Improved initial key setup

This commit adds error catching during the initial key handshake which
sends the administrator back to the settings page with a (hopefully) helpful
error message that helps fix the problem. These messages may need to be
adjusted over time, but are certainly better than the current 500
message which can be very unfriendly for people who are just setting up
the application.

In addition the activation message on the profile page was simplified a
bit. Users are only redirected to their profile on login when they are
not active.

Author: edsu

src/client/components/Profile.css

@@ -1,24 +1,17 @@
 .Profile {
-  width: 250px;
-  margin-top: 20vh;
+  max-width: 500px;
   margin-left: auto;
   margin-right: auto;
+  display: flex;
+  flex-flow: row wrap;
+  justify-content: space-between;
 }
 
-.Profile .TwitterInfo {
-  margin-bottom: 30px;
-}
-
-.Profile div {
-  margin-bottom: 10px;
+.Profile form {
+  margin-left: auto;
+  margin-right: auto;
 }
 
-.Inactive {
-  color: #fff;
-  margin: 24px 0;
-  padding: 12px 18px;
-  overflow: auto;
-  direction: ltr;
-  border-radius: 4px;
-  background-color: #272c34;
+.Profile .Inactive {
+  color: red;
 }

src/client/components/Profile.js

@@ -2,7 +2,6 @@ import React, { Component } from 'react'
 import PropTypes from 'prop-types'
 import TextField from '@material-ui/core/TextField'
 import Button from '@material-ui/core/Button'
-import Typography from '@material-ui/core/Typography'
 import style from './Profile.css'
 
 export default class Profile extends Component {
@@ -14,13 +13,14 @@ export default class Profile extends Component {
       disableSave = false
     }
 
+    const tweetQuota = this.props.user.tweetQuota ? this.props.user.tweetQuota.toLocaleString() : ''
+
     const awaitingActivation = this.props.user.active ? ''
-      : <div className={style.Inactive}>
-        <Typography variant="body1" gutterBottom>
+      : <p className={style.Inactive}>
           Your account is awaiting activation. In the meantime, you can explore
-          and save searches, but saved searches will not keep collecting tweets.
-        </Typography>
-      </div>
+          and save searches, but you will not be able to activate your search and 
+          collect live data from the Twitter stream. 
+        </p>
 
       // Once we have emails in place, change text above to:
       // Your account is awaiting activation. The admin has been notified. 
@@ -29,49 +29,51 @@ export default class Profile extends Component {
     return (
       <div className={style.Profile}>
 
-        <form>
-
-        <div className={style.TwitterInfo}>
-          <a href={`https://twitter.com/${this.props.user.twitterScreenName}`}>
-            <img 
-              title={`Linked to Twitter as @${this.props.user.twitterScreenName}`}
-              src={this.props.user.twitterAvatarUrl} />
-          </a>
-        </div>
-
         {awaitingActivation}
 
-        <div>
-          <Typography variant="body1" gutterBottom>
-            Your max tweet quota: {this.props.user.tweetQuota}
-          </Typography>
-        </div>
-
-        <div>
-          <TextField
-            name="name"
-            label="Name"
-            onChange={this.props.updateUserSettings}
-            value={this.props.user.name} />
-        </div>
-
-        <div>
-          <TextField
-            name="email"
-            label="Email"
-            onChange={this.props.updateUserSettings}
-            value={this.props.user.email} />
-        </div>
-
-        <div>
-          <Button 
-            color="primary"
-            variant="outlined"
-            disabled={disableSave}
-            onClick={this.props.saveAllSettings}>
-            Save
-          </Button>
-        </div>
+        <form>
+
+          <p className={style.TwitterInfo}>
+            <a href={`https://twitter.com/${this.props.user.twitterScreenName}`}>
+              <img 
+                title={`Linked to Twitter as @${this.props.user.twitterScreenName}`}
+                src={this.props.user.twitterAvatarUrl} />
+            </a>
+          </p>
+
+          <p>
+            <TextField
+              name="name"
+              label="Name"
+              onChange={this.props.updateUserSettings}
+              value={this.props.user.name} />
+          </p>
+
+          <p>
+            <TextField
+              name="email"
+              label="Email"
+              onChange={this.props.updateUserSettings}
+              value={this.props.user.email} />
+          </p>
+
+          <p>
+            <TextField
+              name="quota"
+              label="Tweet Quota"
+              disabled={true}
+              value={tweetQuota || 25000} />
+          </p>
+
+          <p>
+            <Button 
+              color="primary"
+              variant="outlined"
+              disabled={disableSave}
+              onClick={this.props.saveAllSettings}>
+              Save
+            </Button>
+          </p>
 
         </form>
 

src/client/components/Settings.css

@@ -16,7 +16,20 @@
 }
 
 .Settings .Welcome {
-  width: 500px;
+  margin-top: 20px;
+}
+
+.Settings .Welcome ol {
+  list-style-type: decimal; 
+}
+
+.Settings ol li {
+}
+
+.Settings .Error {
+  background-color: pink;
+  border: 2px solid grey;
+  padding: 2px 10px 2px 10px;
 }
 
 .SettingsUnder780px input {

src/client/components/Settings.js

@@ -7,6 +7,54 @@ import Button from '@material-ui/core/Button'
 import LogoUpload from './LogoUpload'
 import MediaQueryComponent from '../components/MediaQueryComponent'
 
