jank oAuth implement

Author: bz22

backend/conduit/app.py

@@ -1,12 +1,11 @@
 # -*- coding: utf-8 -*-
 """The app module, containing the app factory function."""
 from flask import Flask
-from conduit.extensions import bcrypt, cache, db, migrate, jwt, cors
+from conduit.extensions import bcrypt, cache, db, migrate, jwt, cors, github
 from conduit import commands, user, profile, articles, organizations, tags
 from conduit.settings import ProdConfig
 from conduit.exceptions import InvalidUsage
 
-
 def create_app(config_object=ProdConfig):
     """An application factory, as explained here:
     http://flask.pocoo.org/docs/patterns/appfactories/.
@@ -23,14 +22,16 @@ def create_app(config_object=ProdConfig):
     register_commands(app)
     return app
 
-
 def register_extensions(app):
     """Register Flask extensions."""
     bcrypt.init_app(app)
     cache.init_app(app)
     db.init_app(app)
     migrate.init_app(app, db)
     jwt.init_app(app)
+    app.config['GITHUB_CLIENT_ID'] = '98574e099fa640413899'
+    app.config['GITHUB_CLIENT_SECRET'] = '272ac3010797de4cc29c5c0caf0bbd9df4d79832'
+    github.init_app(app)
 
 
 def register_blueprints(app):

backend/conduit/extensions.py

@@ -7,6 +7,7 @@
 from flask_jwt_extended import JWTManager
 from flask_migrate import Migrate
 from flask_sqlalchemy import SQLAlchemy, Model
+from flask_github import GitHub
 
 
 class CRUDMixin(Model):
@@ -51,6 +52,7 @@ def delete(self, commit=True):
 migrate = Migrate()
 cache = Cache()
 cors = CORS()
+github = GitHub()
 
 from conduit.utils import jwt_identity, identity_loader  # noqa
 

backend/conduit/settings.py

@@ -33,7 +33,8 @@ class Config(object):
         'https://bit-next-git-master.bitproject.now.sh',
         'https://staging.bitproject.org',
         'https://dev.bitproject.org',
-        'https://bit-next.now.sh'
+        'https://bit-next.now.sh',
+        'https://github.com/login/oauth/authorize?client_id=98574e099fa640413899'
     ]
     JWT_HEADER_TYPE = 'Token'
 

backend/conduit/user/models.py

@@ -24,13 +24,17 @@ class User(SurrogatePK, Model):
     linkedinLink = Column(db.String(100), nullable=True)
     website = Column(db.Text(), nullable = True)
     isAdmin = Column(db.Boolean, nullable=False, default=False)
+    github_access_token = Column(db.String(255), nullable = True)
+    github_id = Column(db.Integer, nullable = True)
     token: str = ''
 
-    def __init__(self, username, email, password=None, **kwargs):
+    def __init__(self, username, email, password=None, github_access_token=None, **kwargs):
         """Create instance."""
         db.Model.__init__(self, username=username, email=email, **kwargs)
         if password:
             self.set_password(password)
+        if github_access_token:
+            self.set_github_token(github_access_token)
         else:
             self.password = None
 
@@ -42,6 +46,9 @@ def check_password(self, value):
         """Check password."""
         return bcrypt.check_password_hash(self.password, value)
 
+    def set_github_token(self, github_access_token):
+        self.github_access_token = github_access_token
+
     def __repr__(self):
         """Represent instance as a unique string."""
         return '<User({username!r})>'.format(username=self.username)

backend/conduit/user/views.py

@@ -1,19 +1,20 @@
 # -*- coding: utf-8 -*-
 """User views."""
-from flask import Blueprint, request
+from flask import Blueprint, request, jsonify, g
 from flask_apispec import use_kwargs, marshal_with
 from flask_jwt_extended import jwt_required, jwt_optional, create_access_token, current_user
 from sqlalchemy.exc import IntegrityError
 
 from conduit.database import db
+from conduit.extensions import github
 from conduit.exceptions import InvalidUsage
 from conduit.profile.models import UserProfile
 from .models import User
 from .serializers import user_schema
+import requests
 
 blueprint = Blueprint('user', __name__)
 
-
 @blueprint.route('/api/users', methods=('POST',))
 @use_kwargs(user_schema)
 @marshal_with(user_schema)
@@ -26,7 +27,6 @@ def register_user(username, password, email, **kwargs):
         raise InvalidUsage.user_already_registered()
     return userprofile.user
 
