77 lines
2.2 KiB
TypeScript
77 lines
2.2 KiB
TypeScript
import jwt from 'jsonwebtoken' //eslint-disable-line
|
|
|
|
type AccessTokenResponse = {
|
|
access_token: string,
|
|
token_type: string,
|
|
expires_in: number,
|
|
refresh_token: string,
|
|
scope: string
|
|
}
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const { code }: { code?: string } = getQuery(event)
|
|
|
|
if (!code) {
|
|
return sendRedirect(event, '/', 302)
|
|
}
|
|
|
|
let tokenResponse: AccessTokenResponse
|
|
let authorizationResponse: DiscordUser
|
|
try {
|
|
tokenResponse = await $fetch('https://discord.com/api/oauth2/token', {
|
|
method: 'POST',
|
|
body: new URLSearchParams({
|
|
client_id: config.discordClientId,
|
|
client_secret: config.discordClientSecret,
|
|
code,
|
|
grant_type: 'authorization_code',
|
|
redirect_uri: config.oauthRedirectUri,
|
|
scope: 'identify'
|
|
}),
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
}
|
|
})
|
|
|
|
authorizationResponse = await $fetch('https://discord.com/api/users/@me', {
|
|
headers: {
|
|
authorization: `Bearer ${tokenResponse.access_token}`
|
|
}
|
|
})
|
|
} catch (e) {
|
|
console.error('Discord authentication failed', e)
|
|
|
|
throw createError({ statusCode: 500, statusMessage: 'Discord authentication failed' })
|
|
}
|
|
|
|
try {
|
|
const user = await UserModel.findOneAndUpdate({ 'discord.id': authorizationResponse.id }, {
|
|
$set: {
|
|
discord: {
|
|
id: authorizationResponse.id,
|
|
username: authorizationResponse.global_name ?? authorizationResponse.username,
|
|
avatarHash: authorizationResponse.avatar
|
|
}
|
|
},
|
|
$setOnInsert: {
|
|
username: authorizationResponse.username
|
|
}
|
|
}, { upsert: true, returnDocument: 'after' })
|
|
|
|
const token = jwt.sign({
|
|
accessToken: tokenResponse.access_token,
|
|
refreshToken: tokenResponse.refresh_token,
|
|
discordId: authorizationResponse.id,
|
|
userId: user._id
|
|
}, config.jwtSecret, { expiresIn: tokenResponse.expires_in })
|
|
|
|
setCookie(event, 'jwt', token, { httpOnly: true, maxAge: tokenResponse.expires_in * 1000 })
|
|
} catch (e) {
|
|
console.error('Updating user information failed', e)
|
|
|
|
throw createError({ statusCode: 500, statusMessage: 'Updating user information failed' })
|
|
}
|
|
|
|
return sendRedirect(event, '/', 302)
|
|
})
|