Feat: Allow Users to connect their facebook accounts

[Spazzy757]

Situation

We want to allow users to connect their Facebook accounts from the dashboard, this will allow us to be able to get access to their Facebook Ad accounts without having to generate tokens themselves.

The Following steps need to be thought of:

• [ ] In the Dashboard we need to direct the user to authorize our Application to access their ads account, this is done by redirecting them to the following URL:

  https://www.facebook.com/v16.0/dialog/oauth?client_id=$VLABS_APP_ID&redirect_uri=$VLABS_URL&scope=ads_management,ads_read

  Once there they will have the following screen, they need at allow our application access to their ad account

• [ ] Once the permissions have been granted they will be redirected back to the VLABS Dashboard with a authorization code in the URI like so:

  https://VLABS_URL/?code=FACEBOOK_AUTHORIZATION_CODE

  We the Dashboard will need to send this code to the backend in order to do the access token generations

• [ ] When the backend receives the $FACEBOOK_AUTHORIZATION_CODE it will need to take it and generate an access token with it.

  https://graph.facebook.com/v16.0/oauth/access_token?client_id=VLABS_FACEBOOK_APP_CLIENT_SECRET&redirect_uri=VLABS_URL&client_secret=VLABS_FACEBOOK_APP_CLIENT_SECRET&code=FACEBOOK_AUTHORIZATION_CODE

  This token response has an expiry of 60 days:

  {
  "access_token": "$TOKEN",
  "token_type": "bearer",
  "expires_in":  5182893 //around 60 days in seconds
  }

• [ ] We would need to then have functionality in the backend that regenerates these tokens monthly (this allows us to not worry about tokens expiring) We can do this with the same call as mentioned above but setting the grant_type=fb_exchange_token and passing the old token in

https://graph.facebook.com/v16.0/oauth/access_token?fb_exchange_token=OLD_LONG_LIVED_TOKEN&client_secret=VLABS_FACEBOOK_APP_CLIENT_SECRET&client_id=VLABS_FACEBOOK_APP_CLIENT_ID&grant_type=fb_exchange_token

Which will return a new long lived token

{
    "access_token": "$NEW_TOKEN",
    "token_type": "bearer",
    "expires_in":  5182893 //around 60 days in seconds
}

NOTES: If the person who gave permissions for the token has changed their password it will immediately invalidate our token so we should warn them about this. We should also have functionality in our crons that will test these tokens in order to pick up invalid tokens as quick as possible

[Spazzy757]

@nandanrao one proposal I have is extending the credentials data structure to have a status field like so:

CREATE TABLE IF NOT EXISTS credentials(
       user_id VARCHAR NOT NULL REFERENCES users(id) ON DELETE CASCADE,
       entity VARCHAR NOT NULL,
       key VARCHAR NOT NULL
       /* We allow it to be nullable to start */
       status VARCHAR,
       created TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
       details JSONB NOT NULL
);

This way we can start using the credentials models and write a validator that checks if the credentials are working. We can also use this in the UI to help people debug better in the future

[Spazzy757]

We would need to finalize these two PR's:

• https://github.com/vlab-research/vlab/pull/134
• https://github.com/vlab-research/vlab/pull/98

As we would need the idea of a "Connected Account" to store this info (i.e Facebook just becomes another connected account)

[Spazzy757]

We have an endpoint that can generate the token:

• https://github.com/vlab-research/vlab/pull/150

We now just need to do the frontend work