mirror of
https://github.com/filecoin-project/slate.git
synced 2024-12-25 01:52:45 +03:00
Merge pull request #1059 from filecoin-project/@aminejv/auth-fix
Fix twitter auth in safari
This commit is contained in:
commit
20d17b1881
@ -1,5 +1,4 @@
|
||||
import * as Environment from "~/node_common/environment";
|
||||
import * as Utilities from "~/node_common/utilities";
|
||||
import * as Data from "~/node_common/data";
|
||||
import * as Strings from "~/common/strings";
|
||||
import * as Logging from "~/common/logging";
|
||||
@ -8,8 +7,6 @@ import JWT from "jsonwebtoken";
|
||||
|
||||
import { createOAuthProvider } from "~/node_common/managers/twitter";
|
||||
|
||||
const COOKIE_NAME = "oauth_token";
|
||||
|
||||
export default async (req, res) => {
|
||||
if (!Strings.isEmpty(Environment.ALLOWED_HOST) && req.headers.host !== Environment.ALLOWED_HOST) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_OAUTH_NOT_ALLOWED", error: true });
|
||||
@ -26,12 +23,6 @@ export default async (req, res) => {
|
||||
}
|
||||
|
||||
const { authToken, authVerifier } = req.body.data;
|
||||
const storedAuthToken = req.cookies[COOKIE_NAME];
|
||||
|
||||
// NOTE(amine): additional security check
|
||||
if (authToken !== storedAuthToken) {
|
||||
return res.status(403).send({ decorator: "SERVER_TWITTER_OAUTH_INVALID_TOKEN", error: true });
|
||||
}
|
||||
|
||||
let twitterUser;
|
||||
try {
|
||||
|
@ -14,13 +14,6 @@ export default async (req, res) => {
|
||||
const { getOAuthRequestToken } = createOAuthProvider();
|
||||
const { authToken, authSecretToken } = await getOAuthRequestToken();
|
||||
|
||||
// NOTE(amine): additional security check
|
||||
res.cookie("oauth_token", authToken, {
|
||||
maxAge: 15 * 60 * 1000, // 15 minutes
|
||||
secure: true,
|
||||
httpOnly: true,
|
||||
sameSite: true,
|
||||
});
|
||||
await Data.createTwitterToken({ token: authToken, tokenSecret: authSecretToken });
|
||||
res.json({ authToken });
|
||||
} catch (e) {
|
||||
|
@ -7,8 +7,6 @@ import * as Validations from "~/common/validations";
|
||||
import SearchManager from "~/node_common/managers/search";
|
||||
import JWT from "jsonwebtoken";
|
||||
|
||||
const COOKIE_NAME = "oauth_token";
|
||||
|
||||
export default async (req, res) => {
|
||||
const { authToken, email, username } = req.body.data;
|
||||
|
||||
@ -31,13 +29,6 @@ export default async (req, res) => {
|
||||
const newUsername = Strings.createUsername(username);
|
||||
const newEmail = email.toLowerCase();
|
||||
|
||||
const storedAuthToken = req.cookies[COOKIE_NAME];
|
||||
|
||||
// NOTE(amine): additional security check
|
||||
if (authToken !== storedAuthToken) {
|
||||
return res.status(403).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
}
|
||||
|
||||
const twitterUser = await Data.getTwitterToken({ token: authToken });
|
||||
if (!twitterUser) {
|
||||
return res.status(401).send({ decorator: "SERVER_CREATE_USER_FAILED", error: true });
|
||||
|
Loading…
Reference in New Issue
Block a user