// router.jsconst passport = require('passport')const { verifyGithub } = requi

1. // router.js
2. const passport = require('passport')
3. const { verifyGithub } = require('./middleware/github')
4. const github = require('./controllers/github')
5.  
6. const authenticate = passport.authenticate('github', { failureRedirect: '/login' })
7.  
8. router.get('/authorize', verifyGithub, authenticate)
9. router.get('/oauthCallback', verifyGithub, authenticate, github)
10.  
11.  
12. // controllers/github.js
13.  
14. const randomize = require('randomatic')
15.  
16. const TokenStorage = Parse.Object.extend('TokenStorage')
17.  
18. const restrictedAcl = new Parse.ACL()
19. restrictedAcl.setPublicReadAccess(false)
20. restrictedAcl.setPublicWriteAccess(false)
21.  
22. const upsertGitHubUser = function(profile) {
23. var query = new Parse.Query(TokenStorage)
24. query.equalTo('githubId', profile.id)
25. query.ascending('createdAt')
26. return query.first({ useMasterKey: true }).then(function(tokenData) {
27. if (!tokenData) {
28. return newGitHubUser(profile)
29. }
30.  
31. const user = tokenData.get('user')
32. return user
33. .fetch({ useMasterKey: true })
34. .then(user => {
35. if (profile.accessToken !== tokenData.get('accessToken')) {
36. tokenData.set('accessToken', profile.accessToken)
37. }
38.  
39. return tokenData.save(null, { useMasterKey: true }).then(() => user)
40. })
41. .then(user => {
42. const password = randomize('*', 10)
43. user.setPassword(password)
44. return user.save(null, { useMasterKey: true }).then(user => {
45. return Parse.User.logIn(user.get('username'), password)
46. })
47. })
48. .then(user => user)
49. })
50. }
51.  
52. const newGitHubUser = function(profile) {
53. const user = new Parse.User()
54. user.set('username', profile.username)
55. user.set('email', profile.email)
56. user.set('avatar', profile.photo)
57. user.set('password', randomize('*', 10))
58.  
59. return user
60. .signUp()
61. .then(function(user) {
62. const ts = new TokenStorage()
63. ts.set('githubId', profile.id)
64. ts.set('githubLogin', profile.username)
65. ts.set('accessToken', profile.accessToken)
66. ts.set('user', user)
67. ts.setACL(restrictedAcl)
68. return ts.save(null, { useMasterKey: true })
69. })
70. .then(() => {
71. return upsertGitHubUser(profile)
72. })
73. }
74.  
75. function github(req, res) {
76. const profile = req.user
77.  
78. if (!(profile.email && profile.username && profile.id)) {
79. res.render('error', { errorMessage: 'Invalid github data' })
80. return
81. }
82.  
83. upsertGitHubUser(profile)
84. .then(user => {
85. res.render('store_auth', { sessionToken: user.getSessionToken() })
86. })
87. .catch(error => {
88. res.render('error', { errorMessage: JSON.stringify(error) })
89. })
90. }
91.  
92. module.exports = github
93.  
94. // middleware/github.js
95.  
96. const config = require('config')
97. const passport = require('passport')
98. const GitHubStrategy = require('passport-github').Strategy
99.  
100. function githubAuth(req, res, next) {
101. if (!config.get('verifyGithubAccount')) {
102. return next()
103. }
104.  
105. passport.serializeUser(function(user, done) {
106. done(null, user)
107. })
108.  
109. passport.deserializeUser(function(user, done) {
110. done(null, user)
111. })
112.  
113. passport.use(
114. new GitHubStrategy(config.get('github'), function(accessToken, refreshToken, profile, done) {
115. profile.accessToken = accessToken
116. done(null, profile)
117. })
118. )
119.  
120. passport.initialize()(req, res, next)
121. }
122.  
123. function verifyGithub(req, res, next) {
124. if (!config.get('verifyGithubAccount')) {
125. return next(new Error('Cannot use github account.'))
126. }
127.  
128. next()
129. }
130.  
131. module.exports = { githubAuth, verifyGithub }
132.  
133. // config.js
134.  
135. module.exports = {
136. github: {
137. clientID: undefined,
138. clientSecret: undefined,
139. callbackURL: undefined
140. }
141. }