From 80eedf744944769c8ba9bbdccc2aa7dad06b2151 Mon Sep 17 00:00:00 2001
From: MeiMei <30769358+mei23@users.noreply.github.com>
Date: Fri, 20 Mar 2020 13:56:22 +0900
Subject: 連携ログインができないのなどを修正 (#6162)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* 連携ログインができないのを修正

* Cookie名変更, セッションに

* igiはやっぱり非セッションCookieで

* 2回目以降Discordログインできなくなるのを修正
---
 src/server/api/common/signin.ts   |  8 ++------
 src/server/api/service/discord.ts | 15 ++++++---------
 src/server/api/service/github.ts  | 14 +++++---------
 src/server/api/service/twitter.ts | 14 +++++---------
 4 files changed, 18 insertions(+), 33 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts
index aa2786f8fc..50f79f1919 100644
--- a/src/server/api/common/signin.ts
+++ b/src/server/api/common/signin.ts
@@ -9,16 +9,12 @@ import { publishMainStream } from '../../../services/stream';
 export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
 	if (redirect) {
 		//#region Cookie
-		const expires = 1000 * 60 * 60 * 24 * 365; // One Year
-		ctx.cookies.set('i', user.token, {
+		ctx.cookies.set('igi', user.token, {
 			path: '/',
-			domain: config.hostname,
 			// SEE: https://github.com/koajs/koa/issues/974
 			// When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header
 			secure: config.url.startsWith('https'),
-			httpOnly: false,
-			expires: new Date(Date.now() + expires),
-			maxAge: expires
+			httpOnly: false
 		});
 		//#endregion
 
diff --git a/src/server/api/service/discord.ts b/src/server/api/service/discord.ts
index f9f3026aa8..c2bb02453b 100644
--- a/src/server/api/service/discord.ts
+++ b/src/server/api/service/discord.ts
@@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
 import { ensure } from '../../../prelude/ensure';
 
 function getUserToken(ctx: Koa.Context) {
-	return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
+	return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
 }
 
 function compareOrigin(ctx: Koa.Context) {
@@ -113,14 +113,10 @@ router.get('/signin/discord', async ctx => {
 		response_type: 'code'
 	};
 
-	const expires = 1000 * 60 * 60; // 1h
-	ctx.cookies.set('signin_with_discord_session_id', sessid, {
+	ctx.cookies.set('signin_with_discord_sid', sessid, {
 		path: '/',
-		domain: config.host,
 		secure: config.url.startsWith('https'),
-		httpOnly: true,
-		expires: new Date(Date.now() + expires),
-		maxAge: expires
+		httpOnly: true
 	});
 
 	redis.set(sessid, JSON.stringify(params));
@@ -135,7 +131,7 @@ router.get('/dc/cb', async ctx => {
 	const oauth2 = await getOAuth2();
 
 	if (!userToken) {
-		const sessid = ctx.cookies.get('signin_with_discord_session_id');
+		const sessid = ctx.cookies.get('signin_with_discord_sid');
 
 		if (!sessid) {
 			ctx.throw(400, 'invalid session');
@@ -199,7 +195,7 @@ router.get('/dc/cb', async ctx => {
 		}
 
 		const profile = await UserProfiles.createQueryBuilder()
-			.where('"integrations"->"discord"->"id" = :id', { id: id })
+			.where(`"integrations"->'discord'->>'id' = :id`, { id: id })
 			.andWhere('"userHost" IS NULL')
 			.getOne();
 
@@ -212,6 +208,7 @@ router.get('/dc/cb', async ctx => {
 			integrations: {
 				...profile.integrations,
 				discord: {
+					id: id,
 					accessToken: accessToken,
 					refreshToken: refreshToken,
 					expiresDate: expiresDate,
diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts
index ec9cce7ad8..e36c43ee38 100644
--- a/src/server/api/service/github.ts
+++ b/src/server/api/service/github.ts
@@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
 import { ensure } from '../../../prelude/ensure';
 
 function getUserToken(ctx: Koa.Context) {
-	return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
+	return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
 }
 
 function compareOrigin(ctx: Koa.Context) {
@@ -111,14 +111,10 @@ router.get('/signin/github', async ctx => {
 		state: uuid()
 	};
 
-	const expires = 1000 * 60 * 60; // 1h
-	ctx.cookies.set('signin_with_github_session_id', sessid, {
+	ctx.cookies.set('signin_with_github_sid', sessid, {
 		path: '/',
-		domain: config.host,
 		secure: config.url.startsWith('https'),
-		httpOnly: true,
-		expires: new Date(Date.now() + expires),
-		maxAge: expires
+		httpOnly: true
 	});
 
 	redis.set(sessid, JSON.stringify(params));
@@ -133,7 +129,7 @@ router.get('/gh/cb', async ctx => {
 	const oauth2 = await getOath2();
 
 	if (!userToken) {
-		const sessid = ctx.cookies.get('signin_with_github_session_id');
+		const sessid = ctx.cookies.get('signin_with_github_sid');
 
 		if (!sessid) {
 			ctx.throw(400, 'invalid session');
@@ -192,7 +188,7 @@ router.get('/gh/cb', async ctx => {
 		}
 
 		const link = await UserProfiles.createQueryBuilder()
-			.where('"integrations"->"github"->"id" = :id', { id: id })
+			.where(`"integrations"->'github'->>'id' = :id`, { id: id })
 			.andWhere('"userHost" IS NULL')
 			.getOne();
 
diff --git a/src/server/api/service/twitter.ts b/src/server/api/service/twitter.ts
index 881915b58f..000eb57c1b 100644
--- a/src/server/api/service/twitter.ts
+++ b/src/server/api/service/twitter.ts
@@ -12,7 +12,7 @@ import { ILocalUser } from '../../../models/entities/user';
 import { ensure } from '../../../prelude/ensure';
 
 function getUserToken(ctx: Koa.Context) {
-	return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
+	return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
 }
 
 function compareOrigin(ctx: Koa.Context) {
@@ -102,14 +102,10 @@ router.get('/signin/twitter', async ctx => {
 
 	redis.set(sessid, JSON.stringify(twCtx));
 
-	const expires = 1000 * 60 * 60; // 1h
-	ctx.cookies.set('signin_with_twitter_session_id', sessid, {
+	ctx.cookies.set('signin_with_twitter_sid', sessid, {
 		path: '/',
-		domain: config.host,
 		secure: config.url.startsWith('https'),
-		httpOnly: true,
-		expires: new Date(Date.now() + expires),
-		maxAge: expires
+		httpOnly: true
 	});
 
 	ctx.redirect(twCtx.url);
@@ -121,7 +117,7 @@ router.get('/tw/cb', async ctx => {
 	const twAuth = await getTwAuth();
 
 	if (userToken == null) {
-		const sessid = ctx.cookies.get('signin_with_twitter_session_id');
+		const sessid = ctx.cookies.get('signin_with_twitter_sid');
 
 		if (sessid == null) {
 			ctx.throw(400, 'invalid session');
@@ -139,7 +135,7 @@ router.get('/tw/cb', async ctx => {
 		const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
 
 		const link = await UserProfiles.createQueryBuilder()
-			.where('"integrations"->"twitter"->"userId" = :id', { id: result.userId })
+			.where(`"integrations"->'twitter'->>'userId' = :id`, { id: result.userId })
 			.andWhere('"userHost" IS NULL')
 			.getOne();
 
-- 
cgit v1.2.3-freya