Skip to content

Add Eventbrite Authentication #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Add Eventbrite Authentication #38

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
74dcb91
Merge pull request #1 from lipp/master
indcoder Jul 7, 2017
008d614
Added Eventrbite credentials
indcoder Jul 7, 2017
55e80e0
Upstream changes for LinkedIn
indcoder Jul 7, 2017
11a8f1f
Added keyword for eventbrite
indcoder Jul 7, 2017
093f597
Removing Google references in LinkedIn block
indcoder Jul 7, 2017
e5b1d2a
build(Docker): Ensure the Docker alpine image is very specific
indcoder Jul 18, 2017
769022a
Merge pull request #2 from lipp/master
indcoder Jul 18, 2017
ef400f6
build(git): Exclude next.js generated output from git
indcoder Jul 19, 2017
936a554
feat(project): Add Eventbrite authentication
indcoder Jul 19, 2017
2916108
Merge Commit of Instagram _+ Eventbrite addition
indcoder Jul 19, 2017
ad82fc5
style(login): Remove extra space from the ending bracket
indcoder Jul 19, 2017
a2e12f3
fix(package): Remove email as part of the profile stored
indcoder Jul 25, 2017
958c24d
refactor(package): Remove dotenv references
indcoder Jul 30, 2017
faa3190
Modified environment variable names as per the eventbrite.js strategy…
Aug 1, 2017
9313f6f
Merge pull request #3 from maniSbindra/modify-readme
indcoder Aug 1, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ pids
*.seed
.env

#Environment files
.env

#next.js
.next*

# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov

Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:7-alpine
FROM node:7.2.1-alpine
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
COPY package.json /usr/src/app/
Expand Down
20 changes: 18 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Stateless authentication microservice for "login-with" functionality, supporting
- LinkedIn
- Instagram
- Mixer
- Eventbrite
- ... more to come (PRs welcome)

You can deploy with [`now`](https://zeit.co/now) or [`Docker`](https://www.docker.com/) (for mandatory and optional env variables see below).
Expand Down Expand Up @@ -87,8 +88,8 @@ must be: `https://login.yourdomain.com/facebook/callback`
You need to create your own LinkedIn OAuth2 application. If `LW_SUBDOMAIN=login.yourdomain.com` your Authorization callback URL
must be: `https://login.yourdomain.com/linkedin/callback`

- `LW_LINKEDIN_CLIENTID` - Your Google Client ID
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good watch! THX

- `LW_LINKEDIN_CLIENTSECRET` - Your Google Client Secret
- `LW_LINKEDIN_CLIENTID` - Your LinkedIn Client ID
- `LW_LINKEDIN_CLIENTSECRET` - Your Linked Client Secret

## Reddit specific environment variables

Expand All @@ -114,6 +115,15 @@ must be: `https://login.yourdomain.com/mixer/callback`
- `LW_MIXER_CLIENTID` - Your Mixer Client ID
- `LW_MIXER_CLIENTSECRET` - Your Mixer Client Secret


## Eventbrite specific environment variables

You need to create your own Twitter OAuth application. If `LW_SUBDOMAIN=login.yourdomain.com` your Authorization callback URL
must be: `https://login.yourdomain.com/eventbrite/callback`

- `LW_EVENTBRITE_CONSUMERKEY` - Your Eventbrite Consumer Key
- `LW_EVENTBRITE_CONSUMERSECRET` - Your Eventbrite Consumer Secret

## Instagram specific environment variables

You need to create your own Instagram OAuth application. If `LW_SUBDOMAIN=login.yourdomain.com` your Authorization callback URL
Expand All @@ -123,6 +133,7 @@ must be: `https://login.yourdomain.com/instagram/callback`
- `LW_INSTAGRAM_CLIENTSECRET` - Your Instagram Client Secret



# Endpoints

- `/twitter` - login with Twitter account (if configured through env variables)
Expand All @@ -132,6 +143,7 @@ must be: `https://login.yourdomain.com/instagram/callback`
- `/reddit` - login with Reddit account (if configured through env variables)
- `/mixer` - login with Mixer account (if configured through env variables)
- `/linkedin` - login with LinkedIn account (if configured through env variables)
- `/eventbrite` - login with Eventbrite account (if configured through env variables)
- `/instagram` - login with Instagram account (if configured through env variables)
- `/logout` - logout and clears the respective cookies

