+apiGet('/app', {auth: false}, async (req, res) => {
+ const id = req.query.id?.toString();
+ const token = req.query.token?.toString();
+ const code = req.query.code?.toString();
+
+
+ if(code && id) {
+ console.log('validating', id, code);
+ if(!query.validateLoginCode(id, code)) {
+ throw new Error('Invalid login');
+ }
+ let token = uuidv4();
+ let i = 0;
+ while(session.has(token) && i < 10) {
+ token = uuidv4();
+ ++i;
+ }
+
+ if(i >= 10) {
+ throw new Error('Please login again');
+ }
+
+ session.set(token, id);
+ res.redirect(`/app?id=${id}&token=${token}`);
+ return;
+ }
+
+ if(token && id) {
+ // validate it.
+ if(!session.has(token) || session.get(token) !== id) {
+ res.redirect('/');
+ return;
+ }
+ const data = await promisify(fs.readFile)(join(HTML_ROOT, 'app.html'), 'utf-8');
+
+ return {
+ html: data,
+ account_id: id,
+ token: token
+ };
+ }
+
+ res.redirect('/');
+ return;
+
+}, data => {
+ return data.html.replace(/{ACCOUNT_ID}/g, data.account_id);
+});
+
+apiPost('/accounts/:account_id/feeds', {auth: true}, async (req, res): Promise<any> => {