mirror of
https://github.com/LukeHagar/better-auth.git
synced 2025-12-09 20:27:44 +00:00
chore: cleanup
This commit is contained in:
Bereket Engida
@@ -15,7 +15,6 @@ import { useParams, useRouter } from "next/navigation";
|
||||
import { Skeleton } from "@/components/ui/skeleton";
|
||||
import { client, organization } from "@/lib/auth-client";
|
||||
import { InvitationError } from "./invitation-error";
|
||||
import { Invitation } from "@/lib/auth-types";
|
||||
|
||||
export default function InvitationPage() {
|
||||
const params = useParams<{
|
||||
|
||||
@@ -56,16 +56,16 @@ export const callbackOAuth = createAuthEndpoint(
|
||||
}
|
||||
|
||||
const {
|
||||
data: { callbackURL, currentURL, dontRememberMe, code },
|
||||
data: { callbackURL, currentURL, code: stateCode },
|
||||
} = parsedState;
|
||||
|
||||
const storedCode = await c.getSignedCookie(
|
||||
const storedState = await c.getSignedCookie(
|
||||
c.context.authCookies.state.name,
|
||||
c.context.secret,
|
||||
);
|
||||
|
||||
if (storedCode !== code) {
|
||||
logger.error("Oauth code mismatch", storedCode, code);
|
||||
if (storedState !== stateCode) {
|
||||
logger.error("OAuth state mismatch", storedState, stateCode);
|
||||
throw c.redirect(
|
||||
`${c.context.baseURL}/error?error=please_restart_the_process`,
|
||||
);
|
||||
@@ -186,7 +186,6 @@ export const callbackOAuth = createAuthEndpoint(
|
||||
const session = await c.context.internalAdapter.createSession(
|
||||
userId || id,
|
||||
c.request,
|
||||
dontRememberMe,
|
||||
);
|
||||
if (!session) {
|
||||
const url = new URL(currentURL || callbackURL);
|
||||
@@ -194,7 +193,7 @@ export const callbackOAuth = createAuthEndpoint(
|
||||
throw c.redirect(url.toString());
|
||||
}
|
||||
try {
|
||||
await setSessionCookie(c, session.id, dontRememberMe);
|
||||
await setSessionCookie(c, session.id);
|
||||
} catch (e) {
|
||||
c.context.logger.error("Unable to set session cookie", e);
|
||||
const url = new URL(currentURL || callbackURL);
|
||||
|
||||
@@ -30,10 +30,6 @@ export const signInOAuth = createAuthEndpoint(
|
||||
* OAuth2 provider to use`
|
||||
*/
|
||||
provider: z.enum(oAuthProviderList),
|
||||
/**
|
||||
* If this is true the session will only be valid for the current browser session
|
||||
*/
|
||||
dontRememberMe: z.boolean().default(false).optional(),
|
||||
}),
|
||||
},
|
||||
async (c) => {
|
||||
@@ -62,7 +58,6 @@ export const signInOAuth = createAuthEndpoint(
|
||||
callbackURL || currentURL?.origin || c.context.baseURL,
|
||||
c.query?.currentURL,
|
||||
);
|
||||
try {
|
||||
await c.setSignedCookie(
|
||||
cookie.state.name,
|
||||
state.code,
|
||||
@@ -90,9 +85,6 @@ export const signInOAuth = createAuthEndpoint(
|
||||
codeVerifier,
|
||||
redirect: true,
|
||||
};
|
||||
} catch (e) {
|
||||
throw new APIError("INTERNAL_SERVER_ERROR");
|
||||
}
|
||||
},
|
||||
);
|
||||
|
||||
|
||||
@@ -164,6 +164,12 @@ export function deleteSessionCookie(ctx: GenericEndpointContext) {
|
||||
ctx.setCookie(ctx.context.authCookies.sessionToken.name, "", {
|
||||
maxAge: 0,
|
||||
});
|
||||
ctx.setCookie(ctx.context.authCookies.pkCodeVerifier.name, "", {
|
||||
maxAge: 0,
|
||||
});
|
||||
ctx.setCookie(ctx.context.authCookies.state.name, "", {
|
||||
maxAge: 0,
|
||||
});
|
||||
ctx.setCookie(ctx.context.authCookies.dontRememberToken.name, "", {
|
||||
maxAge: 0,
|
||||
});
|
||||
|
||||
@@ -65,6 +65,7 @@ describe("Social Providers", async () => {
|
||||
const signInRes = await client.signIn.social(
|
||||
{
|
||||
provider: "google",
|
||||
callbackURL: "/callback",
|
||||
},
|
||||
{
|
||||
onSuccess(context) {
|
||||
@@ -97,6 +98,9 @@ describe("Social Providers", async () => {
|
||||
headers,
|
||||
onError(context) {
|
||||
expect(context.response.status).toBe(302);
|
||||
const location = context.response.headers.get("location");
|
||||
expect(location).toBeDefined();
|
||||
expect(location).toContain("/callback");
|
||||
const cookies = parseSetCookieHeader(
|
||||
context.response.headers.get("set-cookie") || "",
|
||||
);
|
||||
|
||||
@@ -1,19 +1,12 @@
|
||||
import { generateState as generateStateOAuth } from "oslo/oauth2";
|
||||
import { z } from "zod";
|
||||
|
||||
export function generateState(
|
||||
callbackURL?: string,
|
||||
currentURL?: string,
|
||||
dontRememberMe?: boolean,
|
||||
additionalFields?: Record<string, any>,
|
||||
) {
|
||||
export function generateState(callbackURL?: string, currentURL?: string) {
|
||||
const code = generateStateOAuth();
|
||||
const state = JSON.stringify({
|
||||
code,
|
||||
callbackURL,
|
||||
currentURL,
|
||||
dontRememberMe,
|
||||
additionalFields,
|
||||
});
|
||||
return { state, code };
|
||||
}
|
||||
@@ -24,8 +17,6 @@ export function parseState(state: string) {
|
||||
code: z.string(),
|
||||
callbackURL: z.string().optional(),
|
||||
currentURL: z.string().optional(),
|
||||
dontRememberMe: z.boolean().optional(),
|
||||
additionalFields: z.record(z.string()).optional(),
|
||||
})
|
||||
.safeParse(JSON.parse(state));
|
||||
return data;
|
||||
|
||||
Reference in New Issue
Block a user