feat: get origin from client (#679)

This commit is contained in:
三咲智子 Kevin Deng 2023-01-02 03:30:39 +08:00 committed by GitHub
parent d8abea75aa
commit d0567c0d18
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 15 deletions

View file

@ -26,7 +26,12 @@ async function oauth() {
server = server.split('/')[0] server = server.split('/')[0]
try { try {
location.href = await $fetch<string>(`/api/${server || DEFAULT_SERVER}/login`) location.href = await $fetch<string>(`/api/${server || DEFAULT_SERVER}/login`, {
method: 'POST',
body: {
origin: location.origin,
},
})
} }
catch { catch {
displayError = true displayError = true

View file

@ -4,8 +4,9 @@ import { getApp, getRedirectURI } from '~/server/shared'
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
let { server } = getRouterParams(event) let { server } = getRouterParams(event)
const { origin } = await readBody(event)
server = server.toLocaleLowerCase().trim() server = server.toLocaleLowerCase().trim()
const app = await getApp(server) const app = await getApp(origin, server)
if (!app) { if (!app) {
throw createError({ throw createError({
@ -17,7 +18,7 @@ export default defineEventHandler(async (event) => {
const query = stringifyQuery({ const query = stringifyQuery({
client_id: app.client_id, client_id: app.client_id,
scope: 'read write follow push', scope: 'read write follow push',
redirect_uri: getRedirectURI(server), redirect_uri: getRedirectURI(origin, server),
response_type: 'code', response_type: 'code',
}) })

View file

@ -3,9 +3,10 @@ import { createError, defineEventHandler, getQuery, getRouterParams, sendRedirec
import { getApp, getRedirectURI } from '~/server/shared' import { getApp, getRedirectURI } from '~/server/shared'
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const { origin } = getQuery(event) as { origin: string }
let { server } = getRouterParams(event) let { server } = getRouterParams(event)
server = server.toLocaleLowerCase().trim() server = server.toLocaleLowerCase().trim()
const app = await getApp(server) const app = await getApp(origin, server)
if (!app) { if (!app) {
throw createError({ throw createError({
@ -27,7 +28,7 @@ export default defineEventHandler(async (event) => {
body: { body: {
client_id: app.client_id, client_id: app.client_id,
client_secret: app.client_secret, client_secret: app.client_secret,
redirect_uri: getRedirectURI(server), redirect_uri: getRedirectURI(origin, server),
grant_type: 'authorization_code', grant_type: 'authorization_code',
code, code,
scope: 'read write follow push', scope: 'read write follow push',

View file

@ -3,7 +3,7 @@ import _fs from 'unstorage/drivers/fs'
// @ts-expect-error unstorage needs to provide backwards-compatible subpath types // @ts-expect-error unstorage needs to provide backwards-compatible subpath types
import _kv from 'unstorage/drivers/cloudflare-kv-http' import _kv from 'unstorage/drivers/cloudflare-kv-http'
import { parseURL } from 'ufo' import { stringifyQuery } from 'ufo'
import { $fetch } from 'ofetch' import { $fetch } from 'ofetch'
import type { Storage } from 'unstorage' import type { Storage } from 'unstorage'
@ -14,8 +14,6 @@ import type { AppInfo } from '~/types'
import { APP_NAME } from '~/constants' import { APP_NAME } from '~/constants'
const config = useRuntimeConfig() const config = useRuntimeConfig()
export const HOST_URL = config.deployUrl
export const HOST_DOMAIN = parseURL(HOST_URL).host!
const fs = _fs as typeof import('unstorage/dist/drivers/fs')['default'] const fs = _fs as typeof import('unstorage/dist/drivers/fs')['default']
const kv = _kv as typeof import('unstorage/dist/drivers/cloudflare-kv-http')['default'] const kv = _kv as typeof import('unstorage/dist/drivers/cloudflare-kv-http')['default']
@ -33,30 +31,30 @@ else if (config.storage.driver === 'cloudflare') {
}))) })))
} }
export function getRedirectURI(server: string) { export function getRedirectURI(origin: string, server: string) {
return `${HOST_URL}/api/${server}/oauth` return `${origin}/api/${server}/oauth?${stringifyQuery({ origin })}`
} }
async function fetchAppInfo(server: string) { async function fetchAppInfo(origin: string, server: string) {
const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, { const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, {
method: 'POST', method: 'POST',
body: { body: {
client_name: APP_NAME + (config.public.env === 'local' ? ' (dev)' : ''), client_name: APP_NAME + (config.public.env === 'local' ? ' (dev)' : ''),
website: 'https://elk.zone', website: 'https://elk.zone',
redirect_uris: getRedirectURI(server), redirect_uris: getRedirectURI(origin, server),
scopes: 'read write follow push', scopes: 'read write follow push',
}, },
}) })
return app return app
} }
export async function getApp(server: string) { export async function getApp(origin: string, server: string) {
const key = `servers:${HOST_DOMAIN.replace(/[^\w\d]/g, '-')}:${server}.json` const key = `servers:${origin.replace(/[^\w\d]/g, '-')}:${server}.json`
try { try {
if (await storage.hasItem(key)) if (await storage.hasItem(key))
return await storage.getItem(key) as Promise<AppInfo> return await storage.getItem(key) as Promise<AppInfo>
const appInfo = await fetchAppInfo(server) const appInfo = await fetchAppInfo(origin, server)
await storage.setItem(key, appInfo) await storage.setItem(key, appInfo)
return appInfo return appInfo
} }