AccountKit Authentication

Gemfile

@@ -6,10 +6,11 @@ gem "rails-api"
 gem "faraday"
 gem "figaro"
 gem "jwt"
-gem 'rack-cors', require: 'rack/cors'
-gem 'active_model_serializers', '~> 0.10.0'
+gem "rack-cors", require: "rack/cors"
+gem "active_model_serializers"
 gem "cancancan", "~> 1.10"
 gem "faker"
+gem "facebook-account-kit"
 gem 'globalize', '~> 5.0.0'
 
 group :production do
@@ -27,6 +28,6 @@ group :development, :test do
   gem "shoulda-matchers", "~> 3.1"
   gem "simplecov"
   gem "coveralls", require: false
-  gem "vcr"
   gem "webmock"
+  gem "rubocop"
 end

Gemfile.lock

@@ -43,6 +43,7 @@ GEM
       tzinfo (~> 1.1)
     addressable (2.4.0)
     arel (6.0.3)
+    ast (2.3.0)
     builder (3.2.2)
     cancancan (1.15.0)
     coderay (1.1.1)
@@ -59,12 +60,13 @@ GEM
     diff-lcs (1.2.5)
     docile (1.1.5)
     erubis (2.7.0)
-    factory_girl (4.5.0)
+    facebook-account-kit (1.0.0)
+    factory_girl (4.7.0)
       activesupport (>= 3.0.0)
-    factory_girl_rails (4.6.0)
-      factory_girl (~> 4.5.0)
+    factory_girl_rails (4.7.0)
+      factory_girl (~> 4.7.0)
       railties (>= 3.0.0)
-    faker (1.6.3)
+    faker (1.6.6)
       i18n (~> 0.5)
     faraday (0.9.2)
       multipart-post (>= 1.2, < 3)
@@ -97,7 +99,10 @@ GEM
     multipart-post (2.0.0)
     nokogiri (1.6.8.1)
       mini_portile2 (~> 2.1.0)
+    parser (2.3.1.4)
+      ast (~> 2.2)
     pg (0.19.0)
+    powerpack (0.1.1)
     pry (0.10.4)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
@@ -140,24 +145,32 @@ GEM
       activesupport (= 4.2.5)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
+    rainbow (2.1.0)
     rake (11.3.0)
-    rspec-core (3.4.4)
-      rspec-support (~> 3.4.0)
-    rspec-expectations (3.4.0)
+    rspec-core (3.5.4)
+      rspec-support (~> 3.5.0)
+    rspec-expectations (3.5.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.4.0)
-    rspec-mocks (3.4.1)
+      rspec-support (~> 3.5.0)
+    rspec-mocks (3.5.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.4.0)
-    rspec-rails (3.4.2)
-      actionpack (>= 3.0, < 4.3)
-      activesupport (>= 3.0, < 4.3)
-      railties (>= 3.0, < 4.3)
-      rspec-core (~> 3.4.0)
-      rspec-expectations (~> 3.4.0)
-      rspec-mocks (~> 3.4.0)
-      rspec-support (~> 3.4.0)
-    rspec-support (3.4.1)
+      rspec-support (~> 3.5.0)
+    rspec-rails (3.5.2)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.5.0)
+      rspec-expectations (~> 3.5.0)
+      rspec-mocks (~> 3.5.0)
+      rspec-support (~> 3.5.0)
+    rspec-support (3.5.0)
+    rubocop (0.44.1)
+      parser (>= 2.3.1.1, < 3.0)
+      powerpack (~> 0.1)
+      rainbow (>= 1.99.1, < 3.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-progressbar (1.8.1)
     safe_yaml (1.0.4)
     shoulda-matchers (3.1.1)
       activesupport (>= 4.0.0)
@@ -167,23 +180,24 @@ GEM
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.0)
     slop (3.6.0)
-    spring (1.7.2)
+    spring (2.0.0)
+      activesupport (>= 4.2)
     sprockets (3.7.0)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-rails (3.2.0)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sqlite3 (1.3.11)
+    sqlite3 (1.3.12)
     term-ansicolor (1.4.0)
       tins (~> 1.0)
     thor (0.19.1)
     thread_safe (0.3.5)
     tins (1.12.0)
     tzinfo (1.2.2)
       thread_safe (~> 0.1)
-    vcr (3.0.3)
+    unicode-display_width (1.1.1)
     webmock (2.1.0)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
@@ -193,10 +207,11 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  active_model_serializers (~> 0.10.0)
+  active_model_serializers
   cancancan (~> 1.10)
   coveralls
   database_cleaner
+  facebook-account-kit
   factory_girl_rails
   faker
   faraday
@@ -210,15 +225,15 @@ DEPENDENCIES
   rails-api
   rails_12factor
   rspec-rails
+  rubocop
   shoulda-matchers (~> 3.1)
   simplecov
   spring
   sqlite3
-  vcr
   webmock
 
