const axios = require('axios')
const express = require('express')
const Redis = require('ioredis');
const redis = new Redis();
// One account related part
// ------------------------------------------
// the callback URL we specified earlier when we were creating
// https://mywebsite.com/oneaccountauth
app.post('/oneaccountauth', (req, res) => {
// in addition to requested data `userId` and `uuid` are sent
// (uuid can be used to compare with the one onAuthManual function gets)
// all send using camelCase representation of the title. e.g.:
// First Name can be accessed with firstName key,
// Email with email etc...
let { uuid, userId, email, firstName } = req.body;
if (!uuid) return res.json({"success": false});
redis.set(uuid, {uuid, userId, firstName}, "EX", 60);
// userId can be used to check if this is an exsisting user
return res.json({"success": true});
app.post('/authenticate', async (req, res) => {
let { accessToken, uuid } = req.body;
if (!uuid || !accessToken) return res.json({"success": false});
let user = redis.get(uuid);
if (!user) return res.json({"success": false});
// this request is highly recommended to ensure the token is valid
// and data is not comming from malicious source
.post('https://api.oneaccount.app/widget/verify', {uuid}, {
'Content-Type': 'application/json',
'Authorization': `BEARER ${accessToken}`
if (res.status !== 200 || !res.data || !res.data.success) {
return res.json({"success": false})
return res.json({"success": false})
// you should also set cookies or return a token to sign in the user
return res.json({success: true, firstName: user.firstName})
// ------------------------------------------
app.use(express.static('public'))
app.get('/', function(request, response) {
response.sendFile(__dirname + '/views/index.html');
app.listen(port, () => console.log(`Example app listening on port ${port}!`))