1 files changed, 148 insertions, 0 deletions

diff --git a/controllers/auth.php b/controllers/auth.php
index c6c4ad8..4db8fde 100644
--- a/controllers/auth.php
+++ b/controllers/auth.php
@@ -250,3 +250,151 @@ $app->get('/signout', function() use($app) {
   unset($_SESSION['user_id']);
   $app->redirect('/', 301);
 });
+
+
+/*
+$app->post('/auth/facebook', function() use($app) {
+  if($user=require_login($app, false)) {
+    $params = $app->request()->params();
+    // User just auth'd with facebook, store the access token
+    $user->facebook_access_token = $params['fb_token'];
+    $user->save();
+
+    $app->response()->body(json_encode(array(
+      'result' => 'ok'
+    )));
+  } else {
+    $app->response()->body(json_encode(array(
+      'result' => 'error'
+    )));
+  }
+});
+*/
+
+$app->post('/auth/twitter', function() use($app) {
+  if($user=require_login($app, false)) {
+    $params = $app->request()->params();
+    // User just auth'd with twitter, store the access token
+    $user->twitter_access_token = $params['twitter_token'];
+    $user->twitter_token_secret = $params['twitter_secret'];
+    $user->save();
+
+    $app->response()['Content-type'] = 'application/json';
+    $app->response()->body(json_encode(array(
+      'result' => 'ok'
+    )));
+  } else {
+    $app->response()['Content-type'] = 'application/json';
+    $app->response()->body(json_encode(array(
+      'result' => 'error'
+    )));
+  }
+});
+
+function getTwitterLoginURL(&$twitter) {
+  $request_token = $twitter->getRequestToken(Config::$base_url . 'auth/twitter/callback');
+  $_SESSION['twitter_auth'] = $request_token;
+  return $twitter->getAuthorizeURL($request_token['oauth_token']);
+}
+
+$app->get('/auth/twitter', function() use($app) {
+  $params = $app->request()->params();
+  if($user=require_login($app, false)) {
+
+    // If there is an existing Twitter token, check if it is valid
+    // Otherwise, generate a Twitter login link
+    $twitter_login_url = false;
+    $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
+      $user->twitter_access_token, $user->twitter_token_secret);
+
+    if(array_key_exists('login', $params)) {
+      $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret);
+      $twitter_login_url = getTwitterLoginURL($twitter);
+    } else {
+      if($user->twitter_access_token) {
+        if ($twitter->get('account/verify_credentials')) {
+          $app->response()['Content-type'] = 'application/json';
+          $app->response()->body(json_encode(array(
+            'result' => 'ok'
+          )));
+          return;
+        } else {
+          // If the existing twitter token is not valid, generate a login link
+          $twitter_login_url = getTwitterLoginURL($twitter);
+        }
+      } else {
+        $twitter_login_url = getTwitterLoginURL($twitter);
+      }
+    }
+
+    $app->response()['Content-type'] = 'application/json';
+    $app->response()->body(json_encode(array(
+      'url' => $twitter_login_url
+    )));
+
+  } else {
+    $app->response()['Content-type'] = 'application/json';
+    $app->response()->body(json_encode(array(
+      'result' => 'error'
+    )));
+  }
+});
+
+$app->get('/auth/twitter/callback', function() use($app) {
+  if($user=require_login($app)) {
+    $params = $app->request()->params();
+
+    $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
+      $_SESSION['twitter_auth']['oauth_token'], $_SESSION['twitter_auth']['oauth_token_secret']);
+    $credentials = $twitter->getAccessToken($params['oauth_verifier']);
+
+    $user->twitter_access_token = $credentials['oauth_token'];
+    $user->twitter_token_secret = $credentials['oauth_token_secret'];
+    $user->twitter_username = $credentials['screen_name'];
+    $user->save();
+
+    $app->redirect('/settings');
+  }
+});
+
+$app->get('/auth/instagram', function() use($app) {
+  if($user=require_login($app, false)) {
+
+    $instagram = instagram_client();
+
+    // If there is an existing Instagram auth token, check if it's valid
+    if($user->instagram_access_token) {
+      $instagram->setAccessToken($user->instagram_access_token);
+      $igUser = $instagram->getUser();
+
+      if($igUser && $igUser->meta->code == 200) {
+        $app->response()['Content-type'] = 'application/json';
+        $app->response()->body(json_encode(array(
+          'result' => 'ok',
+          'username' => $igUser->data->username,
+          'url' => $instagram->getLoginUrl(array('basic','likes'))
+        )));
+        return;
+      }
+    }
+
+    $app->response()['Content-type'] = 'application/json';
+    $app->response()->body(json_encode(array(
+      'result' => 'error',
+      'url' => $instagram->getLoginUrl(array('basic','likes'))
+    )));
+  }
+});
+
+$app->get('/auth/instagram/callback', function() use($app) {
+  if($user=require_login($app)) {
+    $params = $app->request()->params();
+
+    $instagram = instagram_client();
+    $data = $instagram->getOAuthToken($params['code']);
+    $user->instagram_access_token = $data->access_token;
+    $user->save();
+
+    $app->redirect('/settings');
+  }
+});