From 0664f07ad39961c4d7eb33a8868b1cfc992fdb0c Mon Sep 17 00:00:00 2001 From: NextFire Date: Tue, 9 Apr 2024 21:43:32 -0400 Subject: [PATCH] fix redirects with query params --- server/api/discord/auth.get.ts | 11 ++++++++++- server/api/discord/callback.get.ts | 2 +- server/routes/_oauth.get.ts | 8 +++++++- server/routes/interaction/[uid]/login.get.ts | 6 ++---- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/server/api/discord/auth.get.ts b/server/api/discord/auth.get.ts index 88ca91e..42ad2f0 100644 --- a/server/api/discord/auth.get.ts +++ b/server/api/discord/auth.get.ts @@ -1,4 +1,13 @@ -export default eventHandler((event) => { +import assert from "node:assert/strict"; + +export default eventHandler(async (event) => { + const query = getQuery(event); + const { redirect } = query; + assert(typeof redirect === "string"); + + const session = await useTypedSession(event); + await session.update({ redirect }); + const authUrl = getAuthorizationUrl({ scope: "identify email guilds guilds.members.read", prompt: "none", diff --git a/server/api/discord/callback.get.ts b/server/api/discord/callback.get.ts index b5447f9..e9bf276 100644 --- a/server/api/discord/callback.get.ts +++ b/server/api/discord/callback.get.ts @@ -6,7 +6,7 @@ export default eventHandler(async (event) => { assert(typeof code === "string"); const session = await useTypedSession(event); - const redirect = session.data.redirect || "/_oauth"; + const redirect = session.data.redirect || "/"; const params = new URLSearchParams({ code }); return sendRedirect(event, `${redirect}?${params}`); diff --git a/server/routes/_oauth.get.ts b/server/routes/_oauth.get.ts index cd56d05..e268a6a 100644 --- a/server/routes/_oauth.get.ts +++ b/server/routes/_oauth.get.ts @@ -6,7 +6,13 @@ export default eventHandler(async (event) => { const { code, proto, host, uri } = query; if (host) { await session.update({ redirect: `${proto}://${host}${uri}` }); - return sendRedirect(event, `${userConfig.publicUrl}/api/discord/auth`); + const params = new URLSearchParams({ + redirect: `http://${host}/${event.path}`, + }); + return sendRedirect( + event, + `${userConfig.publicUrl}/api/discord/auth?${params}` + ); } else if (code) { assert(typeof code === "string"); const resp = await exchangeCode(code); diff --git a/server/routes/interaction/[uid]/login.get.ts b/server/routes/interaction/[uid]/login.get.ts index 6c2a56e..05a3ae4 100644 --- a/server/routes/interaction/[uid]/login.get.ts +++ b/server/routes/interaction/[uid]/login.get.ts @@ -5,8 +5,6 @@ export default eventHandler(async (event) => { const interaction = await provider.interactionDetails(req, res); assert.equal(interaction.prompt.name, "login"); - const session = await useTypedSession(event); - await session.update({ redirect: `${event.path}/../callback` }); - - return sendRedirect(event, "/api/discord/auth"); + const params = new URLSearchParams({ redirect: `${event.path}/../callback` }); + return sendRedirect(event, `/api/discord/auth?${params}`); });