 RUBY VERSION
    ruby 2.2.3p173
 
 BUNDLED WITH
-   1.12.5
+   1.13.2

app/controllers/api/v1/auth_controller.rb

@@ -4,36 +4,15 @@ class AuthController < ApplicationController
       before_action :authenticate, only: :logout
 
       def login
-        parameters = {
-          fields: FIELDS,
-          access_token: auth_params[:access_token]
-        }
-
-        http_client = Http.new(FB_URL)
-        response, response_status = http_client.get_request(parameters)
-        message, status = authenticate_user(response, response_status)
+        account_kit = AccountKit.new(params[:access_token])
+        message, status = account_kit.get_message_and_status
         render json: message, status: status
       end
 
       def logout
         ExpiredToken.create(token: token)
         render json: { Status: "Logged out" }, status: 200
       end
-
-      private
-
-      def auth_params
-        params.permit(:access_token)
-      end
-
-      def authenticate_user(response, status)
-        return(
-          [{ error: response["error"]["message"] }, 401]
-        ) unless status == "200"
-        user = User.find_or_create_user(response)
-        token = Authenticate.create_token(fb_id: user.fb_id, email: user.email)
-        [{ token: token, user: user }, 200]
-      end
     end
   end
 end

app/controllers/api/v1/proverbs_controller.rb

@@ -52,6 +52,37 @@ def proverb_params
         params.require(:proverb).permit(:body, :locale, all_tags: [])
       end
 
+      def valid_translation?
+        translations = params[:proverb][:translations]
+        if translations
+          return true if translations[0] == ""
+          translations.all? do |translation|
+            Proverb.new(translation.symbolize_keys.merge(
+                          user_id: current_user.id
+            )).valid?
+          end
+        else
+          true
+        end
+      end
+
+      def create_translations
+        translations = params[:proverb][:translations]
+        tags = @proverb.tags.map(&:name)
+        if translations
+          return true if translations[0] == ""
+          translations.each do |translation|
+            Proverb.create(translation.symbolize_keys.merge(
+                             root_id: @proverb.id,
+                             all_tags: tags,
+                             user_id: current_user.id
+            ))
+          end
+        else
+          true
+        end
+      end
+
 
       def check_tags
         unless proverb_params["all_tags"] && proverb_params["all_tags"].is_a?(Array)

app/controllers/application_controller.rb

@@ -39,7 +39,7 @@ def token_has_expired(token)
   def set_payload(status, payload)
     if status
       user = payload
-      @current_user = User.find_by(fb_id: user["fb_id"])
+      @current_user = User.find_by(kit_id: user["kit_id"])
       activate(@current_user)
     else
       render json: payload, status: 401

app/models/user.rb

@@ -1,16 +1,14 @@
 class User < ActiveRecord::Base
   has_many :proverbs
 
-  validates :email, :fb_id, :first_name, :last_name, presence: true
-  validates :email, uniqueness: true
-
   enum user_type: { regular: 0, moderator: 1, admin: 2 }
 
