Browse Source

add pebble login flow

pull/10/head
Aaron Parecki 10 years ago
parent
commit
6392169089
6 changed files with 62 additions and 9 deletions
  1. +14
    -6
      controllers/auth.php
  2. +23
    -1
      controllers/controllers.php
  3. +1
    -1
      views/auth_callback.php
  4. +1
    -1
      views/index.php
  5. +15
    -0
      views/pebble-settings-login.php
  6. +8
    -0
      views/pebble-settings.php

+ 14
- 6
controllers/auth.php View File

@ -110,6 +110,13 @@ $app->get('/auth/start', function() use($app) {
// Generate a "state" parameter for the request // Generate a "state" parameter for the request
$state = IndieAuth\Client::generateStateParameter(); $state = IndieAuth\Client::generateStateParameter();
$_SESSION['auth_state'] = $state; $_SESSION['auth_state'] = $state;
// Store whether to return to the Pebble settings tab or the new post page after signing in
if(array_key_exists('redirect', $params) && $params['redirect'] == 'settings') {
$_SESSION['redirect_after_login'] = '/pebble/settings/finished';
} else {
$_SESSION['redirect_after_login'] = '/new';
}
if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) { if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) {
$scope = 'post'; $scope = 'post';
@ -224,7 +231,7 @@ $app->get('/auth/callback', function() use($app) {
$micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me); $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
$tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me); $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
$redirectToDashboardImmediately = false;
$skipDebugScreen = false;
if($tokenEndpoint) { if($tokenEndpoint) {
// Exchange auth code for an access token // Exchange auth code for an access token
@ -248,7 +255,7 @@ $app->get('/auth/callback', function() use($app) {
// No token endpoint was discovered, instead, verify the auth code at the auth server or with indieauth.com // No token endpoint was discovered, instead, verify the auth code at the auth server or with indieauth.com
// Never show the intermediate login confirmation page if we just authenticated them instead of got authorization // Never show the intermediate login confirmation page if we just authenticated them instead of got authorization
$redirectToDashboardImmediately = true;
$skipDebugScreen = true;
if(!$authorizationEndpoint) { if(!$authorizationEndpoint) {
$authorizationEndpoint = 'https://indieauth.com/auth'; $authorizationEndpoint = 'https://indieauth.com/auth';
@ -284,7 +291,7 @@ $app->get('/auth/callback', function() use($app) {
$user->last_login = date('Y-m-d H:i:s'); $user->last_login = date('Y-m-d H:i:s');
// If they have logged in before and we already have an access token, then redirect to the dashboard now // If they have logged in before and we already have an access token, then redirect to the dashboard now
if($user->access_token) if($user->access_token)
$redirectToDashboardImmediately = true;
$skipDebugScreen = true;
} else { } else {
// New user! Store the user in the database // New user! Store the user in the database
$user = ORM::for_table('users')->create(); $user = ORM::for_table('users')->create();
@ -303,8 +310,8 @@ $app->get('/auth/callback', function() use($app) {
unset($_SESSION['auth_state']); unset($_SESSION['auth_state']);
if($redirectToDashboardImmediately) {
$app->redirect('/new', 301);
if($skipDebugScreen) {
$app->redirect($_SESSION['redirect_after_login'], 301);
} else { } else {
$html = render('auth_callback', array( $html = render('auth_callback', array(
'title' => 'Sign In', 'title' => 'Sign In',
@ -314,7 +321,8 @@ $app->get('/auth/callback', function() use($app) {
'tokenEndpoint' => $tokenEndpoint, 'tokenEndpoint' => $tokenEndpoint,
'auth' => $token['auth'], 'auth' => $token['auth'],
'response' => $token['response'], 'response' => $token['response'],
'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false)
'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false),
'redirect' => $_SESSION['redirect_after_login']
)); ));
$app->response()->body($html); $app->response()->body($html);
} }

+ 23
- 1
controllers/controllers.php View File

@ -24,6 +24,14 @@ function require_login(&$app) {
} }
} }
function get_login(&$app) {
if(array_key_exists('user_id', $_SESSION)) {
return ORM::for_table('users')->find_one($_SESSION['user_id']);
} else {
return false;
}
}
function generate_login_token() { function generate_login_token() {
return JWT::encode(array( return JWT::encode(array(
'user_id' => $_SESSION['user_id'], 'user_id' => $_SESSION['user_id'],
@ -51,9 +59,23 @@ $app->get('/new', function() use($app) {
}); });
$app->get('/pebble/settings', function() use($app) { $app->get('/pebble/settings', function() use($app) {
$html = render('pebble-settings-login', array(
'title' => 'Log In'
));
$app->response()->body($html);
});
$app->get('/pebble/settings/finished', function() use($app) {
if($user=require_login($app)) { if($user=require_login($app)) {
$token = JWT::encode(array(
'user_id' => $_SESSION['user_id'],
'me' => $_SESSION['me'],
'created_at' => time()
), Config::$jwtSecret);
$html = render('pebble-settings', array( $html = render('pebble-settings', array(
'title' => 'Pebble Settings'
'title' => 'Pebble Settings',
'token' => $token
)); ));
$app->response()->body($html); $app->response()->body($html);
} }

+ 1
- 1
views/auth_callback.php View File

@ -27,7 +27,7 @@
<h3>Success!</h3> <h3>Success!</h3>
<p>All required values were found! You are now signed in.</p> <p>All required values were found! You are now signed in.</p>
<p><a href="/new" class="btn btn-primary">Continue</a></p>
<p><a href="<?= $this->redirect ?>" class="btn btn-primary">Continue</a></p>
<?php else: ?> <?php else: ?>

+ 1
- 1
views/index.php View File

@ -5,7 +5,7 @@
<p class="tagline">Teacup is a simple app for tracking what you are drinking.</p> <p class="tagline">Teacup is a simple app for tracking what you are drinking.</p>
<p>To use Teacup, sign in with your domain. If your website supports <a href="http://indiewebcamp.com/micropub">Micropub</a>, it can log posts directly to your site. Otherwise, it will post to your profile on this website.</p>
<p>To use Teacup, sign in with your domain. If your website supports <a href="http://indiewebcamp.com/micropub">Micropub</a>, it will log posts directly to your site. Otherwise, it will post to your profile on this website.</p>
<form action="/auth/start" method="get" class="form-inline"> <form action="/auth/start" method="get" class="form-inline">
<input type="text" name="me" placeholder="http://me.com" value="" class="form-control"> <input type="text" name="me" placeholder="http://me.com" value="" class="form-control">

+ 15
- 0
views/pebble-settings-login.php View File

@ -0,0 +1,15 @@
<div class="narrow">
<?= partial('partials/header') ?>
<h2>Sign in with your Domain</h2>
<p>Enter your website below to sign in.</p>
<p>If your website supports Micropub, it will log posts directly to your site. Otherwise, it will post to your profile on this website.</p>
<form action="/auth/start" method="get" class="form-inline">
<input type="url" name="me" placeholder="http://me.com" value="" class="form-control">
<input type="hidden" name="redirect" value="settings">
<input type="submit" value="Sign In" class="btn btn-primary">
</form>
</div>

+ 8
- 0
views/pebble-settings.php View File

@ -0,0 +1,8 @@
<h2>Finished!</h2>
<script>
var options = {
token: '<?= $this->token ?>'
};
document.location = 'pebblejs://close#' + encodeURIComponent(JSON.stringify(options));
</script>

Loading…
Cancel
Save