🔒refactor: social login and remove direct user model access in strategies (#2946)

* refactor: checking `ALLOW_SOCIAL_REGISTRATION` with `isEnabled` * feat: Add findUserByEmail function to UserService This commit adds a new function, , to the module. This function retrieves a user document from the database based on the provided email. It returns the user document if found, otherwise it returns null. If there is a problem during user retrieval, an error is thrown. * refactor: add socialLogin to remove repetitive code
2025-12-17 17:00:15 +01:00 · 2024-06-06 19:23:11 +02:00 · 2024-06-06 19:23:11 +02:00 · b7fef6958b
commit b7fef6958b
parent 5452d4c20c
6 changed files with 104 additions and 143 deletions
--- a/api/strategies/facebookStrategy.js
+++ b/api/strategies/facebookStrategy.js
@ -1,39 +1,15 @@
 const FacebookStrategy = require('passport-facebook').Strategy;
-const { createNewUser, handleExistingUser } = require('./process');
-const { logger } = require('~/config');
-const User = require('~/models/User');
+const socialLogin = require('./socialLogin');

-const facebookLogin = async (accessToken, refreshToken, profile, cb) => {
-  try {
-    const email = profile.emails[0]?.value;
-    const facebookId = profile.id;
-    const oldUser = await User.findOne({ email });
-    const ALLOW_SOCIAL_REGISTRATION =
-      process.env.ALLOW_SOCIAL_REGISTRATION?.toLowerCase() === 'true';
-    const avatarUrl = profile.photos[0]?.value;
+const getProfileDetails = (profile) => ({
+  email: profile.emails[0]?.value,
+  id: profile.id,
+  avatarUrl: profile.photos[0]?.value,
+  username: profile.displayName,
+  name: profile.name?.givenName + ' ' + profile.name?.familyName,
+});

-    if (oldUser) {
-      await handleExistingUser(oldUser, avatarUrl);
-      return cb(null, oldUser);
-    }
-
-    if (ALLOW_SOCIAL_REGISTRATION) {
-      const newUser = await createNewUser({
-        email,
-        avatarUrl,
-        provider: 'facebook',
-        providerKey: 'facebookId',
-        providerId: facebookId,
-        username: profile.displayName,
-        name: profile.name?.givenName + ' ' + profile.name?.familyName,
-      });
-      return cb(null, newUser);
-    }
-  } catch (err) {
-    logger.error('[facebookLogin]', err);
-    return cb(err);
-  }
-};
+const facebookLogin = socialLogin('facebook', getProfileDetails);

 module.exports = () =>
  new FacebookStrategy(