Move oauth credentials to own kv value

2023-10-28 03:09:34 -04:00 · 2023-10-28 03:09:34 -04:00 · 0bc68ef1d2
commit 0bc68ef1d2
parent ece5baf175
2 changed files with 27 additions and 13 deletions
--- a/functions/_middleware.ts
+++ b/functions/_middleware.ts
@ -33,6 +33,13 @@ async function refreshAuth(context: RequestContext) {
  if (!currentUser || currentUser.refresh_at > Date.now())
    return await context.next();

+  const oauthData = await context.env.DATA.get(
+    `oauthcredentials_${currentUser.id}`,
+    { type: "json" },
+  );
+
+  if (!oauthData) return await context.next();
+
  const refreshedTokenResponse = await fetch(
    "https://discord.com/api/v10/oauth2/token",
    {
@ -51,7 +58,7 @@ async function refreshAuth(context: RequestContext) {

  const accessData: { [k: string]: any } = await refreshedTokenResponse.json();

-  let userData: { [k: string]: any } = {
+  let tokenData: { [k: string]: any } = {
    ...accessData,
    refresh_at: Date.now() + 3600000,
  };
@ -64,10 +71,7 @@ async function refreshAuth(context: RequestContext) {

  if (!newDiscordData.ok) return await context.next();

-  userData = {
-    ...userData,
-    ...(await newDiscordData.json()),
-  };
+  const userData: { [k: string]: any } = await newDiscordData.json();

  const updatedServerMemberReq = await fetch(
    "https://discord.com/api/v10/users/@me/guilds/242263977986359297/member",
@ -95,6 +99,13 @@ async function refreshAuth(context: RequestContext) {
  await context.env.DATA.put(`auth_${tokenHash}`, JSON.stringify(userData), {
    expirationTtl: accessData.expires_in,
  });
+  await context.env.DATA.put(
+    `oauthcredentials_${userData.id}`,
+    JSON.stringify(tokenData),
+    {
+      expirationTtl: 1209600000,
+    },
+  );

  delete context.data.sid;

@ -348,5 +359,5 @@ export const onRequest = [
  setTheme,
  constructHTML,
  setBody,
-  setHeaders,
+  setHeaders
 ];
--- a/functions/api/auth/session.ts
+++ b/functions/api/auth/session.ts
@ -78,7 +78,7 @@ export async function onRequestGet(context: RequestContext) {
  if (tokenData.scope.search("guilds.members.read") === -1)
    return jsonError("Do not touch the scopes!", 400);

-  let userData: { [k: string]: any } = {
+  const oauthData = {
    ...tokenData,
    refresh_at: Date.now() + tokenData.expires_in * 1000 - 86400000,
  };
@ -94,12 +94,7 @@ export async function onRequestGet(context: RequestContext) {
    return jsonError("Failed to retrieve user", 500);
  }

-  const apiUser: { [k: string]: any } = await userReq.json();
-  userData = {
-    ...userData,
-    ...apiUser,
-  };
-
+  const userData: { [k: string]: any } = await userReq.json();
  const serverMemberReq = await fetch(
    "https://discord.com/api/v10/users/@me/guilds/242263977986359297/member",
    {
@ -138,6 +133,14 @@ export async function onRequestGet(context: RequestContext) {
    expirationTtl: tokenData.expires_in,
  });

+  await context.env.DATA.put(
+    `oauthcredentials_${userData.id}`,
+    JSON.stringify(oauthData),
+    {
+      expirationTtl: 1209600000,
+    },
+  );
+
  return new Response(null, {
    headers: {
      location: stateRedirect,