Acasă Explorează Ajutor
Înregistrare Autentificare
TonyT
/
chatbot
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Arbore: 0702f1edcb
Ramuri Etichete
chatbot
/
server
/
_core
/
oauth.ts

oauth.ts 2.2 KB
Istoric Crud

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. import { COOKIE_NAME, ONE_YEAR_MS } from "@shared/const";
    2. 

  2. import type { Express, Request, Response } from "express";
    3. 

  3. import * as db from "../db";
    4. 

  4. import { getSessionCookieOptions } from "./cookies";
    5. 

  5. import { sdk } from "./sdk";
    6. 

  6. 

  7. function getQueryParam(req: Request, key: string): string | undefined {
    8. 

  8.   const value = req.query[key];
    9. 

  9.   return typeof value === "string" ? value : undefined;
    10. 

  10. }
    11. 

  11. 

  12. export function registerOAuthRoutes(app: Express) {
    13. 

  13.   app.get("/api/oauth/callback", async (req: Request, res: Response) => {
    14. 

  14.     const code = getQueryParam(req, "code");
    15. 

  15.     const state = getQueryParam(req, "state");
    16. 

  16. 

  17.     if (!code || !state) {
    18. 

  18.       res.status(400).json({ error: "code and state are required" });
    19. 

  19.       return;
    20. 

  20.     }
    21. 

  21. 

  22.     try {
    23. 

  23.       const tokenResponse = await sdk.exchangeCodeForToken(code, state);
    24. 

  24.       const userInfo = await sdk.getUserInfo(tokenResponse.accessToken);
    25. 

  25. 

  26.       if (!userInfo.openId) {
    27. 

  27.         res.status(400).json({ error: "openId missing from user info" });
    28. 

  28.         return;
    29. 

  29.       }
    30. 

  30. 

  31.       await db.upsertUser({
    32. 

  32.         openId: userInfo.openId,
    33. 

  33.         name: userInfo.name || null,
    34. 

  34.         email: userInfo.email ?? null,
    35. 

  35.         loginMethod: userInfo.loginMethod ?? userInfo.platform ?? null,
    36. 

  36.         lastSignedIn: new Date(),
    37. 

  37.       });
    38. 

  38. 

  39.       const sessionToken = await sdk.createSessionToken(userInfo.openId, {
    40. 

  40.         name: userInfo.name || "",
    41. 

  41.         expiresInMs: ONE_YEAR_MS,
    42. 

  42.       });
    43. 

  43. 

  44.       const cookieOptions = getSessionCookieOptions(req);
    45. 

  45.       res.cookie(COOKIE_NAME, sessionToken, { ...cookieOptions, maxAge: ONE_YEAR_MS });
    46. 

  46. 

  47.       // Parse state to check for returnPath
    48. 

  48.       let redirectTo = "/";
    49. 

  49.       try {
    50. 

  50.         const decoded = Buffer.from(state, "base64").toString("utf-8");
    51. 

  51.         const parsed = JSON.parse(decoded);
    52. 

  52.         if (parsed.returnPath && typeof parsed.returnPath === "string" && parsed.returnPath.startsWith("/")) {
    53. 

  53.           redirectTo = parsed.returnPath;
    54. 

  54.         }
    55. 

  55.       } catch {
    56. 

  56.         // state is just the redirectUri string, redirect to /
    57. 

  57.       }
    58. 

  58.       res.redirect(302, redirectTo);
    59. 

  59.     } catch (error) {
    60. 

  60.       console.error("[OAuth] Callback failed", error);
    61. 

  61.       res.status(500).json({ error: "OAuth callback failed" });
    62. 

  62.     }
    63. 

  63.   });
    64. 

  64. }
    65.