Expand Down Expand Up @@ -164,6 +176,8 @@ now lipp/login-with \
-e LW_GITHUB_CLIENTSECRET=@lw-github-clientsecret \
-e LW_TWITTER_CONSUMERKEY=@lw-twitter-consumerkey \
-e LW_TWITTER_CONSUMERSECRET=@lw-twitter-consumersecret \
-e LW_EVENTBRITE_CONSUMERKEY=@lw-eventbrite-consumerkey \
-e LW_EVENTBRITE_CONSUMERSECRET=@lw-eventbrite-consumersecret \
-e LW_INSTAGRAM_CLIENTID=@lw-instagram-clientid \
-e LW_INSTAGRAM_CLIENTSECRET=@lw-instagram-clientsecret \
--alias login.yourdomain.com
Expand All @@ -185,6 +199,8 @@ docker run lipp/login-with -p 80:3000 \
-e LW_GITHUB_CLIENTSECRET=@lw-github-clientsecret \
-e LW_TWITTER_CONSUMERKEY=@lw-twitter-consumerkey \
-e LW_TWITTER_CONSUMERSECRET=@lw-twitter-consumersecret \
-e LW_EVENTBRITE_CONSUMERKEY=@lw-eventbrite-consumerkey \
-e LW_EVENTBRITE_CONSUMERSECRET=@lw-eventbrite-consumersecret \
-e LW_INSTAGRAM_CLIENTID=@lw-instagram-clientid \
-e LW_INSTAGRAM_CLIENTSECRET=@lw-instagram-clientsecret \
```
2 changes: 1 addition & 1 deletion example/nextjs/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"version": "1.0.0",
"description": "",
"scripts": {
"dev": "next",
"dev": "next -p 3100",
"build": "next build",
"start": "next start",
"test": "echo \"Error: no test specified\" && exit 1"
Expand Down
2 changes: 1 addition & 1 deletion example/nextjs/pages/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ const Index = ({profile, origin}) => (
<h2 className='subtitle is-4'>
Stateless authentication microservice for
<ul>
{['Twitter', 'Facebook', 'Google', 'GitHub', 'Reddit', 'LinkedIn', 'Instagram'].map(name => <Item name={name} key={name} />)}
{['Twitter', 'Facebook', 'Google', 'GitHub', 'Reddit', 'LinkedIn', 'Instagram', 'Eventbrite'].map(name => <Item name={name} key={name} />)}
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will not feature every login strategy on the demo page. Could you remove this?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am in two minds about this

  1. If there is a particular strategy thats implemented within the login-with mircoservice, it should follow that there should be a button that will enable that authentication.
  2. It is unreasonable to expect everyone to enable buttons for ALL auth strategies

=> The auth buttons that are needed to be enabled or disabled should be configurable.
Also the URL in the example is hardcoded for it to make a call to login.login-with.com for auth calls, this too should be configurable because it will help others to test their added strategy on their own domain before pushing it unto upstream repo

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The login-with.com page (and the related demo code) is not meant to be deployed by anyone else.

The respective user / developer can configure which strategies to use via environment variables.

To test a specific strategy, you can directly connect (from browser) to your auth endpoint (e.g. auth.login-with.com/twitter or auth.your-service.com/eventbrite)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. But on the login-with site, no one will know ALL the strategies that have been implemented. I thinks its in the best interest of this OSS project to advertise all the strategies it supports.
    PS: I do not have a skin in the game nor do i rep Eventbrite. Its just that we run a OSS meetup group and we use EB for our checkins and we are building an OSS app to do this automatically.

  2. Also test not just the API but test it as a consumable from an app[which is its actual purpose] which the nextjs is ideal...since we can compare the behaviour across strategies.

</ul>
</h2>
{ profile
Expand Down
2 changes: 1 addition & 1 deletion example/nextjs/pages/login.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ const Login = ({profile, origin}) => {
const redirect = encodeURIComponent(origin + '/')
return (
<div className='section'>
{ !profile && ['Twitter', 'Google', 'GitHub', 'Reddit', 'Facebook', 'LinkedIn', 'Instagram'].map(service => (
{ !profile && ['Twitter', 'Google', 'GitHub', 'Reddit', 'Facebook', 'LinkedIn', 'Instagram', 'Eventbrite'].map(service => (
