Skip to content

Commit

Permalink
fix: auth redirect
Browse files Browse the repository at this point in the history
  • Loading branch information
xfoxfu committed Oct 10, 2024
1 parent a3684fc commit 40321d6
Showing 1 changed file with 11 additions and 12 deletions.
23 changes: 11 additions & 12 deletions Net.Vatprc.Uniapi/Controllers/AuthController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ protected IActionResult RenderDeviceCodeUI(string? user_code)
<link href="/style.css" rel="stylesheet">
</head>
<body class="grid h-screen place-items-center bg-slate-100">
<form class="container max-w-2xl bg-white shadow-2xl rounded-xl p-6 flex flex-col gap-y-2" method="get">
<form class="container max-w-2xl bg-white shadow-2xl rounded-xl p-6 flex flex-col gap-y-2">
<h1 class="text-4xl font-bold">Device Code Login</h1>
{(user_code != null ? $"""<h2 class="text-xl text-red-700">The provided code <span class="font-mono">{user_code.ToUpper()}</span> is invalid.</h2>""" : "")}
<h2 class="text-2xl">Please type your code as on your device.</h2>
Expand All @@ -231,11 +231,12 @@ protected IActionResult RenderDeviceCodeUI(string? user_code)
<link href="/style.css" rel="stylesheet">
</head>
<body class="grid h-screen place-items-center bg-slate-100">
<form class="container max-w-2xl bg-white shadow-2xl rounded-xl p-6 flex flex-col gap-y-2" method="post">
<form class="container max-w-2xl bg-white shadow-2xl rounded-xl p-6 flex flex-col gap-y-2">
<h1 class="text-4xl font-bold">Device Code Login</h1>
<h2 class="text-2xl">Please check if the following code matches your device.</h2>
<div><div class="text-3xl font-bold w-fit mx-auto my-4">{code[..4]}-{code[4..]}</div></div>
<input type="hidden" name="user_code" value="{user_code}">
<input type="hidden" name="confirm" value="true">
<button type="submit" class="font-bold bg-sky-700 text-white px-2 py-1 rounded-md shadow-md hover:bg-sky-500">Proceed</button>
</form>
</body>
Expand All @@ -245,19 +246,17 @@ protected IActionResult RenderDeviceCodeUI(string? user_code)

[HttpGet("device")]
[ApiExplorerSettings(IgnoreApi = true)]
public IActionResult DeviceConfirm([FromQuery] string? user_code)
public async Task<IActionResult> DeviceConfirm([FromQuery] string? user_code, [FromQuery] bool confirm)
{
ClearCookies();
return RenderDeviceCodeUI(user_code);
}

if (!confirm)
{
return RenderDeviceCodeUI(user_code);
}

[HttpPost("device")]
[ApiExplorerSettings(IgnoreApi = true)]
public async Task<IActionResult> DeviceStart([FromForm(Name = "user_code")] string user_code)
{
var code = NormalizeUserCode(user_code);
var deviceAuthz = await DbContext.DeviceAuthorization
.FirstOrDefaultAsync(x => x.UserCode == user_code);
.FirstOrDefaultAsync(x => x.UserCode == code);
if (deviceAuthz == null)
{
return RenderCallbackUI("Error", "Invalid code", "The code provided is not found in our records.", Url.Action(nameof(DeviceConfirm)));
Expand All @@ -274,7 +273,7 @@ public async Task<IActionResult> DeviceStart([FromForm(Name = "user_code")] stri
await DbContext.SaveChangesAsync();
return RenderCallbackUI("Error", "Invalid code", "The code provided is expired.", Url.Action(nameof(DeviceConfirm)));
}
Response.Cookies.Append("user_code", user_code, new CookieOptions
Response.Cookies.Append("user_code", code, new CookieOptions
{
HttpOnly = true,
Secure = true,
Expand Down

0 comments on commit 40321d6

Please sign in to comment.