// load all the things we needvar LocalStrategy = require('passport-local')

1. // load all the things we need
2. var LocalStrategy = require('passport-local').Strategy;
3. var FacebookStrategy = require('passport-facebook').Strategy;
4. var TwitterStrategy = require('passport-twitter').Strategy;
5.  
6. // load up the user model
7. var buyer = require('../server/models/buyer');
8.  
9. // load the auth variables
10. var configAuth = require('./auth'); // use this one for testing
11.  
12. module.exports = function(passport) {
13.  
14. // =========================================================================
15. // passport session setup ==================================================
16. // =========================================================================
17. // required for persistent login sessions
18. // passport needs ability to serialize and unserialize users out of session
19.  
20. // used to serialize the user for the session
21. passport.serializeUser(function(user, done) {
22. done(null, user.id);
23. });
24.  
25. // used to deserialize the user
26. passport.deserializeUser(function(id, done) {
27. buyer.findById(id, function(err, user) {
28. done(err, user);
29. });
30. });
31.  
32. // =========================================================================
33. // LOCAL LOGIN =============================================================
34. // =========================================================================
35. passport.use('local-login', new LocalStrategy({
36. // by default, local strategy uses username and password, we will override with email
37. usernameField : 'email',
38. passwordField : 'password',
39. passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
40. },
41. function(req, email, password, done) {
42.  
43. // asynchronous
44. process.nextTick(function() {
45. buyer.findOne({ 'local.email' : email }, function(err, user) {
46. // if there are any errors, return the error
47. if (err)
48. return done(err);
49.  
50. // if no user is found, return the message
51. if (!user)
52. return done(null, false, req.flash('loginMessage', 'No user found.'));
53.  
54. if (!user.validPassword(password))
55. return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.'));
56.  
57. // all is well, return user
58. else
59. return done(null, user);
60. });
61. });
62.  
63. }));
64.  
65. // =========================================================================
66. // LOCAL SIGNUP ============================================================
67. // =========================================================================
68. passport.use('local-signup', new LocalStrategy({
69. // by default, local strategy uses username and password, we will override with email
70. usernameField : 'email',
71. passwordField : 'password',
72. passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
73. },
74. function(req, email, password, done) {
75.  
76. // asynchronous
77. process.nextTick(function() {
78.  
79. // Whether we're signing up or connecting an account, we'll need
80. // to know if the email address is in use.
81. buyer.findOne({'local.email': email}, function(err, existingUser) {
82.  
83. // if there are any errors, return the error
84. if (err)
85. return done(err);
86.  
87. // check to see if there's already a user with that email
88. if (existingUser)
89. return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
90.  
91. // If we're logged in, we're connecting a new local account.
92. if(req.user) {
93. var user = req.user;
94. user.local.email = email;
95. user.local.password = user.generateHash(password);
96. user.save(function(err) {
97. if (err)
98. throw err;
99. return done(null, user);
100. });
101. }
102. // We're not logged in, so we're creating a brand new user.
103. else {
104. // create the user
105. var newUser = new buyer();
106.  
107. newUser.local.email = email;
108. newUser.local.password = newUser.generateHash(password);
109.  
110. newUser.save(function(err) {
111. if (err)
112. throw err;
113.  
114. return done(null, newUser);
115. });
116. }
117.  
118. });
119. });
120.  
121. }));
122.  
123. // =========================================================================
124. // FACEBOOK ================================================================
125. // =========================================================================
126. passport.use(new FacebookStrategy({
127.  
128. clientID : configAuth.facebookAuth.clientID,
129. clientSecret : configAuth.facebookAuth.clientSecret,
130. callbackURL : configAuth.facebookAuth.callbackURL,
131. passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
132.  
133. },
134. function(req, token, refreshToken, profile, done) {
135.  
136. // asynchronous
137. process.nextTick(function() {
138.  
139. // check if the user is already logged in
140. if (!req.user) {
141.  
142. buyer.findOne({ 'facebook.id' : profile.id }, function(err, user) {
143. if (err)
144. return done(err);
145.  
