mirror of
https://github.com/Hessenuk/DiscordTickets.git
synced 2024-12-22 15:53:08 +02:00
fix: infinite redirect when logging in
by setting `Same-Site=Lax`: https://bugs.chromium.org/p/chromium/issues/detail?id=696204#c41
This commit is contained in:
parent
6773d9ddbe
commit
757f77fb1d
@ -6,6 +6,8 @@ module.exports.get = () => ({
|
||||
access_token: accessToken,
|
||||
expires_in: expiresIn,
|
||||
} = await this.discord.getAccessTokenFromAuthorizationCodeFlow(req);
|
||||
const redirect = this.states.get(req.query.state) || '/';
|
||||
this.states.delete(req.query.state);
|
||||
const user = await (await fetch('https://discordapp.com/api/users/@me', { headers: { 'Authorization': `Bearer ${accessToken}` } })).json();
|
||||
const token = this.jwt.sign({
|
||||
accessToken,
|
||||
@ -16,16 +18,14 @@ module.exports.get = () => ({
|
||||
locale: user.locale,
|
||||
username: user.username,
|
||||
});
|
||||
res
|
||||
.setCookie('token', token, {
|
||||
domain,
|
||||
httpOnly: true,
|
||||
maxAge: expiresIn,
|
||||
path: '/',
|
||||
sameSite: true,
|
||||
secure: false,
|
||||
})
|
||||
.redirect(this.states.get(req.query.state) || '/');
|
||||
this.states.delete(req.query.state);
|
||||
res.setCookie('token', token, {
|
||||
domain,
|
||||
httpOnly: true,
|
||||
maxAge: expiresIn,
|
||||
path: '/',
|
||||
sameSite: 'Lax',
|
||||
secure: false,
|
||||
});
|
||||
return res.redirect(303, redirect);
|
||||
},
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user