Refactor Discord authentication endpoint for improved error handling and structure

Signed-off-by: Chaoscaot <max@maxsp.de>
2025-11-14 23:56:04 +01:00
parent f923a007a7
commit e343d044ff
1 changed files with 30 additions and 21 deletions
@@ -20,13 +20,11 @@
 package de.steamwar.routes

 import de.steamwar.ResponseError
-import de.steamwar.config
 import de.steamwar.plugins.SWUserSession
 import de.steamwar.sql.SteamwarUser
 import io.ktor.client.HttpClient
 import io.ktor.client.engine.java.Java
 import io.ktor.client.plugins.contentnegotiation.ContentNegotiation
-import io.ktor.client.plugins.defaultRequest
 import io.ktor.client.request.get
 import io.ktor.client.request.headers
 import io.ktor.client.statement.bodyAsText
@@ -55,25 +53,6 @@ fun Route.configureAuth() {
            }
        }

-        post<Any>("/discord") {
-            val token = call.receiveText()
-
-            val res = client.get("https://discord.com/api/v10/oauth2/@me") {
-                headers {
-                    set("Authorization", "Bearer $token")
-                }
-            }
-            val resJson = Json.parseToJsonElement(res.bodyAsText()).jsonObject
-            val discordId = resJson["user"]?.jsonObject["id"]?.jsonPrimitive?.content ?: return@post
-
-            SteamwarUser.clear()
-            val user = SteamwarUser.get(discordId.toLong()) ?: return@post
-
-
-            call.sessions.set(SWUserSession(user.getId()))
-            call.respond(ResponseUser.get(user))
-        }
-
        post {
            val request = call.receive<UsernamePassword>()

@@ -94,5 +73,35 @@ fun Route.configureAuth() {
            call.sessions.clear<SWUserSession>()
            call.respond(HttpStatusCode.NoContent)
        }
+
+        route("/discord") {
+            post {
+                val token = call.receiveText()
+
+                val res = client.get("https://discord.com/api/v10/oauth2/@me") {
+                    headers {
+                        append("Authorization", "Bearer $token")
+                    }
+                }
+                val resJson = Json.parseToJsonElement(res.bodyAsText()).jsonObject
+                val discordId = resJson["user"]?.jsonObject["id"]?.jsonPrimitive?.content
+
+                if (discordId == null) {
+                    call.respond(HttpStatusCode.Forbidden, ResponseError("Invalid Discord token", "invalid"))
+                    return@post
+                }
+
+                SteamwarUser.clear()
+                val user = SteamwarUser.get(discordId.toLong())
+
+                if (user == null) {
+                    call.respond(HttpStatusCode.Forbidden, ResponseError("Discord account not linked", "not_linked"))
+                    return@post
+                }
+
+                call.sessions.set(SWUserSession(user.getId()))
+                call.respond(ResponseUser.get(user))
+            }
+        }
    }
 }