146. if (user) {
147.  
148. // if there is a user id already but no token (user was linked at one point and then removed)
149. if (!user.facebook.token) {
150. user.facebook.token = token;
151. user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
152. user.facebook.email = profile.emails[0].value;
153.  
154. user.save(function(err) {
155. if (err)
156. throw err;
157. return done(null, user);
158. });
159. }
160.  
161. return done(null, user); // user found, return that user
162. } else {
163.  
164. // If no user, create a new
165. var fields = {
166. 'facebook.id': profile.id,
167. 'facebook.token': token,
168. 'facebook.name': profile.name.givenName + ' ' + profile.name.familyName,
169. 'facebook.email': profile.emails[0].value
170. };
171.  
172. // if there is no user, create them
173. /*
174. var newUser = new Buyer();
175.  
176. newUser.facebook.id = profile.id;
177. newUser.facebook.token = token;
178. newUser.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
179. newUser.facebook.email = profile.emails[0].value;
180. */
181.  
182. buyer(fields).save(function(err, result) {
183. if (err)
184. throw err;
185. return done(null, result);
186. });
187. }
188. });
189.  
190. } else {
191. // user already exists and is logged in, we have to link accounts
192. var user = req.user; // pull the user out of the session
193.  
194. user.facebook.id = profile.id;
195. user.facebook.token = token;
196. user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
197. user.facebook.email = profile.emails[0].value;
198.  
199. user.save(function(err) {
200. if (err)
201. throw err;
202. return done(null, user);
203. });
204.  
205. }
206. });
207.  
208. }));
209.  
210. // =========================================================================
211. // TWITTER =================================================================
212. // =========================================================================
213. passport.use(new TwitterStrategy({
214.  
215. consumerKey : configAuth.twitterAuth.consumerKey,
216. consumerSecret : configAuth.twitterAuth.consumerSecret,
217. callbackURL : configAuth.twitterAuth.callbackURL,
218. passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
219.  
220. },
221. function(req, token, tokenSecret, profile, done) {
222.  
223. // asynchronous
224. process.nextTick(function() {
225.  
226. // check if the user is already logged in
227. if (!req.user) {
228.  
229. buyer.findOne({ 'twitter.id' : profile.id }, function(err, user) {
230. if (err)
231. return done(err);
232.  
233. if (user) {
234. // if there is a user id already but no token (user was linked at one point and then removed)
235. if (!user.twitter.token) {
236. user.twitter.token = token;
237. user.twitter.username = profile.username;
238. user.twitter.displayName = profile.displayName;
239.  
240. user.save(function(err) {
241. if (err)
242. throw err;
243. return done(null, user);
244. });
245. }
246.  
247. return done(null, user); // user found, return that user
248. } else {
249. // if there is no user, create them
250. var fields = {
251. 'twitter.id': profile.id,
252. 'twitter.token': token,
253. 'twitter.username': profile.username,
254. 'twitter.displayName': profile.displayName
255. };
256. buyer(fields).save(function(err, result) {
257. if (err)
258. throw err;
259. return done(null, result);
260. });
261. /*
262. var newUser = new User();
263.  
264. newUser.twitter.id = profile.id;
265. newUser.twitter.token = token;
266. newUser.twitter.username = profile.username;
267. newUser.twitter.displayName = profile.displayName;
268.  
269. newUser.save(function(err) {
270. if (err)
271. throw err;
272. return done(null, newUser);
273. });
274. */
275. }
276. });
277.  
278. } else {
279. // user already exists and is logged in, we have to link accounts
280. var user = req.user; // pull the user out of the session
281.  
282. user.twitter.id = profile.id;
283. user.twitter.token = token;
284. user.twitter.username = profile.username;
285. user.twitter.displayName = profile.displayName;
286.  
287. user.save(function(err) {
288. if (err)
289. throw err;
290. return done(null, user);
291. });
292. }
293.  
294. });
295.  
296. }));
297. };