62 lines
1.7 KiB
TypeScript
62 lines
1.7 KiB
TypeScript
import { jsonError } from "../../../common.js";
|
|
|
|
export async function onRequestGet(context: RequestContext) {
|
|
const { current_user: currentUser } = context.data;
|
|
|
|
if (!currentUser) return jsonError("Unauthorized", 401);
|
|
|
|
const header = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
|
|
|
const cookies = (context.request.headers.get("cookie") as string).split("; ");
|
|
const sessionCookie = cookies.find((c) => c.startsWith("_s=")) as string;
|
|
|
|
const claimSet = btoa(
|
|
JSON.stringify({
|
|
email: currentUser.email,
|
|
email_verified: true,
|
|
exp: Math.floor(currentUser.refresh_at / 1000),
|
|
iat: Math.floor(Date.now() / 1000),
|
|
iss: "https://carcrushers.cc/auth/mobile/token",
|
|
jti: sessionCookie.replace("_s=", ""),
|
|
name: currentUser.username,
|
|
permissions: currentUser.permissions,
|
|
picture: currentUser.avatar ?? "https://carcrushers.cc/files/logo192.png",
|
|
sub: currentUser.id,
|
|
}),
|
|
)
|
|
.replaceAll("+", "-")
|
|
.replaceAll("/", "_")
|
|
.replaceAll("=", "");
|
|
|
|
const key = await crypto.subtle.importKey(
|
|
"raw",
|
|
// @ts-ignore
|
|
Uint8Array.from(
|
|
atob(
|
|
context.env.JWT_SIGNING_KEY.replaceAll("-", "+").replaceAll("_", "/"),
|
|
),
|
|
(m) => m.codePointAt(0),
|
|
),
|
|
{ hash: "SHA-256", name: "HMAC" },
|
|
false,
|
|
["sign"],
|
|
);
|
|
|
|
const signature = await crypto.subtle.sign(
|
|
"HMAC",
|
|
key,
|
|
new TextEncoder().encode(`${header}.${claimSet}`),
|
|
);
|
|
|
|
const encodedSignature = btoa(
|
|
String.fromCodePoint(...new Uint8Array(signature)),
|
|
)
|
|
.replaceAll("+", "-")
|
|
.replaceAll("/", "_")
|
|
.replaceAll("=", "");
|
|
|
|
return Response.redirect(
|
|
`com.carcrushers.app://login-callback?token=${header}.${claimSet}.${encodedSignature}`,
|
|
);
|
|
}
|