add auth-code

2026-02-19 20:15:41 +01:00 · 2022-08-12 11:59:05 -07:00 · 2022-08-12 11:59:05 -07:00 · f9fd938863
commit f9fd938863
parent f5ec637cfa
6 changed files with 93 additions and 16 deletions
--- a/pages/api/auth/token.js
+++ b/pages/api/auth/token.js
@ -0,0 +1,36 @@
+import { ok, unauthorized, methodNotAllowed } from 'lib/response';
+import { post } from 'lib/web';
+import { parseSecureToken, key, createSecureToken } from 'lib/crypto';
+import { getAccountByUsername } from 'queries';
+
+export default async (req, res) => {
+  var { authCode } = req.body;
+
+  if (req.method === 'POST') {
+    const params = {
+      authorizationCode: authCode,
+      clientId: process.env.CLIENT_ID,
+      clientSecret: process.env.CLIENT_SECRET,
+    };
+
+    var { ok: authOk, data } = await post(process.env.OAUTH_URL, params);
+
+    if (authOk) {
+      const { username } = await parseSecureToken(data.token, key(process.env.CLIENT_SECRET));
+
+      const account = await getAccountByUsername(username);
+
+      if (account) {
+        const { user_id, username, is_admin } = account;
+        const user = { user_id, username, is_admin };
+        const token = await createSecureToken(user);
+
+        return ok(res, { token, user });
+      }
+    }
+
+    return unauthorized(res);
+  }
+
+  return methodNotAllowed(res);
+};