-  def self.find_or_create_user(auth_params)
-    find_or_create_by(fb_id: auth_params["id"]) do |user|
-      user.first_name = auth_params["first_name"]
-      user.last_name = auth_params["last_name"]
-      user.email = auth_params["email"]
+  def self.find_or_create_user(user_info)
+    user_info = HashWithIndifferentAccess.new(user_info)
+
+    find_or_create_by(kit_id: user_info["id"]) do |user|
+      user.phone_number = user_info["phone"]["number"] if user_info["phone"]
+      user.email = user_info["email"]["address"] if user_info["email"]
     end
   end
 end

app/services/api/v1/account_kit.rb

@@ -0,0 +1,30 @@
+module Api
+  module V1
+    class AccountKit
+      attr_reader :access_token
+
+      def initialize(access_token)
+        @access_token = access_token
+      end
+
+      def get_message_and_status
+        begin
+          user_account = Facebook::AccountKit::UserAccount.new(access_token)
+          user = User.find_or_create_user(user_account.fetch_user_info)
+          return [{ token: get_token(user), user: user }, 200]
+        rescue
+          return [{ error: "Invalid Access Token" }, "400"]
+        end
+      end
+
+      private
+
+      def get_token(user_info)
+        user_params = {}
+        user_params[:email] = user_info.email if user_info.email
+        user_params[:phone_number] = user_info.phone_number if user_info.phone_number
+        Authenticate.create_token(user_params.merge(kit_id: user_info.kit_id))
+      end
+    end
+  end
+end

config/application.rb

@@ -23,9 +23,9 @@ class Application < Rails::Application
     config.i18n.fallbacks = true
     config.i18n.load_path += Dir[Rails.root.join('config', 'locales', '*.{rb,yml}').to_s]
     config.middleware.insert_before 0, "Rack::Cors" do
-    allow do
-        origins '*'
-        resource '*', :headers => :any, :methods => [:get, :post, :put, :delete, :options]
+      allow do
+        origins "*"
+        resource "*", headers: :any, methods: [:get, :post, :put, :delete, :options]
       end
     end
     # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
@@ -39,8 +39,8 @@ class Application < Rails::Application
     # Do not swallow errors in after_commit/after_rollback callbacks.
     config.middleware.insert_before 0, "Rack::Cors" do
       allow do
-        origins '*'
-        resource '*', headers: :any, methods: [:get, :post, :options]
+        origins "*"
+        resource "*", headers: :any, methods: [:get, :post, :options]
       end
     end
     config.active_record.raise_in_transactional_callbacks = true

config/initializers/account_kit.rb

@@ -0,0 +1,7 @@
+require "facebook/account_kit"
+
+Facebook::AccountKit.config do |c|
+  c.account_kit_version = "v1.0"
+  c.account_kit_app_secret = ENV["kit_app_secret"]
+  c.facebook_app_id = ENV["kit_app_id"]
+end

db/migrate/20161009114624_add_kit_details_to_users.rb

@@ -0,0 +1,6 @@
+class AddKitDetailsToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :kit_id, :string
+    add_column :users, :phone_number, :string
+  end
+end

db/migrate/20161018111235_remove_face_book_details_from_users.rb

@@ -0,0 +1,8 @@
+class RemoveFaceBookDetailsFromUsers < ActiveRecord::Migration
+  def change
+    remove_column :users, :username, :string
+    remove_column :users, :first_name, :string
+    remove_column :users, :last_name, :string
+    remove_column :users, :fb_id, :integer
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20161015103413) do
+ActiveRecord::Schema.define(version: 20161018111235) do
 
   create_table "expired_tokens", force: :cascade do |t|
     t.string   "token"
@@ -56,13 +56,11 @@
 
   create_table "users", force: :cascade do |t|
     t.string   "email"
-    t.string   "username"
-    t.string   "first_name"
-    t.string   "last_name"
-    t.string   "fb_id"
-    t.datetime "created_at",             null: false
-    t.datetime "updated_at",             null: false
-    t.integer  "user_type",  default: 0
+    t.datetime "created_at",               null: false
+    t.datetime "updated_at",               null: false
+    t.integer  "user_type",    default: 0
+    t.string   "kit_id"
+    t.string   "phone_number"
   end
 
 end