Put the longer codes into different cookies for easier storage
This commit is contained in:
parent
10c6848c5c
commit
5f8bf52194
34
main.go
34
main.go
|
@ -18,6 +18,7 @@ import (
|
|||
"fmt"
|
||||
"log"
|
||||
"math/big"
|
||||
"net/http"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
|
@ -927,12 +928,13 @@ func main() {
|
|||
"session": secretKey,
|
||||
"appId": appId,
|
||||
"exchangeKey": exchangeKey,
|
||||
"oauthToken": oauthToken,
|
||||
"creator": userId,
|
||||
"openid": openIdToken,
|
||||
"PKCECode": code,
|
||||
"PKCEMethod": codeMethod,
|
||||
}
|
||||
c.SetSameSite(3)
|
||||
c.SetCookie("oauthToken", oauthToken, 300, "/", "", true, true)
|
||||
c.SetCookie("openIdToken", openIdToken, 300, "/", "", true, true)
|
||||
|
||||
sessionInfoStr, err := json.Marshal(sessionInfo)
|
||||
if err != nil {
|
||||
|
@ -1002,12 +1004,36 @@ func main() {
|
|||
|
||||
var activeLoginMap map[string]any
|
||||
err = json.Unmarshal([]byte(activeLogin.(string)), &activeLoginMap)
|
||||
openid, loginCode, PKCECode, PKCEMethod := activeLoginMap["openid"].(string), activeLoginMap["session"].(string), activeLoginMap["PKCECode"].(string), activeLoginMap["PKCEMethod"].(string)
|
||||
PKCECode, PKCEMethod, loginCode := activeLoginMap["PKCECode"].(string), activeLoginMap["PKCEMethod"].(string), activeLoginMap["exchangeKey"].(string)
|
||||
if loginCode != code {
|
||||
c.JSON(401, gin.H{"error": "Another login attempt is in progress or the login was never started"})
|
||||
return
|
||||
}
|
||||
|
||||
oauthCode, err := c.Cookie("oauthToken")
|
||||
if err != nil {
|
||||
if errors.Is(err, http.ErrNoCookie) {
|
||||
c.JSON(401, gin.H{"error": "The token has expired or was never created"})
|
||||
return
|
||||
} else {
|
||||
log.Println("[ERROR] Unknown in /api/tokenauth oauth cookie at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-TOKENAUTH-OAUTHTOKEN"})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
openid, err := c.Cookie("openIdToken")
|
||||
if err != nil {
|
||||
if errors.Is(err, http.ErrNoCookie) {
|
||||
c.JSON(401, gin.H{"error": "The token has expired or was never created"})
|
||||
return
|
||||
} else {
|
||||
log.Println("[ERROR] Unknown in /api/tokenauth openid cookie at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-TOKENAUTH-OAUTHTOKEN"})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if verifyCode {
|
||||
if PKCECode == "none" {
|
||||
c.JSON(400, gin.H{"error": "Attempted PKCECode exchange with non-PKCECode authentication"})
|
||||
|
@ -1035,7 +1061,7 @@ func main() {
|
|||
}
|
||||
}
|
||||
|
||||
c.JSON(200, gin.H{"access_token": loginCode, "token_type": "bearer", "expires_in": 2592000, "id_token": openid})
|
||||
c.JSON(200, gin.H{"access_token": oauthCode, "token_type": "bearer", "expires_in": 2592000, "id_token": openid})
|
||||
})
|
||||
|
||||
router.POST("/api/deleteauth", func(c *gin.Context) {
|
||||
|
|
Reference in New Issue