-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.cl
69 lines (54 loc) · 2.05 KB
/
index.cl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import node-core
express = require 'express'
path = require 'path'
sessions = require 'client-sessions'
bodyParser = require 'body-parser'
Mustache = require 'mustache'
Request = require 'request'
Querystring = require 'querystring'
Guid = require 'guid'
csrfGuid = Guid.raw ()
akConfig = require './account-kit-config.json'
AKINIT = { appId: akConfig.appID,
csrf: csrfGuid,
version: akConfig.version
}
bodyParserJSON = bodyParser.json ()
app = express ()
app.use (express.static (path.join __dirname 'public'))
app.use bodyParserJSON
app.use (bodyParser.urlencoded {extended: true })
tokenExchangeBaseURL = 'https://graph.accountkit.com/' ++ akConfig.version ++ '/access_token?'
meEndpointBaseURL = 'https://graph.accountkit.com/' ++ akConfig.version ++ '/me' ++ '?access_token='
params = { grant_type: 'authorization_code',
access_token: ['AA', akConfig.appID, akConfig.appSecret].join '|'
}
app.use (sessions {
cookieName: 'session',
secret: 'mysecret',
duration: 7 * 24 * 60 * 60 * 1000,
activeDuration: 24 * 60 * 60 * 1000 })
do
req res <- IO (app.get '/')
maybeUndefined req.session.user (res.redirect '/login')
res.send 'hello world'
do
request response <- IO (app.get '/login')
maybeTrue !!request.session.user (response.redirect '/')
loginTemplate <- readFile 'views/login.html'
response.send (Mustache.to_html loginTemplate AKINIT)
do
request response <- IO (app.post '/login')
let csrfCheck = request.body.csrf == csrfGuid
maybeFalse csrfCheck (response.send {success: false})
defineProp params 'code' request.body.code
err resp respBody <- IO (Request.get {url: tokenExchangeBaseURL ++ (Querystring.stringify params), json: true})
errURL respURL respBodyURL <- IO (Request.get {url: meEndpointBaseURL ++ respBody.access_token, json:true })
defineProp request.session 'user' respBodyURL.phone.number
response.send {success: true}
do
request response <- IO (app.get '/logout')
delete request.session.user
response.redirect '/'
PORT = process.env.PORT || 3000
app.listen PORT