mirror of
https://github.com/Hessenuk/DiscordTickets.git
synced 2024-11-17 09:23:07 +02:00
feat: oauth2 callback redirect (closes #333)
This commit is contained in:
parent
f55ee02ce5
commit
aeb4450a56
15
src/http.js
15
src/http.js
@ -1,6 +1,6 @@
|
||||
const fastify = require('fastify')({ trustProxy: process.env.HTTP_TRUST_PROXY === 'true' });
|
||||
const oauth = require('@fastify/oauth2');
|
||||
const { domain } = require('./lib/http');
|
||||
const { randomBytes } = require('crypto');
|
||||
const { short } = require('leeks.js');
|
||||
const { join } = require('path');
|
||||
const { files } = require('node-dir');
|
||||
@ -17,8 +17,16 @@ module.exports = async client => {
|
||||
});
|
||||
|
||||
// oauth2 plugin
|
||||
fastify.states = new Map();
|
||||
fastify.register(oauth, {
|
||||
callbackUri: `${process.env.HTTP_EXTERNAL}/auth/callback`,
|
||||
checkStateFunction: (state, callback) => {
|
||||
if (fastify.states.has(state)) {
|
||||
callback();
|
||||
return;
|
||||
}
|
||||
callback(new Error('Invalid state'));
|
||||
},
|
||||
credentials: {
|
||||
auth: oauth.DISCORD_CONFIGURATION,
|
||||
client: {
|
||||
@ -26,6 +34,11 @@ module.exports = async client => {
|
||||
secret: process.env.DISCORD_SECRET,
|
||||
},
|
||||
},
|
||||
generateStateFunction: req => {
|
||||
const state = randomBytes(12).toString('hex');
|
||||
fastify.states.set(state, req.query.r);
|
||||
return state;
|
||||
},
|
||||
name: 'discord',
|
||||
scope: ['applications.commands.permissions.update', 'guilds', 'identify'],
|
||||
startRedirectPath: '/auth/login',
|
||||
|
@ -3,15 +3,15 @@ const { domain } = require('../../lib/http');
|
||||
module.exports.get = () => ({
|
||||
handler: async function (req, res) { // MUST NOT use arrow function syntax
|
||||
const {
|
||||
access_token,
|
||||
expires_in,
|
||||
access_token: accessToken,
|
||||
expires_in: expiresIn,
|
||||
} = await this.discord.getAccessTokenFromAuthorizationCodeFlow(req);
|
||||
const user = await (await fetch('https://discordapp.com/api/users/@me', { headers: { 'Authorization': `Bearer ${access_token}` } })).json();
|
||||
const user = await (await fetch('https://discordapp.com/api/users/@me', { headers: { 'Authorization': `Bearer ${accessToken}` } })).json();
|
||||
const payload = {
|
||||
access_token,
|
||||
accessToken,
|
||||
avatar: `https://cdn.discordapp.com/avatars/${user.id}/${user.avatar}.webp`,
|
||||
discriminator: user.discriminator,
|
||||
expiresAt: Date.now() + (expires_in * 1000),
|
||||
expiresAt: Date.now() + (expiresIn * 1000),
|
||||
id: user.id,
|
||||
locale: user.locale,
|
||||
username: user.username,
|
||||
@ -20,15 +20,14 @@ module.exports.get = () => ({
|
||||
const token = this.jwt.sign({ payload });
|
||||
res
|
||||
.setCookie('token', token, {
|
||||
domain: domain,
|
||||
domain,
|
||||
httpOnly: true,
|
||||
maxAge: 604800, // seconds, not milliseconds
|
||||
maxAge: expiresIn,
|
||||
path: '/',
|
||||
sameSite: true,
|
||||
secure: false,
|
||||
})
|
||||
// .redirect('/settings')
|
||||
.type('text/html')
|
||||
.send('<a href="/settings">/settings</a>'); // temp fix: redirecting causes weird discord<->callback loop, probably caching?
|
||||
.redirect(this.states.get(req.query.state) || '/');
|
||||
this.states.delete(req.query.state);
|
||||
},
|
||||
});
|
Loading…
Reference in New Issue
Block a user