add auth-code

2026-02-20 20:45:39 +01:00 · 2022-08-12 11:59:05 -07:00 · 2022-08-12 11:59:05 -07:00 · f9fd938863
commit f9fd938863
parent f5ec637cfa
6 changed files with 93 additions and 16 deletions
--- a/pages/api/auth/token.js
+++ b/pages/api/auth/token.js
@ -0,0 +1,36 @@
+import { ok, unauthorized, methodNotAllowed } from 'lib/response';
+import { post } from 'lib/web';
+import { parseSecureToken, key, createSecureToken } from 'lib/crypto';
+import { getAccountByUsername } from 'queries';
+
+export default async (req, res) => {
+  var { authCode } = req.body;
+
+  if (req.method === 'POST') {
+    const params = {
+      authorizationCode: authCode,
+      clientId: process.env.CLIENT_ID,
+      clientSecret: process.env.CLIENT_SECRET,
+    };
+
+    var { ok: authOk, data } = await post(process.env.OAUTH_URL, params);
+
+    if (authOk) {
+      const { username } = await parseSecureToken(data.token, key(process.env.CLIENT_SECRET));
+
+      const account = await getAccountByUsername(username);
+
+      if (account) {
+        const { user_id, username, is_admin } = account;
+        const user = { user_id, username, is_admin };
+        const token = await createSecureToken(user);
+
+        return ok(res, { token, user });
+      }
+    }
+
+    return unauthorized(res);
+  }
+
+  return methodNotAllowed(res);
+};
--- a/pages/auth.js
+++ b/pages/auth.js
@ -0,0 +1,43 @@
+import React from 'react';
+import Layout from 'components/layout/Layout';
+import useApi from 'hooks/useApi';
+import { useRouter } from 'next/router';
+import { useEffect } from 'react';
+import { setItem } from 'lib/web';
+import { setUser } from 'store/app';
+import { AUTH_TOKEN } from 'lib/constants';
+
+export default function AuthPage({ loginDisabled }) {
+  const { post } = useApi();
+  const router = useRouter();
+
+  useEffect(() => {
+    const { auth_code } = router.query;
+    const verifyyData = async () => {
+      const { ok, data } = await post('/auth/token', { authCode: auth_code });
+
+      if (ok) {
+        setItem(AUTH_TOKEN, data.token);
+        setUser(data.user);
+
+        await router.push('/');
+
+        return null;
+      }
+    };
+
+    verifyyData().catch(async () => await router.push('/'));
+  }, [post, router]);
+
+  if (loginDisabled) {
+    return null;
+  }
+
+  return <Layout title="auth" header={false} footer={false} center></Layout>;
+}
+
+export async function getServerSideProps() {
+  return {
+    props: { loginDisabled: !!process.env.DISABLE_LOGIN },
+  };
+}