From d3e523b990a7b59bcfb82eae338271e3a2e99899 Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Wed, 14 Dec 2016 10:09:52 -0800 Subject: move some auth routes to auth.php --- controllers/auth.php | 148 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 148 insertions(+) (limited to 'controllers/auth.php') diff --git a/controllers/auth.php b/controllers/auth.php index c6c4ad8..4db8fde 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -250,3 +250,151 @@ $app->get('/signout', function() use($app) { unset($_SESSION['user_id']); $app->redirect('/', 301); }); + + +/* +$app->post('/auth/facebook', function() use($app) { + if($user=require_login($app, false)) { + $params = $app->request()->params(); + // User just auth'd with facebook, store the access token + $user->facebook_access_token = $params['fb_token']; + $user->save(); + + $app->response()->body(json_encode(array( + 'result' => 'ok' + ))); + } else { + $app->response()->body(json_encode(array( + 'result' => 'error' + ))); + } +}); +*/ + +$app->post('/auth/twitter', function() use($app) { + if($user=require_login($app, false)) { + $params = $app->request()->params(); + // User just auth'd with twitter, store the access token + $user->twitter_access_token = $params['twitter_token']; + $user->twitter_token_secret = $params['twitter_secret']; + $user->save(); + + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'ok' + ))); + } else { + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'error' + ))); + } +}); + +function getTwitterLoginURL(&$twitter) { + $request_token = $twitter->getRequestToken(Config::$base_url . 'auth/twitter/callback'); + $_SESSION['twitter_auth'] = $request_token; + return $twitter->getAuthorizeURL($request_token['oauth_token']); +} + +$app->get('/auth/twitter', function() use($app) { + $params = $app->request()->params(); + if($user=require_login($app, false)) { + + // If there is an existing Twitter token, check if it is valid + // Otherwise, generate a Twitter login link + $twitter_login_url = false; + $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret, + $user->twitter_access_token, $user->twitter_token_secret); + + if(array_key_exists('login', $params)) { + $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret); + $twitter_login_url = getTwitterLoginURL($twitter); + } else { + if($user->twitter_access_token) { + if ($twitter->get('account/verify_credentials')) { + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'ok' + ))); + return; + } else { + // If the existing twitter token is not valid, generate a login link + $twitter_login_url = getTwitterLoginURL($twitter); + } + } else { + $twitter_login_url = getTwitterLoginURL($twitter); + } + } + + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'url' => $twitter_login_url + ))); + + } else { + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'error' + ))); + } +}); + +$app->get('/auth/twitter/callback', function() use($app) { + if($user=require_login($app)) { + $params = $app->request()->params(); + + $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret, + $_SESSION['twitter_auth']['oauth_token'], $_SESSION['twitter_auth']['oauth_token_secret']); + $credentials = $twitter->getAccessToken($params['oauth_verifier']); + + $user->twitter_access_token = $credentials['oauth_token']; + $user->twitter_token_secret = $credentials['oauth_token_secret']; + $user->twitter_username = $credentials['screen_name']; + $user->save(); + + $app->redirect('/settings'); + } +}); + +$app->get('/auth/instagram', function() use($app) { + if($user=require_login($app, false)) { + + $instagram = instagram_client(); + + // If there is an existing Instagram auth token, check if it's valid + if($user->instagram_access_token) { + $instagram->setAccessToken($user->instagram_access_token); + $igUser = $instagram->getUser(); + + if($igUser && $igUser->meta->code == 200) { + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'ok', + 'username' => $igUser->data->username, + 'url' => $instagram->getLoginUrl(array('basic','likes')) + ))); + return; + } + } + + $app->response()['Content-type'] = 'application/json'; + $app->response()->body(json_encode(array( + 'result' => 'error', + 'url' => $instagram->getLoginUrl(array('basic','likes')) + ))); + } +}); + +$app->get('/auth/instagram/callback', function() use($app) { + if($user=require_login($app)) { + $params = $app->request()->params(); + + $instagram = instagram_client(); + $data = $instagram->getOAuthToken($params['code']); + $user->instagram_access_token = $data->access_token; + $user->save(); + + $app->redirect('/settings'); + } +}); -- cgit v1.2.3