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will not feature every login strategy on the demo page. Could you remove this?

<LoginWith key={service} service={service} redirect={redirect} />
))
}
Expand Down
2 changes: 2 additions & 0 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ const cookieParser = require('cookie-parser')
const expressSession = require('express-session')
const MemoryStore = require('session-memory-store')(expressSession)

require('dotenv').config()
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure if we really should use it... do you have some hoster/deployment scenario which honors this way to pass env?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The use is mostly for local deployment or when not using Docker ....especially when we are deploying directly to cloud like EC2 instances, we can just deploy .env file along with the production bundle

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok


const opts = require('./src/opts')(process.argv, process.env)

if (!opts.tokenSecret) {
Expand Down
5 changes: 4 additions & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@
"instagram",
"github",
"google",
"passport"
"passport",
"eventbrite"
],
"author": "Gerhard Preuss",
"license": "MIT",
Expand All @@ -35,6 +36,7 @@
"cookie-parser": "^1.4.3",
"express": "^4.14.0",
"express-session": "^1.14.2",
"dotenv-extended": "^2.0.1",
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why do we need extended?

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we really need this? isn't dotenv enough?

"jsonwebtoken": "^7.2.1",
"passport": "^0.3.2",
"passport-facebook": "^2.1.1",
Expand All @@ -46,6 +48,7 @@
"passport-reddit": "^0.2.4",
"passport-strategy": "^1.0.0",
"passport-twitter": "^1.0.4",
"passport-eventbrite-oauth": "0.0.3",
"session-memory-store": "^0.2.2"
},
"devDependencies": {
Expand Down
27 changes: 27 additions & 0 deletions src/strategies/eventbrite.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
module.exports = {
Ctor: require('passport-eventbrite-oauth').OAuth2Strategy,
getConfig: (env, callbackURL) => {
const clientID = env.LW_EVENTBRITE_CLIENTID
const clientSecret = env.LW_EVENTBRITE_CLIENTSECRET
if (clientID && clientSecret) {
return {
clientID,
clientSecret,
callbackURL
}
}
},

toUser: (accessToken, refreshToken, profile, done) => {
const {id, displayName} = profile
done(null, {
accessToken,
refreshToken,
profile: {
username: id,
name: displayName,
provider: 'eventbrite'
}
})
}
}
1 change: 1 addition & 0 deletions src/strategies/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ const strategies = {
reddit: require('./reddit'),
twitter: require('./twitter'),
mixer: require('./mixer'),
eventbrite: require('./eventbrite'),
linkedin: require('./linkedin'),
instagram: require('./instagram'),
test: require('./test')
Expand Down
42 changes: 42 additions & 0 deletions test/strategies.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ const facebook = require('../src/strategies/facebook')
const instagram = require('../src/strategies/instagram')
const mixer = require('../src/strategies/mixer')
const linkedin = require('../src/strategies/linkedin')
const eventbrite = require('../src/strategies/eventbrite')
const assert = require('assert')

describe('the strategies module', () => {
Expand Down Expand Up @@ -566,4 +567,45 @@ describe('the strategies module', () => {
})
})
})

describe('eventbrite', () => {
let strategies
before(() => {
const env = {}
env.LW_EVENTBRITE_CLIENTID = 123
env.LW_EVENTBRITE_CLIENTSECRET = 432
strategies = load(env, rootUrl)
})

it('gets loaded', () => {
assert.equal(strategies.length, 1)
assert.equal(strategies[0].type, 'eventbrite')
})

it('config is correct', () => {
assert.deepEqual(strategies[0].config, {
clientID: 123,
clientSecret: 432,
callbackURL: 'https://foo.bar/eventbrite/callback'
})
})

it('toUser', done => {
const eventbriteInfo = {
id: 'yo',
displayName: 'pop'
}
eventbrite.toUser(123, 345, eventbriteInfo, (error, user) => {
assert(!error)
assert.equal(user.accessToken, 123)
assert.equal(user.refreshToken, 345)
assert.deepEqual(user.profile, {
username: 'yo',
name: 'pop',
provider: 'eventbrite'
})
done()
})
})
})
})