Oauth Implemention for signingup with FB/Twitter and Github using Passport.js (#32)

* #10 - User signup using Facebook, Twitter and Github , implementation using passport.js

* updating instructions for developers

* Make login routes only in development mode.
Handle cases when github settings are set to hide email.
Log message for missing developer tokens in env.

* create different end points for different environments

* add condition to check if SSL certificates have been provided.

* Externalize SSL Certs, Use Mongo for App sessions in Production.

* fixed untracked files

* added .env.sample and updated docs.

* Set up CI with Azure Pipelines (#2)

* Set up CI with Azure Pipelines

* testing

* testing

* testing

* testing

* testing

* added package.json

* Update azure-pipelines.yml for Azure Pipelines

* testing

* testing

* testing

* added azure templates

* updated build yaml

* switched containers

* fix build to acr

* variables

* fixed variable

* build yaml

Author: jagzviruz

.babelrc

@@ -1,14 +1,19 @@
 {
   "passPerPreset": true,
-  "presets": [ "@babel/preset-env" ],
+  "presets": [
+    "@babel/preset-env"
+  ],
   "plugins": [
     [
       "babel-plugin-inline-import",
       {
-        "extensions": [ ".gql", ".graphql" ]
+        "extensions": [".gql", ".graphql"]
       },
       "@babel/plugin-transform-runtime"
     ],
-    "@babel/plugin-transform-arrow-functions"
+    "@babel/plugin-transform-arrow-functions",
+    ["module-resolver", {
+      "root": ["./src"]
+    }]
   ]
 }

.env.sample

@@ -0,0 +1,26 @@
+PORT=3001
+WITH_SSL=true
+CERTS_DIR=
+SSL_KEY_FILENAME=
+SSL_CERT_FILENAME=
+DEV_HOSTNAME=api.codingcoach.dev
+PROD_HOSTNAME=api.codingcoach.io
+NODE_PATH=src/
+NODE_ENV=development
+RANDOM_TOKEN=c5XIN5sQMtrMxhQ9diQ0
+
+MONGO_DB_URI=
+
+LOGS_FOLDER=logs
+ERROR_LOG=err.log
+INFO_LOG=info.log
+WARNINGS_LOG=warnings.log
+
+OAUTH_FACEBOOK_CLIENT_ID=
+OAUTH_FACEBOOK_CLIENT_SECRET=
+
+OAUTH_TWITTER_CONSUMER_KEY=
+OAUTH_TWITTER_CONSUMER_SECRET=
+
+OAUTH_GITHUB_CLIENT_ID=
+OAUTH_GITHUB_CLIENT_SECRET=

.eslintrc

@@ -4,6 +4,13 @@
     "airbnb/base",
     "plugin:import/errors"
   ],
+  "settings": {
+    "import/resolver": {
+      "node": {
+        "moduleDirectory": ["node_modules", "src/"]
+      }
+    }
+  },
   "rules": {
     "no-use-before-define": 0,
     "arrow-body-style": 0,
@@ -15,6 +22,10 @@
     "jest": true
   },
   "globals": {
-    "client": true
+    "client": true,
+    "LOGS_FOLDER": true,
+    "INFO": true,
+    "ERROR": true,
+    "WARN": true
   }
 }

.gitignore

@@ -6,3 +6,7 @@ dist/
 .DS_Store
 /coverage
 .env
+logs/
+**/*.log
+production.server.crt
+production.server.key

OAUTH.md

@@ -0,0 +1,51 @@
+### Implementing User signup on FE
+
+The backend application has been configured to retrieve user profiles when the following endpoint is queried
+
+#### Facebook
+```
+GET https://api.codingcoach.io/auth/facebook?code=<one-time code retrieved from FB in callback>
+```
+#### Twitter
+```
+GET https://api.codingcoach.io/auth/twitter?oauth_token=<one-time token retrieved from TWITTER in callback>&oauth_verifier=<one-time verifier retrieved from TWITTER in callback>
+```
+#### Github
+```
+GET https://api.codingcoach.io/auth/github?code=<one-time code retrieved from GITHUB in callback>
+```
+
+While developing the server should be acessible as 'https://api.codingcoach.dev`
+
+The JSON response of these calls will contain the saved user profile like this :
+```json
+{
+  "failedLogin": {
+    "numFailed": 0
+  },
+  "activationStatus": false,
+  "_id": "",
+  "email": "[email protected]",
+  "firstName": "John",
+  "lastName": "Doe",
+  "github": {
+    "id": "",
+    "email": "[email protected]",
+    "firstName": "John",
+    "lastName": "Doe",
+    "provider": "github",
+    "accessToken": "",
+    "username": "johndoe"
+  },
+  "__v": 0,
+  "facebook": {
+    "id": "",
+    "email": "[email protected]",
+    "firstName": "Jagdish",
+    "lastName": "Doe Jane",
+    "provider": "facebook",
+    "accessToken": "",
+    "refreshToken": null
+  }
+}
+```

