diff --git a/packages/strapi-plugin-users-permissions/controllers/Auth.js b/packages/strapi-plugin-users-permissions/controllers/Auth.js index 87ffc55ac6..a11db3d3c3 100644 --- a/packages/strapi-plugin-users-permissions/controllers/Auth.js +++ b/packages/strapi-plugin-users-permissions/controllers/Auth.js @@ -71,12 +71,17 @@ module.exports = { } } else { // Connect the user thanks to the third-party provider. + let user, error; try { - const [user, error] = await strapi.plugins['users-permissions'].services.providers.connect(provider, ctx.query); + [user, error] = await strapi.plugins['users-permissions'].services.providers.connect(provider, ctx.query); } catch([user, error]) { return ctx.badRequest(null, (error === 'array') ? (ctx.request.admin ? error[0] : error[1]) : error); } + if (!user) { + return ctx.badRequest(null, (error === 'array') ? (ctx.request.admin ? error[0] : error[1]) : error); + } + ctx.send({ jwt: strapi.plugins['users-permissions'].services.jwt.issue(user), user: _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']) diff --git a/packages/strapi-plugin-users-permissions/services/Providers.js b/packages/strapi-plugin-users-permissions/services/Providers.js index 7d1ce67f55..004c242a9c 100644 --- a/packages/strapi-plugin-users-permissions/services/Providers.js +++ b/packages/strapi-plugin-users-permissions/services/Providers.js @@ -11,27 +11,6 @@ const request = require('request'); // Purest strategies. const Purest = require('purest'); -const facebook = new Purest({ - provider: 'facebook' -}); - -const github = new Purest({ - provider: 'github', - defaults: { - headers: { - 'user-agent': 'strapi' - } - } -}); - -const google = new Purest({ - provider: 'google' -}); - -const twitter = new Purest({ - provider: 'twitter' -}); - /** * Connect thanks to a third-party provider. * @@ -73,7 +52,7 @@ exports.connect = (provider, query) => { } if (user && user.provider === provider) { - return resolve([null, [{ messages: [{ id: 'Auth.form.error.email.taken' }] }], 'Email is already taken.']); + return resolve([user, null]); } if (user && user.provider !== provider && strapi.plugins['users-permissions'].config.advanced.unique_email) { @@ -111,6 +90,10 @@ const getProfile = (provider, query, callback) => { switch (provider) { case 'facebook': + const facebook = new Purest({ + provider: 'facebook' + }); + facebook.query().get('me?fields=name,email').auth(access_token).request((err, res, body) => { if (err) { callback(err); @@ -123,18 +106,31 @@ const getProfile = (provider, query, callback) => { }); break; case 'google': + const google = new Purest({ + provider: 'google' + }); + google.query('plus').get('people/me').auth(access_token).request((err, res, body) => { if (err) { callback(err); } else { callback(null, { - username: body.displayName, + username: body.displayName || body.emails[0].value, email: body.emails[0].value }); } }); break; case 'github': + const github = new Purest({ + provider: 'github', + defaults: { + headers: { + 'user-agent': 'strapi' + } + } + }); + request.post({ url: 'https://github.com/login/oauth/access_token', form: { @@ -156,7 +152,13 @@ const getProfile = (provider, query, callback) => { }); break; case 'twitter': - twitter.query().get('account/verify_credentials').auth(access_token, query.access_secret).qs({screen_name: query['raw[screen_name]']}).qs({include_email: 'true'}).request((err, res, body) => { + const twitter = new Purest({ + provider: 'twitter', + key: strapi.plugins['users-permissions'].config.grant.twitter.key, + secret: strapi.plugins['users-permissions'].config.grant.twitter.secret + }); + + twitter.query().get('account/verify_credentials').auth(access_token, query.access_secret).qs({screen_name: query['raw[screen_name]'], include_email: 'true'}).request((err, res, body) => { if (err) { callback(err); } else {