diff options
Diffstat (limited to 'src/server')
| -rw-r--r-- | src/server/api/common/signin.ts | 8 | ||||
| -rw-r--r-- | src/server/api/service/discord.ts | 15 | ||||
| -rw-r--r-- | src/server/api/service/github.ts | 14 | ||||
| -rw-r--r-- | src/server/api/service/twitter.ts | 14 |
4 files changed, 18 insertions, 33 deletions
diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts index aa2786f8fc..50f79f1919 100644 --- a/src/server/api/common/signin.ts +++ b/src/server/api/common/signin.ts @@ -9,16 +9,12 @@ import { publishMainStream } from '../../../services/stream'; export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) { if (redirect) { //#region Cookie - const expires = 1000 * 60 * 60 * 24 * 365; // One Year - ctx.cookies.set('i', user.token, { + ctx.cookies.set('igi', user.token, { path: '/', - domain: config.hostname, // SEE: https://github.com/koajs/koa/issues/974 // When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header secure: config.url.startsWith('https'), - httpOnly: false, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: false }); //#endregion diff --git a/src/server/api/service/discord.ts b/src/server/api/service/discord.ts index f9f3026aa8..c2bb02453b 100644 --- a/src/server/api/service/discord.ts +++ b/src/server/api/service/discord.ts @@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -113,14 +113,10 @@ router.get('/signin/discord', async ctx => { response_type: 'code' }; - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_discord_session_id', sessid, { + ctx.cookies.set('signin_with_discord_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); redis.set(sessid, JSON.stringify(params)); @@ -135,7 +131,7 @@ router.get('/dc/cb', async ctx => { const oauth2 = await getOAuth2(); if (!userToken) { - const sessid = ctx.cookies.get('signin_with_discord_session_id'); + const sessid = ctx.cookies.get('signin_with_discord_sid'); if (!sessid) { ctx.throw(400, 'invalid session'); @@ -199,7 +195,7 @@ router.get('/dc/cb', async ctx => { } const profile = await UserProfiles.createQueryBuilder() - .where('"integrations"->"discord"->"id" = :id', { id: id }) + .where(`"integrations"->'discord'->>'id' = :id`, { id: id }) .andWhere('"userHost" IS NULL') .getOne(); @@ -212,6 +208,7 @@ router.get('/dc/cb', async ctx => { integrations: { ...profile.integrations, discord: { + id: id, accessToken: accessToken, refreshToken: refreshToken, expiresDate: expiresDate, diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts index ec9cce7ad8..e36c43ee38 100644 --- a/src/server/api/service/github.ts +++ b/src/server/api/service/github.ts @@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -111,14 +111,10 @@ router.get('/signin/github', async ctx => { state: uuid() }; - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_github_session_id', sessid, { + ctx.cookies.set('signin_with_github_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); redis.set(sessid, JSON.stringify(params)); @@ -133,7 +129,7 @@ router.get('/gh/cb', async ctx => { const oauth2 = await getOath2(); if (!userToken) { - const sessid = ctx.cookies.get('signin_with_github_session_id'); + const sessid = ctx.cookies.get('signin_with_github_sid'); if (!sessid) { ctx.throw(400, 'invalid session'); @@ -192,7 +188,7 @@ router.get('/gh/cb', async ctx => { } const link = await UserProfiles.createQueryBuilder() - .where('"integrations"->"github"->"id" = :id', { id: id }) + .where(`"integrations"->'github'->>'id' = :id`, { id: id }) .andWhere('"userHost" IS NULL') .getOne(); diff --git a/src/server/api/service/twitter.ts b/src/server/api/service/twitter.ts index 881915b58f..000eb57c1b 100644 --- a/src/server/api/service/twitter.ts +++ b/src/server/api/service/twitter.ts @@ -12,7 +12,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -102,14 +102,10 @@ router.get('/signin/twitter', async ctx => { redis.set(sessid, JSON.stringify(twCtx)); - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_twitter_session_id', sessid, { + ctx.cookies.set('signin_with_twitter_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); ctx.redirect(twCtx.url); @@ -121,7 +117,7 @@ router.get('/tw/cb', async ctx => { const twAuth = await getTwAuth(); if (userToken == null) { - const sessid = ctx.cookies.get('signin_with_twitter_session_id'); + const sessid = ctx.cookies.get('signin_with_twitter_sid'); if (sessid == null) { ctx.throw(400, 'invalid session'); @@ -139,7 +135,7 @@ router.get('/tw/cb', async ctx => { const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier); const link = await UserProfiles.createQueryBuilder() - .where('"integrations"->"twitter"->"userId" = :id', { id: result.userId }) + .where(`"integrations"->'twitter'->>'userId' = :id`, { id: result.userId }) .andWhere('"userHost" IS NULL') .getOne(); |