+function Error({message, callbackUrl}) {
+  console.log(message, callbackUrl)
+  if (message) {
+    let description = message
+    if (message.match(/Could not authenticate/)) {
+      description = (
+        <div>
+          <p>Eek, it looks like you have an error with your keys!</p>
+          <p>
+            Please make sure you are copying and pasting the 
+            <em>API key</em> and <em>API key secret</em> correctly 
+            from the Twitter Developer Dashboard. 
+          </p>
+        </div>
+      )
+    } else if (message.match(/Desktop applications/)) {
+      description = (
+        <div>
+          <p>Whoops, it looks like 3-Legged oAuth is not enabled.</p>
+          <p>
+            Please go to your app page 
+            at <a href="https://developer.twitter.com">developer.twitter.com</a> and 
+            edit your <em>Authentication Settings</em> to enable it.
+          </p>
+        </div>
+      )
+    } else if (message.match(/Callback URL/)) {
+      description = (
+        <div>
+          <p>Sorry, it looks like the <em>Callback URL</em> has not been set correctly.</p>
+          <p>Please go to your app page 
+            at <a href="https://developer.twitter.com">developer.twitter.com</a> and 
+            add <em>{callbackUrl}</em> to the <em>Callback URLs</em> in 
+            the <em>Authentication settings</em> section.
+          </p>
+        </div>
+      )
+    } 
+    return (
+      <div className={style.Error}>
+        {description}
+      </div>
+    )
+  } else {
+    return ''
+  }
+}
+
 export default class Settings extends MediaQueryComponent {
 
   componentWillMount() {
@@ -20,26 +68,33 @@ export default class Settings extends MediaQueryComponent {
 
   render() {
 
-    // if there isn't a user provide a welcome message to the first user
-    // who is presumed to be the admin.
+    // If there isn't a user provide a welcome message to the first user
+    // who is presumed to be the admin. When the key handshake with Twitter
+    // fails the user will be redirected to /settings/ with the error query
+    // parameter set to the message.
 
     let welcome = ''
     if (! this.props.userLoggedIn) {
+      const q = new URLSearchParams(window.location.search)
+      const callbackUrl = 'https://demo.docnow.dev/auth/twitter/callback'
+      const error = <Error message={q.get('error')} callbackUrl={callbackUrl} />
+
       welcome = (
         <div className={style.Welcome}>
-          <br />
           <b>Welcome!</b>
           <p>
-            To setup DocNow, you will need to create a
-            <em>Twitter application</em> and configure DocNow to use
-            your <em>Consumer Key</em> and <em>Consumer Secret</em> keys
-            from Twitter.
-          </p>
-          <p>
-            Please visit <a href="https://apps.twitter.com">apps.twitter.com</a> to
-            to create your application, and let us know if you
-            have any difficulties at info@docnow.io.
+            To setup DocNow, you will need to visit the 
+            <a href="https://developer.twitter.com">Twitter Developer Portal</a> and 
+            create a <em>Twitter application</em>. This is required because you will 
+            need to enter your <em>Application key</em> and 
+            <em>Application key secret</em> below.
           </p>
+          <ol>
+            <li>Set your <em>Description</em> to something that describes your DocNow instance for users who are logging in.</li>
+            <li>In <em>Authentication Settings</em> please make sure that <em>3-Legged oAuth</em> is enabled.</li>
+            <li>Set a callback URL of <em>{callbackUrl}</em></li>
+          </ol>
+          {error}
         </div>
       )
     }

src/client/containers/App.css

@@ -28,7 +28,7 @@
   padding: 0;
 }
 
-.App li {
+.App ul li {
   display: inline;
 }
 

src/server/api.js

@@ -78,13 +78,13 @@ app.put('/user/:userId', async (req, res) => {
 
 app.get('/settings', async (req, res) => {
   const settings = await db.getSettings()
-  if (! settings || ! req.user) {
-    if (! req.user || ! req.user.isSuperUser) {
-      delete settings.appKey
-      delete settings.appSecret
-    }
-    res.json(settings)
+  // if they aren't logged in or the they're not an admin
+  // be sure to delete the app key settings!
+  if (! req.user || (req.user && ! req.user.isSuperUser)) {
+    delete settings.appKey
+    delete settings.appSecret
   }
+  res.json(settings)
 })
 
 app.put('/settings', async (req, res) => {

src/server/auth.js

@@ -16,9 +16,10 @@ const activateKeys = () => {
           consumerSecret: settings.appSecret,
           callbackURL: '/auth/twitter/callback',
           proxy: true,
-          includeEmail: true
+          includeEmail: true,
+          passReqToCallback: true
         },
-        (token, tokenSecret, profile, cb) => {
+        (req, token, tokenSecret, profile, cb) => {
           db.getUserByTwitterUserId(profile.id).then((user) => {
             if (! user) {
               const newUser = {
@@ -64,12 +65,23 @@ passport.deserializeUser((userId, done) => {
 app.use(passport.initialize())
 app.use(passport.session())
 
-app.get('/twitter', passport.authenticate('twitter'))
+app.get('/twitter', (req, res, next) => {
+  passport.authenticate('twitter', err => {
+    if (err) { 
+      return res.redirect(`/settings/?error=${encodeURIComponent(err.message)}`)
+    }
+  })(req, res, next)
+})
 
 app.get('/twitter/callback',
-  passport.authenticate('twitter', { failureRedirect: '/login' }),
-  (req, res) => {
-    res.redirect('/profile/')
+  passport.authenticate('twitter', {failureRedirect: '/'}),
+  async (req, res) => {
+    const user = await db.getUser(req.user)
+    if (user.active) {
+      res.redirect('/')
+    } else {
+      res.redirect('/profile/')
+    }
   }
 )