From 2cd148c792a47fea18d760b723d23569ae52d390 Mon Sep 17 00:00:00 2001
From: Aaron Parecki <aaron@parecki.com>
Date: Wed, 24 Dec 2014 16:44:44 -0800
Subject: Support for "likes" and adding "settings" page

* Supports a bookmarklet to create "like" posts.
* Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
---
 controllers/controllers.php | 172 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 149 insertions(+), 23 deletions(-)

(limited to 'controllers')

diff --git a/controllers/controllers.php b/controllers/controllers.php
index 0de366b..18da149 100644
--- a/controllers/controllers.php
+++ b/controllers/controllers.php
@@ -1,6 +1,6 @@
 <?php
 
-function require_login(&$app) {
+function require_login(&$app, $redirect=true) {
   $params = $app->request()->params();
   if(array_key_exists('token', $params)) {
     try {
@@ -8,16 +8,25 @@ function require_login(&$app) {
       $_SESSION['user_id'] = $data->user_id;
       $_SESSION['me'] = $data->me;
     } catch(DomainException $e) {
-      header('X-Error: DomainException');
-      $app->redirect('/', 301);
+      if($redirect) {
+        header('X-Error: DomainException');
+        $app->redirect('/', 301);
+      } else {
+        return false;
+      }
     } catch(UnexpectedValueException $e) {
-      header('X-Error: UnexpectedValueException');
-      $app->redirect('/', 301);
+      if($redirect) {
+        header('X-Error: UnexpectedValueException');
+        $app->redirect('/', 301);
+      } else {
+        return false;
+      }
     }
   }
 
   if(!array_key_exists('user_id', $_SESSION)) {
-    $app->redirect('/');
+    if($redirect)
+      $app->redirect('/');
     return false;
   } else {
     return ORM::for_table('users')->find_one($_SESSION['user_id']);
@@ -160,6 +169,42 @@ $app->get('/add-to-home', function() use($app) {
   }
 });
 
+$app->get('/settings', function() use($app) {
+  if($user=require_login($app)) {
+    $html = render('settings', array('title' => 'Settings', 'include_facebook' => true));
+    $app->response()->body($html);
+  }
+});
+
+$app->get('/favorite.js', function() use($app) {
+  $app->response()->header("Content-type", "text/javascript");
+  if($user=require_login($app, false)) {
+    $params = $app->request()->params();
+
+    if(array_key_exists('url', $params)) {
+      $micropub_request = array(
+        'like-of' => $params['url']
+      );
+      $r = micropub_post_for_user($user, $micropub_request);
+    }
+
+    if(preg_match('/https?:\/\/(?:www\.)?facebook\.com\/(?:[^\/]+)\/posts\/(\d+)/', $params['url'], $match)) {
+      $facebook_id = $match[1];
+    } else {
+      $facebook_id = false;
+    }
+
+    $app->response()->body($app->render('liked-js.php', array(
+      'url' => $params['url'], 
+      'like_url' => $r['location'], 
+      'error' => $r['error'],
+      'facebook_id' => $facebook_id
+    )));
+  } else {
+    $app->response()->body('alert("invalid token");');
+  }
+});
+
 $app->get('/micropub/syndications', function() use($app) {
   if($user=require_login($app)) {
     $data = get_syndication_targets($user);
@@ -179,31 +224,112 @@ $app->post('/micropub/post', function() use($app) {
       return $v !== '';
     });
 
-    // Now send to the micropub endpoint
-    $r = micropub_post($user->micropub_endpoint, $params, $user->micropub_access_token);
-    $request = $r['request'];
-    $response = $r['response'];
+    $r = micropub_post_for_user($user, $params);
+
+    $app->response()->body(json_encode(array(
+      'request' => htmlspecialchars($r['request']),
+      'response' => htmlspecialchars($r['response']),
+      'location' => $r['location'],
+      'error' => $r['error'],
+      'curlinfo' => $r['curlinfo']
+    )));
+  }
+});
+
+$app->post('/auth/facebook', function() use($app) {
+  if($user=require_login($app, false)) {
+    $params = $app->request()->params();
+    // User just auth'd with facebook, store the access token
+    $user->facebook_access_token = $params['fb_token'];
+    $user->save();
+
+    $app->response()->body(json_encode(array(
+      'result' => 'ok'
+    )));
+  } else {
+    $app->response()->body(json_encode(array(
+      'result' => 'error'
+    )));
+  }
+});
+
+$app->post('/auth/twitter', function() use($app) {
+  if($user=require_login($app, false)) {
+    $params = $app->request()->params();
+    // User just auth'd with facebook, store the access token
+    $user->twitter_access_token = $params['twitter_token'];
+    $user->twitter_token_secret = $params['twitter_secret'];
+    $user->save();
+
+    $app->response()->body(json_encode(array(
+      'result' => 'ok'
+    )));
+  } else {
+    $app->response()->body(json_encode(array(
+      'result' => 'error'
+    )));
+  }
+});
+
+function getTwitterLoginURL(&$twitter) {
+  $request_token = $twitter->getRequestToken(Config::$base_url . 'auth/twitter/callback');
+  $_SESSION['twitter_auth'] = $request_token;
+  return $twitter->getAuthorizeURL($request_token['oauth_token']);
+}
+
+$app->get('/auth/twitter', function() use($app) {
+  $params = $app->request()->params();
+  if($user=require_login($app, false)) {
 
-    $user->last_micropub_response = json_encode($r);
-    $user->last_micropub_response_date = date('Y-m-d H:i:s');
+    // If there is an existing Twitter token, check if it is valid
+    // Otherwise, generate a Twitter login link
+    $twitter_login_url = false;
+    $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret, 
+      $user->twitter_access_token, $user->twitter_token_secret);
 
-    // Check the response and look for a "Location" header containing the URL
-    if($response && preg_match('/Location: (.+)/', $response, $match)) {
-      $location = $match[1];
-      $user->micropub_success = 1;
+    if(array_key_exists('login', $params)) {
+      $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret);
+      $twitter_login_url = getTwitterLoginURL($twitter);
     } else {
-      $location = false;
+      if($user->twitter_access_token) {
+        if ($twitter->get('account/verify_credentials')) {
+          $app->response()->body(json_encode(array(
+            'result' => 'ok'
+          )));
+          return;
+        } else {
+          // If the existing twitter token is not valid, generate a login link
+          $twitter_login_url = getTwitterLoginURL($twitter);
+        }
+      } else {
+        $twitter_login_url = getTwitterLoginURL($twitter);
+      }
     }
 
-    $user->save();
+    $app->response()->body(json_encode(array(
+      'url' => $twitter_login_url
+    )));
 
+  } else {
     $app->response()->body(json_encode(array(
-      'request' => htmlspecialchars($request),
-      'response' => htmlspecialchars($response),
-      'location' => $location,
-      'error' => $r['error'],
-      'curlinfo' => $r['curlinfo']
+      'result' => 'error'
     )));
   }
 });
 
+$app->get('/auth/twitter/callback', function() use($app) {
+  if($user=require_login($app)) {
+    $params = $app->request()->params();
+
+    $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret, 
+      $_SESSION['twitter_auth']['oauth_token'], $_SESSION['twitter_auth']['oauth_token_secret']);
+    $credentials = $twitter->getAccessToken($params['oauth_verifier']);
+
+    $user->twitter_access_token = $credentials['oauth_token'];
+    $user->twitter_token_secret = $credentials['oauth_token_secret'];
+    $user->twitter_username = $credentials['screen_name'];
+    $user->save();
+
+    $app->redirect('/settings');
+  }
+});
-- 
cgit v1.2.3