feat: oauth/login: cookie is returned in response
This commit is contained in:
parent
99aec47c76
commit
bbe525a774
GPG Key ID:
D639BDF5BA578AF4
@ -17,8 +17,6 @@ import (
|
||||
// @Produce json
|
||||
// @Router /oauth/callback [get]
|
||||
func (h *handler) CallbackHandler() gin.HandlerFunc {
|
||||
// TODO: we are returning e.Response directly here, we should redirect to a trampoline page, passing the response as query string
|
||||
|
||||
return func(c *gin.Context) {
|
||||
// Extract key from cookie
|
||||
key, err := c.Cookie(oauthStateCookieName)
|
||||
@ -37,7 +35,6 @@ func (h *handler) CallbackHandler() gin.HandlerFunc {
|
||||
|
||||
// Whether state is valid, delete it
|
||||
h.cache.Get().Unlink(context.Background(), key)
|
||||
c.SetCookie(oauthStateCookieName, "", -1, "/", "", false, true)
|
||||
|
||||
// Verify state
|
||||
if c.Query("state") != expected {
|
||||
@ -111,6 +108,5 @@ func (h *handler) CallbackHandler() gin.HandlerFunc {
|
||||
|
||||
// TODO: Figure out a better way to cooperate with frontend
|
||||
c.Redirect(http.StatusFound, "/login?redirect_token="+jwt)
|
||||
// e.Pong(c, status, userApi.LoginResponse{Token: jwt, NickName: u.NickName})
|
||||
}
|
||||
}
|
||||
|
||||
@ -6,15 +6,23 @@ import (
|
||||
"git.0x7f.app/WOJ/woj-server/internal/e"
|
||||
"git.0x7f.app/WOJ/woj-server/pkg/utils"
|
||||
"github.com/gin-gonic/gin"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type LoginResponse struct {
|
||||
Url string `json:"url"`
|
||||
Cookie struct {
|
||||
Name string `json:"name"`
|
||||
Value string `json:"value"`
|
||||
Live int `json:"live"`
|
||||
} `json:"cookie"`
|
||||
}
|
||||
|
||||
// LoginHandler
|
||||
// @Summary Login with OAuth2
|
||||
// @Description Get OAuth2 Login URL
|
||||
// @Tags oauth
|
||||
// @Produce json
|
||||
// @Response 200 {object} e.Response[string] "random string"
|
||||
// @Response 200 {object} e.Response[oauth.LoginResponse] "random string"
|
||||
// @Router /oauth/login [post]
|
||||
func (h *handler) LoginHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
@ -27,10 +35,17 @@ func (h *handler) LoginHandler() gin.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
c.SetSameSite(http.SameSiteStrictMode)
|
||||
c.SetCookie(oauthStateCookieName, key, int(oauthStateLiveness.Seconds()), "/", "", false, true)
|
||||
|
||||
url := h.conf.AuthCodeURL(state)
|
||||
e.Pong(c, e.Success, url)
|
||||
e.Pong(c, e.Success, LoginResponse{
|
||||
Url: h.conf.AuthCodeURL(state),
|
||||
Cookie: struct {
|
||||
Name string `json:"name"`
|
||||
Value string `json:"value"`
|
||||
Live int `json:"live"`
|
||||
}{
|
||||
Name: oauthStateCookieName,
|
||||
Value: key,
|
||||
Live: int(oauthStateLiveness.Seconds()),
|
||||
},
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user