authController.js

import GoogleAuth from 'google-auth-library';
import { googleAuthClientId } from '../../src/constants/config';
import { User } from '../utilities/database';
import { path } from 'ramda';

const checkUserToken = token => {
  return new Promise((resolve, reject) => {
    const auth = new GoogleAuth();
    const client = new auth.OAuth2(googleAuthClientId, '', '');
    client.verifyIdToken(token, googleAuthClientId, (error, login) => {
      if (error) {
        reject(error);
      }
      resolve(login);
    });
  });
};

const authenticateUser = async ({ body }, response) => {
  const { id_token } = body;
  const { _payload } = await checkUserToken(id_token);
  const { name, email, picture } = _payload;

  const user = await User.find({
    where: {
      email,
    },
  });

  if (!user) {
    await User.create({ name, email, picture });
    return response.status(401).json({ status: 'Not Authorized' });
  }

  if (path('permissions', user)) {
    return response.status(200).json(user);
  }

  return response.status(401).json({ status: 'Not Authorized' });
};

const authController = {
  post: authenticateUser,
};

export default authController;