-
 @blueprint.route('/api/users/login', methods=('POST',))
 @jwt_optional
 @use_kwargs(user_schema)
@@ -64,3 +64,63 @@ def update_user(**kwargs):
         kwargs['updated_at'] = user.created_at.replace(tzinfo=None)
     user.update(**kwargs)
     return user
+
+#TODO:
+#1) we have to add the state to make sure no third party access when sending code
+#2) change this away from username, only allows me to call the thing username cause of user_schema.
+#if bit_token invalid and access_tok still valid, just reauthenticate with new code and stuff
+#if access_token invalid but bit_token valid, ignore until bit_token gets invalid
+
+#Note: the parameter is username but it should be changed to github_code
+#i just get errors thrown if 
+
+@blueprint.route('/api/user/callback', methods = ('POST',))
+@use_kwargs(user_schema)   
+@marshal_with(user_schema)
+def github_oauth(username, **kwargs):
+    #refactor and hide these
+
+    #NOTE: use try catch block later
+    payload = { 'client_id': "98574e099fa640413899",  
+                'client_secret': "272ac3010797de4cc29c5c0caf0bbd9df4d79832",
+                'code': username,
+                }
+    header = {
+        'Accept': 'application/json',
+    }
+
+    auth_response = requests.post('https://github.com/login/oauth/access_token', params=payload, headers=header).json()
+    
+    #if it's an error response, the access_token will not work (like if code is invalid)
+    #it won't have access_token key-value pair
+    #build in try catch!
+    access_token = auth_response["access_token"]
+    
+    auth_header = {"Authorization": "Bearer " + access_token}
+    data_response = requests.get('https://api.github.com/user', headers=auth_header).json()
+    email_response = requests.get('https://api.github.com/user/emails', headers=auth_header).json()
+
+    username = data_response["login"]
+    email = email_response[0]["email"]
+    github_id = data_response["id"]
+
+    user = User.query.filter_by(email=email).first()
+    if user is None:
+        userprofile = UserProfile(User(username, email, github_access_token = access_token).save()).save()
+        user = userprofile.user
+
+    user.token = create_access_token(identity=user, fresh=True)
+    return user
+
+# Flask Migrate
+
+# write code
+# run flaskdb migrate in the code
+# flaskdb upgrade in the code
+# Code isn't working because staging db uses staging code
+# Code isn't working on local because we don't have db
+
+# When doing github auth, we need to use flask db migrate to be able to add our cols 
+# to our remote db
+
+

components/profile/LoginForm.tsx

@@ -4,6 +4,7 @@ import { mutate } from "swr";
 
 import ListErrors from "../common/ListErrors";
 import UserAPI from "../../lib/api/user";
+import Authenticate from "./Authenticate";
 
 const LoginForm = () => {
   const [isLoading, setLoading] = React.useState(false);
@@ -20,6 +21,34 @@ const LoginForm = () => {
     []
   );
 
+  let logging_in;
+  if (typeof window !== "undefined"){
+    const code = new URLSearchParams(window.location.search).get("code");
+    if (code){
+      logging_in = (<p>Redirecting to home page...</p>);
+      React.useEffect(() => {
+
+          async function post_code(){
+              try{
+              const {data, status} = await UserAPI.post_code(code);
+              console.log("begun await");
+              if (data?.user){
+                  console.log(data.user)
+                  window.localStorage.setItem("user", JSON.stringify(data.user));
+                  mutate("user", data?.user);
+                  Router.push("/");
+              }
+              } catch(error){
+                  console.error(error);
+              }
+          }
+          
+      post_code();
+      }, [])
+    } 
+  }
+
+  
   const handleSubmit = async (e) => {
     e.preventDefault();
     setLoading(true);
@@ -77,8 +106,13 @@ const LoginForm = () => {
           </button>
         </fieldset>
       </form>
+      <a href="https://github.com/login/oauth/authorize?client_id=98574e099fa640413899&scope=user+repo"
+            className="btn btn-lg btn-primary pull-xs-left"
+            >
+               Sign in through GitHub REAL</a>
+      {logging_in}
     </>
   );
-};
+}
 
 export default LoginForm;

lib/api/user.ts

@@ -2,6 +2,8 @@ import axios from "axios";
 
 import { SERVER_BASE_URL } from "../utils/constant";
 
+const url = require('url');
+
 const UserAPI = {
   current: async () => {
     const user: any = window.localStorage.getItem("user");
@@ -135,6 +137,25 @@ const UserAPI = {
     }
   },
   get: async (username) => axios.get(`${SERVER_BASE_URL}/profiles/${username}`),
+
+  post_code: async (username) => {
+    try{
+      const response = await axios.post(
+        `${SERVER_BASE_URL}/user/callback`,
+        JSON.stringify({ user: { username } }),
+        {
+          headers: {
+            "Content-Type": "application/json",
+          },
+        }
+      );
+      return response;
+    } catch (error){
+      return error.response;
+    }
+
+  },
+
 };
 
 export default UserAPI;

lib/utils/constant.ts

@@ -2,10 +2,10 @@
 // export const SERVER_BASE_URL = `https://conduit.productionready.io/api`;
 
 // Local backend url
-// export const SERVER_BASE_URL = `http://127.0.0.1:5000/api`;
+export const SERVER_BASE_URL = `http://127.0.0.1:5000/api`;
 
 // Staging url
-export const SERVER_BASE_URL = `https://bit-devs-staging.herokuapp.com/api`;
+// export const SERVER_BASE_URL = `https://bit-devs-staging.herokuapp.com/api`;
 
 // Production url. ONLY USE IN PRODUCTION
 // export const SERVER_BASE_URL = `https://bit-devs.herokuapp.com/api`;