,68 @@
 import passport from 'passport';
 import LocalStrategy from 'passport-local';
+import FacebookStrategy from 'passport-facebook';
+
+import config from './config';
 
 import User from '../models/user';
 
+const VKontakteStrategy = require('passport-vkontakte').Strategy;
+
+
+// For standard authentication
 const local = new LocalStrategy({
   usernameField: 'user[usermail]',
   passwordField: 'user[password]',
 }, (usermail, password, done) => {
   User.findOne({ usermail })
     .then((user) => {
-      if (!user || !user.validatePassword(password)) {
-        return done(null, false, { errors: { 'email or password': 'is invalid' } });
+      if (!user) {
+        return done(null, false, { message: config.MESSAGES.validation_no_user });
+      }
+      if (user && !user.password) {
+          return done(null, user, { message: config.MESSAGES.validation_social });
+      }
+      if (user && !user.validatePassword(password)) {
+        return done(null, user, { message: config.MESSAGES.validation_password_invalid });
       }
-
       return done(null, user);
     }).catch(done);
 });
 
 passport.use(local);
 
+
+// For authentication via Facebook
+const facebook = new FacebookStrategy({
+  clientID: config.PASS.FACEBOOK.id,
+  clientSecret: config.PASS.FACEBOOK.secret,
+  callbackURL: `${config.HOST}/api/user/facebook/callback`,
+  profileFields: [ 'email' ],
+}, (accessToken, refreshToken, profile, done) => {
+  const usermail = String(profile._json.email);
+  User.findOne({ usermail })
+    .then((user) => {
+      return done(null, user, usermail);
+    }).catch(done, false, usermail);
+});
+
+passport.use(facebook);
+
+// For authentication via VKontakte
+const vkontakte = new VKontakteStrategy({
+  clientID: config.PASS.VKONTAKTE.id,
+  clientSecret: config.PASS.VKONTAKTE.secret,
+  callbackURL: `${config.HOST}/api/user/vkontakte/callback`,
+  profileFields: [ 'email' ],
+}, (accessToken, refreshToken, params, profile, done) => {
+  let usermail = params.email;
+  User.findOne({ usermail })
+    .then((user) => {
+      return done(null, user, usermail);
+    }).catch(done, false, usermail);
+});
+
+passport.use(vkontakte);
+
+
 export default passport;

models/user.js

@@ -10,18 +10,20 @@ const { Schema } = mongoose;
 
 const UserSchema = new Schema({
   usermail: { type: String, required: true, unique: true },
-  username: String,
-  password: String,
+  username: { type: String || null, default: null },
+  password: { type: String || null, default: null },
   isVerify: { type: Boolean, default: false },
   userdata: { type: Object, default: [] },
 });
 
 // eslint-disable-next-line func-names
 UserSchema.methods.setNewUser = function (password) {
-  // console.log('User set new user ', password);
-  const salt = crypto.randomBytes(config.PASS.RANDOM_BYTES).toString('hex');
-  const hash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512').toString('hex');
-  this.password = hash + salt;
+  if (password) {
+    // console.log('User set new user ', password);
+    const salt = crypto.randomBytes(config.PASS.RANDOM_BYTES).toString('hex');
+    const hash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512').toString('hex');
+    this.password = hash + salt;
+  }
   this.username = this.usermail.split('@')[0]; // eslint-disable-line prefer-destructuring
 };
 
@@ -51,7 +53,6 @@ UserSchema.methods.generateJWT = function () {
 
   return jwt.sign({
     id: this.id,
-    usermail: this.usermail,
     exp: parseInt(expirationDate.getTime() / 1000, 10),
   }, config.PASS.SECRET);
 };
@@ -61,7 +62,6 @@ UserSchema.methods.toAuthJSON = function () {
   // console.log('User to Auth JSON');
   return {
     id: this.id,
-    usermail: this.usermail,
     token: this.generateJWT(),
   };
 };