From 92955f10c102d7b81468173185940fd0ccb57a6b Mon Sep 17 00:00:00 2001 From: NextFire Date: Tue, 9 Apr 2024 21:36:58 -0400 Subject: [PATCH] fix forward auth --- server/api/discord/callback.get.ts | 3 ++- server/routes/_oauth.get.ts | 9 ++++----- server/routes/traefik.get.ts | 3 +-- server/utils/session.ts | 1 - 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/server/api/discord/callback.get.ts b/server/api/discord/callback.get.ts index e6db391..b5447f9 100644 --- a/server/api/discord/callback.get.ts +++ b/server/api/discord/callback.get.ts @@ -6,7 +6,8 @@ export default eventHandler(async (event) => { assert(typeof code === "string"); const session = await useTypedSession(event); - const redirect = session.data.redirect || "/"; + const redirect = session.data.redirect || "/_oauth"; + const params = new URLSearchParams({ code }); return sendRedirect(event, `${redirect}?${params}`); }); diff --git a/server/routes/_oauth.get.ts b/server/routes/_oauth.get.ts index b59d4ea..cd56d05 100644 --- a/server/routes/_oauth.get.ts +++ b/server/routes/_oauth.get.ts @@ -3,10 +3,9 @@ import assert from "node:assert/strict"; export default eventHandler(async (event) => { const session = await useTypedSession(event); const query = getQuery(event); - const { code, forwardAuthRedirect } = query; - if (forwardAuthRedirect) { - assert(typeof forwardAuthRedirect === "string"); - await session.update({ redirect: ".", forwardAuthRedirect }); + const { code, proto, host, uri } = query; + if (host) { + await session.update({ redirect: `${proto}://${host}${uri}` }); return sendRedirect(event, `${userConfig.publicUrl}/api/discord/auth`); } else if (code) { assert(typeof code === "string"); @@ -23,7 +22,7 @@ export default eventHandler(async (event) => { forwardAuthGroups: groups, forwardAuthExpires: Date.now() + 1000 * 60 * 60 * 24, }); - return sendRedirect(event, session.data.forwardAuthRedirect); + return sendRedirect(event, session.data.redirect || "/"); } else { throw createError({ status: 400, message: "Missing required query" }); } diff --git a/server/routes/traefik.get.ts b/server/routes/traefik.get.ts index 8284c4d..f4e2902 100644 --- a/server/routes/traefik.get.ts +++ b/server/routes/traefik.get.ts @@ -17,8 +17,7 @@ export default eventHandler(async (event) => { throw createError({ status: 401, message: "Missing required group" }); } } else { - const forwardAuthRedirect = `${proto}://${host}${uri}`; - const params = new URLSearchParams({ forwardAuthRedirect }); + const params = new URLSearchParams({ proto, host, uri }); return sendRedirect(event, `http://${host}/_oauth?${params}`); } }); diff --git a/server/utils/session.ts b/server/utils/session.ts index de3e3fc..fecc5ae 100644 --- a/server/utils/session.ts +++ b/server/utils/session.ts @@ -2,7 +2,6 @@ import { type H3Event } from "h3"; interface SessionData { redirect: string; - forwardAuthRedirect: string; forwardAuthGroups: string[]; forwardAuthExpires: number; }