README.md

@@ -1,9 +1,35 @@
 # Coding-Coach-api
 [![Build Status](https://api.travis-ci.org/Coding-Coach/coding-coach-api.svg?branch=development)](https://travis-ci.org/Coding-Coach/coding-coach-api)
 
-## Getting Started
-The server can be run in two different modes: `development` and `production`
 
+# Important INSTRUCTIONS for Developers
+Copy `.env.sample` to `.env` as it contains the ENV configurations needed during bootstrapping the appliation. DO NOT commit the .env file.
+If you have changes that are need on bootstrap, add it to the `.env.sample` file, and ensure you have handled the missing values in your code.
+
+You need to run the server in HTTPS Mode, to ensure you don't get conflicts in your browser.
+A `development.pem` has been provided in `src/certs`.
+
+#### Mac Users
+Open Keychain Access and import the root certificate `development.pem` in `src/certs` to your System keychain. Then right click on `codingcoach` in Keychain and select `Get info`. Expand `Trust` and mark the certificate to `Always Trust`.
+
+#### Linux Users
+Depending on your Linux distribution, you can use `trust`, `update-ca-certificates` or another command to mark the generated root certificate as trusted. [TODO: add detailed instructions].
+
+#### Windows Users
+*No clues as how to do this at this point.*
+
+Add an alias in your `/etc/hosts` for `codingcoach.dev`.
+
+```
+# /etc/hosts
+# Host Database
+#
+# localhost is used to configure the loopback interface
+# when the system is booting.  Do not change this entry.
+##
+127.0.0.1	localhost
+127.0.0.1 api.codingcoach.dev
+```
 ## Development
 To run the server in `development`:
 1. `yarn install` - This will install the node dependencies
@@ -12,8 +38,7 @@ To run the server in `development`:
 The server runs in watch mode so changes you make to the API will automatically restart the server
 with those changes.
 
-GraphQL Playground at : http://localhost:3000/graphql
-Dummy Endpoint : http://localhost:3000/hello
+GraphQL Playground at : https://codingcoach.dev:3001/graphql
 
 > Note that this does not start a MongoDB database, ensure an instance is running at `localhost:27017`.
 

azure-pipelines.yml

@@ -0,0 +1,53 @@
+resources:
+- repo: self
+
+pool:
+  vmImage: Hosted Ubuntu 1604
+  demands:
+  - node
+  - npm
+
+variables:
+  resourcegroup: 'coding-coach-rg'
+  location: 'West Europe'
+  registry: 'codingcoachacr'
+  beimage: 'codingcoachbe'
+
+steps:
+- task: AzureResourceGroupDeployment@2
+  displayName: 'Azure Deployment:Create Or Update Resource Group action on $(resourcegroup)'
+  inputs:
+    azureSubscription: 'Free Trial (15d1a0f0-8a6b-470e-9cd2-eef5ba7c5a5a)'
+    resourceGroupName: '$(resourcegroup)'
+    location: '$(location)'
+    csmFile: '$(System.DefaultWorkingDirectory)/azure-templates/container-registry-template.json'
+    overrideParameters: '-registryName "$(registry)" -registryLocation "$(location)" -registrySku "Basic"'
+
+- task: NodeTool@0
+  displayName: 'Use Node 10'
+  inputs:
+    versionSpec: 10.x
+    checkLatest: true
+
+- task: Npm@1
+  displayName: 'Install all dependencies'
+  inputs:
+    workingDir: '$(System.DefaultWorkingDirectory)'
+    verbose: false
+
+- task: Docker@1
+  displayName: 'Build an image'
+  inputs:
+    azureSubscriptionEndpoint: 'Free Trial (15d1a0f0-8a6b-470e-9cd2-eef5ba7c5a5a)'
+    azureContainerRegistry: '$(registry).azurecr.io'
+    useDefaultContext: false
+    buildContext: '$(System.DefaultWorkingDirectory)'
+    imageName: '$(beimage):$(Build.BuildId)'
+
+- task: Docker@1
+  displayName: 'Publish an image'
+  inputs:
+    azureSubscriptionEndpoint: 'Free Trial (15d1a0f0-8a6b-470e-9cd2-eef5ba7c5a5a)'
+    azureContainerRegistry: '$(registry).azurecr.io'
+    command: 'Push an image'
+    imageName: '$(beimage):$(Build.BuildId)'

