split authentication and social networks

.env.example

@@ -1,25 +1,30 @@
 # Configuration reference: http://docs.postiz.com/configuration/reference
 
 # === Required Settings
-DATABASE_URL="postgresql://postiz-user:postiz-password@localhost:5432/postiz-db-local"
+DATABASE_URL="postgresql://postiz-local:postiz-local-pwd@localhost:5432/postiz-db-local"
 REDIS_URL="redis://localhost:6379"
-JWT_SECRET="random string for your JWT secret, make it long"
 FRONTEND_URL="http://localhost:4200"
 NEXT_PUBLIC_BACKEND_URL="http://localhost:3000"
 BACKEND_INTERNAL_URL="http://localhost:3000"
+#
+# Hint: use command below to generate a random password and copy it to clipboard
+#   openssl rand -base64 32 | tr -d '\n' | pbcopy && echo "Random password copied to clipboard"
+#
+JWT_SECRET="random string for your JWT secret, make it long"
 
 ## These are dummy values, you must create your own from Cloudflare.
 ## Remember to set your public internet IP address in the allow-list for the API token.
+## https://developers.cloudflare.com/fundamentals/api/get-started/create-token/
 ##
 ## Cloudflare is currently required to save things like social media avatars for accounts.
 CLOUDFLARE_ACCOUNT_ID="QhcMSXQyPuMCRpSQcSYdEuTYgHeCXHbu"
+#CLOUDFLARE_ENDPOINT=`https://${CLOUDFLARE_ACCOUNT_ID}.r2.cloudflarestorage.com` # uncomment to override the default endpoint
 CLOUDFLARE_ACCESS_KEY="dcfCMSuFEeCNfvByUureMZEfxWJmDqZe"
 CLOUDFLARE_SECRET_ACCESS_KEY="zTTMXBmtyLPwHEdpACGHgDgzRTNpTJewiNriLnUS"
 CLOUDFLARE_BUCKETNAME="postiz"
 CLOUDFLARE_BUCKET_URL="https://QhcMSXQyPuMCRpSQcSYdEuTYgHeCXHbu.r2.cloudflarestorage.com/"
 CLOUDFLARE_REGION="auto"
 
-
 # === Common optional Settings
 
 ## This is a dummy key, you must create your own from Resend.
@@ -30,15 +35,14 @@ CLOUDFLARE_REGION="auto"
 #EMAIL_FROM_NAME=""
 
 # Where will social media icons be saved - local or cloudflare.
-STORAGE_PROVIDER="local" 
+STORAGE_PROVIDER="local"
 
 # Your upload directory path if you host your files locally, otherwise Cloudflare will be used.
 #UPLOAD_DIRECTORY=""
 
 # Your upload directory path if you host your files locally, otherwise Cloudflare will be used.
 #NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY=""
 
-
 # Social Media API Settings
 X_API_KEY=""
 X_API_SECRET=""
@@ -48,8 +52,6 @@ LINKEDIN_CLIENT_ID=""
 LINKEDIN_CLIENT_SECRET=""
 REDDIT_CLIENT_ID=""
 REDDIT_CLIENT_SECRET=""
-GITHUB_CLIENT_ID=""
-GITHUB_CLIENT_SECRET=""
 BEEHIIVE_API_KEY=""
 BEEHIIVE_PUBLICATION_ID=""
 THREADS_APP_ID=""
@@ -73,6 +75,14 @@ SLACK_SIGNING_SECRET=""
 MASTODON_CLIENT_ID=""
 MASTODON_CLIENT_SECRET=""
 
+# Login/Authentication Settings
+GITHUB_CLIENT_ID=""
+GITHUB_CLIENT_SECRET=""
+
+# if varaible not provided we fallbase to YOUTUBE_CLIENT_ID and YOUTUBE_CLIENT_SECRET
+GOOGLE_CLIENT_ID=""
+GOOGLE_CLIENT_SECRET=""
+
 # Misc Settings
 OPENAI_API_KEY=""
 NEXT_PUBLIC_DISCORD_SUPPORT=""

apps/backend/src/services/auth/providers/google.provider.ts

@@ -1,14 +1,25 @@
+import type { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
 import { makeId } from '@gitroom/nestjs-libraries/services/make.is';
+import type { OAuth2Client } from 'google-auth-library/build/src/auth/oauth2client';
 import { google } from 'googleapis';
-import { OAuth2Client } from 'google-auth-library/build/src/auth/oauth2client';
-import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
+
+const firstNotEmpty = (...args: (string | undefined)[]) =>
+  args.find((arg) => arg !== undefined && arg !== '') ?? '';
 
 const clientAndYoutube = () => {
-  const client = new google.auth.OAuth2({
-    clientId: process.env.YOUTUBE_CLIENT_ID,
-    clientSecret: process.env.YOUTUBE_CLIENT_SECRET,
+  const options = {
+    clientId: firstNotEmpty(
+      process.env.GOOGLE_CLIENT_ID,
+      process.env.YOUTUBE_CLIENT_ID
+    ),
+    clientSecret: firstNotEmpty(
+      process.env.GOOGLE_CLIENT_SECRET,
+      process.env.YOUTUBE_CLIENT_SECRET
+    ),
     redirectUri: `${process.env.FRONTEND_URL}/integrations/social/youtube`,
-  });
+  };
+
+  const client = new google.auth.OAuth2(options);
 
   const youtube = (newClient: OAuth2Client) =>
     google.youtube({