3 files changed, 117 insertions, 5 deletions

diff --git a/config/config.js b/config/config.js
index 8312ddc..1eaffa1 100644
--- a/config/config.js
+++ b/config/config.js
@@ -8,6 +8,11 @@ module.exports = {
         root: rootPath,
         app: {
             name: 'Divid'
+        },
+        facebook: {
+            clientID: "504825706245603",
+            clientSecret: "e5ea0faed85d8749cafd38732530ef35",
+            callbackURL: "https://divid.no/auth/facebook/callback"
         }
     }
 }
diff --git a/config/passport.js b/config/passport.js
new file mode 100644
index 0000000..9518409
--- /dev/null
+++ b/config/passport.js
@@ -0,0 +1,109 @@
+// dependencies
+var mongoose = require('mongoose')
+  , LocalStrategy = require('passport-local').Strategy
+  , FacebookStrategy = require('passport-facebook').Strategy
+  , TwitterStrategy = require('passport-twitter').Strategy
+  , User = mongoose.model('User');
+
+/**
+ * This is where the magic happends
+ */
+
+module.exports = function (passport, config) {
+
+    // serialize sessions
+    passport.serializeUser( function(user, done) {
+        done(null, user.id);
+    });
+    passport.deserializeUser( function(id, done) {
+        User.findOne({ _id: id }, function(err, user) {
+            done(err, user);
+        });
+    });
+
+
+    /**
+     * Local strategy
+     */
+    passport.use(new LocalStrategy({
+        usernameField: 'email',
+        passwordField: 'password'
+    }, function(email, password, done) {
+
+        // looks up the user in the database, and check if password matches
+        User.findOne({ email: email }, function(err, user) {
+            if (err) return done(err);
+            if (!user) return done(null, false, { message: 'Unknown user' });
+            if (!user.authenticate(password)) return done(null, false, { message: 'Invalid password' });
+            return done(null, user);
+        });
+    }));
+
+
+    /**
+     * Facebook strategy
+     */
+    passport.use(new FacebookStrategy({
+        clientID: config.facebook.clientID
+      , clientSecret: config.facebook.clientSecret
+      , callbackURL: config.facebook.callbackURL
+    }, function(accessToken, refreshToken, profile, done) {
+
+        // looks up the user in the database. Will create the user if it does not exist
+        User.findOne({ 'facebook.id': profile.id }, function(err, user) {
+            if(err) return done(err);
+            if (!user) {
+                user = new User({
+                    name: profile.displayName
+                  , email: profile.emails[0].value
+                  , username: profile.username
+                  , provider: 'facebook'
+                  , facebook: profile._json
+                });
+                user.save(function(err) {
+                    if (err) console.log(err);
+                    return done(err, user);
+                });
+            } else {
+                return done(err, user);
+            }
+        });
+    }));
+
+
+    /**
+     * Twitter strategy
+     */
+    passport.use(new TwitterStrategy({
+        consumerKey: config.twitter.clientID
+      , consumerSecret: config.twitter.clientSecret
+      , callbackURL: config.twitter.callbackURL
+    }, function(token, tokenSecret, profile, done) {
+
+        // looks up the user in the database. Will create the user if it does not exist
+        User.findOne({ 'twitter.id': profile.id }, function(err, user) {
+            if (err) return done(err);
+            if (!user) {
+                user = new User({
+                    name: profile.displayName
+                  , username: profile.username
+                  , provider: 'twitter'
+                  , twitter: profile._json
+                });
+                user.save(function(err) {
+                    if (err) console.log(err);
+                    return done(err, user);
+                });
+            } else {
+                return done(err, user);
+            }
+        });
+    }));
+
+
+
+
+
+
+}
+
diff --git a/router.js b/router.js
index cf3bd51..0750bdf 100644
--- a/router.js
+++ b/router.js
@@ -6,8 +6,6 @@ var passport = require('passport')
   , bcrypt = require('bcrypt')
   , SALT_WORK_FACTOR = 15;
 
-var FACEBOOK_APP_ID = "504825706245603";
-var FACEBOOK_APP_SECRET = "e5ea0faed85d8749cafd38732530ef35";
 
 // connects to mongodb
 mongoose.connect('localhost', 'test');
@@ -135,9 +133,9 @@ passport.use(new LocalStrategy(function(username, password, done) {
 //   credentials (in this case, an accessToken, refreshToken, and Facebook
 //   profile), and invoke a callback with a user object.
 passport.use(new FacebookStrategy({
-    clientID: FACEBOOK_APP_ID,
-    clientSecret: FACEBOOK_APP_SECRET,
-    callbackURL: "https://divid.no/auth/facebook/callback"
+    clientID: config.facebook.clientID,
+    clientSecret: config.facebook.clientSecret,
+    callbackURL: config.facebook.callbackURL
 }, function(accessToken, refreshToken, profile, done) {
     // asynchronous verification, for effect...
     process.nextTick(function() {