Hessenuk/DiscordTickets
Hessenuk/DiscordTickets
2
0
Fork 0
mirror of https://github.com/Hessenuk/DiscordTickets.git synced 2025-02-23 18:51:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: login when adding to guild, then redirect to its settings

Browse Source
This commit is contained in:
Isaac 2025-02-09 02:31:25 +00:00
parent e17b62d142
commit 55b184f226
No known key found for this signature in database
GPG Key ID: 0DE40AE37BBA5C33
3 changed files with 37 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/http.js
View File

@ -40,11 +40,12 @@ module.exports = async client => {
}, },
}, },
generateStateFunction: req => { generateStateFunction: req => {
const state = randomBytes(12).toString('hex'); const state = randomBytes(8).toString('hex');
fastify.states.set(state, req.query.r); fastify.states.set(state, req.query.r);
return state; return state;
}, },
name: 'discord', name: 'discord',
redirectStateCookieName: 'oauth2-redirect-state',
scope: ['applications.commands.permissions.update', 'guilds', 'identify'], scope: ['applications.commands.permissions.update', 'guilds', 'identify'],
startRedirectPath: '/auth/login', startRedirectPath: '/auth/login',
}); });

8
src/routes/auth/callback.js
View File

@ -13,8 +13,7 @@ module.exports.get = () => ({
headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
method: 'POST', method: 'POST',
})).json(); })).json();
const redirect = this.states.get(req.query.state) || '/';
this.states.delete(req.query.state);
const user = await (await fetch('https://discordapp.com/api/users/@me', { headers: { 'Authorization': `Bearer ${data.access_token}` } })).json(); const user = await (await fetch('https://discordapp.com/api/users/@me', { headers: { 'Authorization': `Bearer ${data.access_token}` } })).json();
const token = this.jwt.sign({ const token = this.jwt.sign({
accessToken: data.access_token, accessToken: data.access_token,
@ -24,6 +23,11 @@ module.exports.get = () => ({
locale: user.locale, locale: user.locale,
username: user.username, username: user.username,
}); });
// note: if data.guild is present, guild_id and permissions should also be in req.query
const redirect = this.states.get(req.query.state) || (data.guild?.id && `/settings/${data.guild?.id}`) || '/';
this.states.delete(req.query.state);
res.setCookie('token', token, { res.setCookie('token', token, {
domain, domain,
httpOnly: true, httpOnly: true,

29
src/routes/invite.js Normal file
View File

@ -0,0 +1,29 @@
const { randomBytes } = require('crypto');
module.exports.get = () => ({
handler: async function (req, res) {
const { client } = req.routeOptions.config;
const state = randomBytes(8).toString('hex');
this.states.set(state, null);
const url = new URL('https://discord.com/oauth2/authorize');
url.searchParams.set('response_type', 'code');
url.searchParams.set('client_id', client.user.id);
url.searchParams.set('prompt', 'none');
url.searchParams.set('redirect_uri', `${process.env.HTTP_EXTERNAL}/auth/callback`); // window.location.origin
url.searchParams.set('scope', 'applications.commands applications.commands.permissions.update bot guilds identify');
url.searchParams.set('permissions', '268561488');
if (req.query.guild) {
url.searchParams.set('guild_id', req.query.guild);
url.searchParams.set('disable_guild_select', 'true');
}
res.setCookie('oauth2-redirect-state', state, {
httpOnly: true,
sameSite: 'lax',
});
res.redirect(url.toString());
},
});