forked from SteamWar/SteamWar
Simplify Tokens and add Discord OAuth
Signed-off-by: Chaoscaot <max@maxsp.de>
This commit is contained in:
@@ -20,44 +20,60 @@
|
||||
package de.steamwar.routes
|
||||
|
||||
import de.steamwar.ResponseError
|
||||
import de.steamwar.plugins.SWAuthPrincipal
|
||||
import de.steamwar.config
|
||||
import de.steamwar.plugins.SWUserSession
|
||||
import de.steamwar.sql.SteamwarUser
|
||||
import de.steamwar.sql.Token
|
||||
import de.steamwar.util.TokenType
|
||||
import de.steamwar.util.lifetime
|
||||
import de.steamwar.util.type
|
||||
import io.ktor.client.HttpClient
|
||||
import io.ktor.client.engine.java.Java
|
||||
import io.ktor.client.plugins.contentnegotiation.ContentNegotiation
|
||||
import io.ktor.client.plugins.defaultRequest
|
||||
import io.ktor.client.request.get
|
||||
import io.ktor.client.request.headers
|
||||
import io.ktor.client.statement.bodyAsText
|
||||
import io.ktor.http.*
|
||||
import io.ktor.serialization.kotlinx.json.json
|
||||
import io.ktor.server.application.*
|
||||
import io.ktor.server.auth.*
|
||||
import io.ktor.server.request.*
|
||||
import io.ktor.server.response.*
|
||||
import io.ktor.server.routing.*
|
||||
import io.ktor.server.sessions.clear
|
||||
import io.ktor.server.sessions.sessions
|
||||
import io.ktor.server.sessions.set
|
||||
import kotlinx.serialization.Serializable
|
||||
import java.time.LocalDateTime
|
||||
import kotlin.time.Duration
|
||||
import kotlin.time.toJavaDuration
|
||||
import kotlinx.serialization.json.Json
|
||||
import kotlinx.serialization.json.jsonObject
|
||||
import kotlinx.serialization.json.jsonPrimitive
|
||||
|
||||
@Serializable
|
||||
data class UsernamePassword(val name: String, val password: String, val keepLoggedIn: Boolean = false)
|
||||
|
||||
@Serializable
|
||||
data class ResponseToken(val token: String, val expires: String) {
|
||||
constructor(token: String, lifetime: Duration) : this(token, LocalDateTime.now().plus(lifetime.toJavaDuration()).toString())
|
||||
}
|
||||
|
||||
@Serializable
|
||||
data class AuthTokenResponse(val accessToken: ResponseToken, val refreshToken: ResponseToken? = null)
|
||||
|
||||
fun SteamwarUser.createAccessAndRefreshToken(keepLoggedIn: Boolean = false): AuthTokenResponse {
|
||||
val code = System.currentTimeMillis() % 1000
|
||||
val accessToken = Token.createToken("AT-${userName}-${code}", this)
|
||||
val refreshToken = if (keepLoggedIn) Token.createToken("RT-${userName}-${code}", this) else null
|
||||
|
||||
return AuthTokenResponse(ResponseToken(accessToken, TokenType.ACCESS_TOKEN.lifetime), refreshToken?.let { ResponseToken(it, TokenType.REFRESH_TOKEN.lifetime) })
|
||||
}
|
||||
|
||||
fun Route.configureAuth() {
|
||||
route("/auth") {
|
||||
val client = HttpClient(Java) {
|
||||
install(ContentNegotiation) {
|
||||
json()
|
||||
}
|
||||
}
|
||||
|
||||
post<Any>("/discord") {
|
||||
val token = call.receiveText()
|
||||
|
||||
val res = client.get("https://discord.com/api/v10/oauth2/@me") {
|
||||
headers {
|
||||
set("Authorization", "Bearer $token")
|
||||
}
|
||||
}
|
||||
val resJson = Json.parseToJsonElement(res.bodyAsText()).jsonObject
|
||||
val discordId = resJson["user"]?.jsonObject["id"]?.jsonPrimitive?.content ?: return@post
|
||||
|
||||
SteamwarUser.clear()
|
||||
val user = SteamwarUser.get(discordId.toLong()) ?: return@post
|
||||
|
||||
|
||||
call.sessions.set(SWUserSession(user.getId()))
|
||||
call.respond(ResponseUser.get(user))
|
||||
}
|
||||
|
||||
post {
|
||||
val request = call.receive<UsernamePassword>()
|
||||
|
||||
@@ -70,37 +86,13 @@ fun Route.configureAuth() {
|
||||
return@post
|
||||
}
|
||||
|
||||
call.respond(user.createAccessAndRefreshToken(request.keepLoggedIn))
|
||||
call.sessions.set(SWUserSession(user.getId()))
|
||||
call.respond(ResponseUser.get(user))
|
||||
}
|
||||
put {
|
||||
val token = call.principal<SWAuthPrincipal>()
|
||||
|
||||
if (token == null || token.token.type != TokenType.REFRESH_TOKEN) {
|
||||
call.respond(HttpStatusCode.Forbidden, ResponseError("Invalid token type", "invalid"))
|
||||
return@put
|
||||
}
|
||||
|
||||
val code = token.token.name.substringAfterLast('-')
|
||||
|
||||
Token.listUser(token.user)
|
||||
.filter { it.type == TokenType.ACCESS_TOKEN }
|
||||
.filter { it.name.endsWith(code) }
|
||||
.forEach { it.delete() }
|
||||
|
||||
call.respond(token.user.createAccessAndRefreshToken(true))
|
||||
}
|
||||
delete {
|
||||
val token = call.principal<SWAuthPrincipal>()
|
||||
token?.let { t ->
|
||||
t.token.delete()
|
||||
val code = t.token.name.substringAfterLast('-')
|
||||
Token.listUser(token.user)
|
||||
.filter { it.type == TokenType.REFRESH_TOKEN }
|
||||
.filter { it.name.endsWith(code) }
|
||||
.forEach { it.delete() }
|
||||
}
|
||||
|
||||
call.respond(HttpStatusCode.OK)
|
||||
call.sessions.clear<SWUserSession>()
|
||||
call.respond(HttpStatusCode.NoContent)
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user