mirror of https://github.com/sveltejs/svelte
parent
fb5179b0f3
commit
3c5d46dc0b
@ -0,0 +1,6 @@
|
||||
export const oauth = 'https://github.com/login/oauth';
|
||||
export const baseurl = process.env.BASEURL;
|
||||
export const secure = baseurl.startsWith('https:');
|
||||
|
||||
export const client_id = process.env.GITHUB_CLIENT_ID;
|
||||
export const client_secret = process.env.GITHUB_CLIENT_SECRET;
|
@ -0,0 +1,68 @@
|
||||
import send from '@polka/send';
|
||||
import devalue from 'devalue';
|
||||
import * as cookie from 'cookie';
|
||||
import * as httpie from 'httpie';
|
||||
import { parse, stringify } from 'querystring';
|
||||
import { find, query } from '../../utils/db.js';
|
||||
import { to_user } from '../../utils/auth';
|
||||
import { oauth, secure, client_id, client_secret } from './_config.js';
|
||||
|
||||
export async function get(req, res) {
|
||||
try {
|
||||
// Trade "code" for "access_token"
|
||||
const r1 = await httpie.post(`${oauth}/access_token?` + stringify({
|
||||
code: req.query.code,
|
||||
client_id,
|
||||
client_secret,
|
||||
}));
|
||||
|
||||
// Now fetch User details
|
||||
const { access_token } = parse(r1.data);
|
||||
const r2 = await httpie.get('https://api.github.com/user', {
|
||||
headers: {
|
||||
'User-Agent': 'svelte.dev',
|
||||
Authorization: `token ${access_token}`
|
||||
}
|
||||
});
|
||||
|
||||
const { id: uid, name, avatar_url, login } = r2.data;
|
||||
|
||||
// Upsert `users` table
|
||||
const [user] = await query(`
|
||||
insert into users(uid, name, username, avatar, github_token)
|
||||
values ($1, $2, $3, $4, $5) on conflict (uid) do update
|
||||
set (name, username, avatar, github_token, updated_at) = ($2, $3, $4, $5, now())
|
||||
returning *
|
||||
`, [uid, name, login, avatar_url, access_token]);
|
||||
|
||||
const session = await find(`
|
||||
insert into sessions(user_id)
|
||||
values ($1)
|
||||
returning *
|
||||
`, [user.id]);
|
||||
|
||||
res.writeHead(200, {
|
||||
'Set-Cookie': cookie.serialize('sid', session.uid, {
|
||||
maxAge: 31536000,
|
||||
path: '/',
|
||||
httpOnly: true,
|
||||
secure
|
||||
}),
|
||||
'Content-Type': 'text/html; charset=utf-8'
|
||||
});
|
||||
|
||||
res.end(`
|
||||
<script>
|
||||
window.opener.postMessage({
|
||||
user: ${devalue(to_user(user))}
|
||||
}, window.location.origin);
|
||||
</script>
|
||||
`);
|
||||
} catch (err) {
|
||||
console.error('GET /auth/callback', err);
|
||||
send(res, 500, err.data, {
|
||||
'Content-Type': err.headers['content-type'],
|
||||
'Content-Length': err.headers['content-length']
|
||||
});
|
||||
}
|
||||
}
|
@ -0,0 +1,27 @@
|
||||
import send from '@polka/send';
|
||||
import { stringify } from 'querystring';
|
||||
import { oauth, baseurl, client_id } from './_config.js';
|
||||
|
||||
export const get = client_id
|
||||
? (req, res) => {
|
||||
const Location = `${oauth}/authorize?` + stringify({
|
||||
scope: 'read:user',
|
||||
client_id,
|
||||
redirect_uri: `${baseurl}/auth/callback`,
|
||||
});
|
||||
|
||||
send(res, 302, Location, { Location });
|
||||
}
|
||||
: (req, res) => {
|
||||
send(res, 500, `
|
||||
<body style="font-family: sans-serif; background: rgb(255,215,215); border: 2px solid red; margin: 0; padding: 1em;">
|
||||
<h1>Missing .env file</h1>
|
||||
<p>In order to use GitHub authentication, you will need to <a target="_blank" href="https://github.com/settings/developers">register an OAuth application</a> and create a local .env file:</p>
|
||||
<pre>GITHUB_CLIENT_ID=[YOUR_APP_ID]\nGITHUB_CLIENT_SECRET=[YOUR_APP_SECRET]\nBASEURL=http://localhost:3000</pre>
|
||||
<p>The <code>BASEURL</code> variable should match the callback URL specified for your app.</p>
|
||||
<p>See also <a target="_blank" href="https://github.com/sveltejs/svelte/tree/master/site#repl-github-integration">here</a></p>
|
||||
</body>
|
||||
`, {
|
||||
'Content-Type': 'text/html; charset=utf-8'
|
||||
});
|
||||
};
|
@ -0,0 +1,19 @@
|
||||
import send from '@polka/send';
|
||||
import * as cookie from 'cookie';
|
||||
import { query } from '../../utils/db.js';
|
||||
import { secure } from './_config.js';
|
||||
|
||||
export async function get(req, res) {
|
||||
await query(`
|
||||
delete from sessions where uid = $1
|
||||
`, [req.cookies.sid]);
|
||||
|
||||
send(res, 200, '', {
|
||||
'Set-Cookie': cookie.serialize('sid', '', {
|
||||
maxAge: -1,
|
||||
path: '/',
|
||||
httpOnly: true,
|
||||
secure
|
||||
})
|
||||
});
|
||||
}
|
@ -0,0 +1,6 @@
|
||||
export const to_user = obj => obj && ({
|
||||
uid: obj.uid,
|
||||
username: obj.username,
|
||||
name: obj.name,
|
||||
avatar: obj.avatar
|
||||
});
|
Loading…
Reference in new issue