azure-templates/container-registry-template.json

@@ -0,0 +1,28 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "registryName": {
+      "type": "String"
+    },
+    "registryLocation": {
+      "type": "String"
+    },
+    "registrySku": {
+      "defaultValue": "Standard",
+      "type": "String"
+    }
+  },
+  "resources": [{
+    "type": "Microsoft.ContainerRegistry/registries",
+    "sku": {
+      "name": "[parameters('registrySku')]"
+    },
+    "name": "[parameters('registryName')]",
+    "apiVersion": "2017-10-01",
+    "location": "[parameters('registryLocation')]",
+    "properties": {
+      "adminUserEnabled": "true"
+    }
+  }]
+}

azure-templates/container-webapp-template.json

@@ -0,0 +1,123 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "webAppName": {
+      "type": "String"
+    },
+    "hostingPlanName": {
+      "type": "String"
+    },
+    "appInsightsLocation": {
+      "type": "String"
+    },
+    "sku": {
+      "defaultValue": "Standard",
+      "type": "String"
+    },
+    "registryName": {
+      "type": "String"
+    },
+    "imageName": {
+      "type": "String"
+    },
+    "registryLocation": {
+      "type": "String"
+    },
+    "registrySku": {
+      "defaultValue": "Standard",
+      "type": "String"
+    },
+    "startupCommand": {
+      "defaultValue": "",
+      "type": "String"
+    }
+  },
+  "resources": [{
+      "type": "Microsoft.Web/sites",
+      "name": "[parameters('webAppName')]",
+      "apiVersion": "2016-03-01",
+      "location": "[resourceGroup().location]",
+      "tags": {
+        "[concat('hidden-related:', '/subscriptions/', subscription().subscriptionId,'/resourcegroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]": "empty"
+      },
+      "properties": {
+        "name": "[parameters('webAppName')]",
+        "siteConfig": {
+          "appSettings": [{
+              "name": "DOCKER_REGISTRY_SERVER_URL",
+              "value": "[concat('https://', reference(concat('Microsoft.ContainerRegistry/registries/', parameters('registryName'))).loginServer)]"
+            },
+            {
+              "name": "DOCKER_REGISTRY_SERVER_USERNAME",
+              "value": "[listCredentials(concat('Microsoft.ContainerRegistry/registries/', parameters('registryName')), '2017-10-01').username]"
+            },
+            {
+              "name": "DOCKER_REGISTRY_SERVER_PASSWORD",
+              "value": "[listCredentials(concat('Microsoft.ContainerRegistry/registries/', parameters('registryName')), '2017-10-01').passwords[0].value]"
+            },
+            {
+              "name": "WEBSITES_ENABLE_APP_SERVICE_STORAGE",
+              "value": "false"
+            },
+            {
+              "name": "APPINSIGHTS_INSTRUMENTATIONKEY",
+              "value": "[reference(resourceId('microsoft.insights/components/', parameters('webAppName')), '2015-05-01').InstrumentationKey]"
+            }
+          ],
+          "appCommandLine": "[parameters('startupCommand')]",
+          "linuxFxVersion": "[concat('DOCKER|', reference(concat('Microsoft.ContainerRegistry/registries/', parameters('registryName'))).loginServer, '/', parameters('imageName'))]"
+        },
+        "serverFarmId": "[concat('/subscriptions/', subscription().subscriptionId,'/resourcegroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
+        "hostingEnvironment": ""
+      },
+      "dependsOn": [
+        "[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
+        "[resourceId('microsoft.insights/components/', parameters('webAppName'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.ContainerRegistry/registries",
+      "sku": {
+        "name": "[parameters('registrySku')]"
+      },
+      "name": "[parameters('registryName')]",
+      "apiVersion": "2017-10-01",
+      "location": "[parameters('registryLocation')]",
+      "properties": {
+        "adminUserEnabled": "true"
+      }
+    },
+    {
+      "type": "Microsoft.Web/serverfarms",
+      "sku": {
+        "Tier": "[first(skip(split(parameters('sku'), ' '), 1))]",
+        "Name": "[first(split(parameters('sku'), ' '))]"
+      },
+      "kind": "linux",
+      "name": "[parameters('hostingPlanName')]",
+      "apiVersion": "2016-09-01",
+      "location": "[resourceGroup().location]",
+      "properties": {
+        "name": "[parameters('hostingPlanName')]",
+        "workerSizeId": "0",
+        "reserved": true,
+        "numberOfWorkers": "1",
+        "hostingEnvironment": ""
+      }
+    },
+    {
+      "type": "Microsoft.Insights/components",
+      "name": "[parameters('webAppName')]",
+      "apiVersion": "2014-04-01",
+      "location": "[parameters('appInsightsLocation')]",
+      "tags": {
+        "[concat('hidden-link:', resourceGroup().id, '/providers/Microsoft.Web/sites/', parameters('webAppName'))]": "Resource"
+      },
+      "properties": {
+        "applicationId": "[parameters('webAppName')]",
+        "Request_Source": "AzureTfsExtensionAzureProject"
+      }
+    }
+  ]
+}