Merge pull request #45 from Sheldenburg/bug/fix-set-cookies

Sheldenburg · web-flow · commit 5f57cc2d3c8c · 2024-10-27T10:44:38.000+11:00
change the github auth code
diff --git a/backend/src/app/api/routes/login.py b/backend/src/app/api/routes/login.py
@@ -11,7 +11,14 @@
 from app.core import security
 from app.core.config import settings
 from app.core.security import get_password_hash
-from app.models import Message, NewPassword, Token, UserCreateOauth, UserPublic
+from app.models import (
+    Message,
+    NewPassword,
+    OauthRequest,
+    Token,
+    UserCreateOauth,
+    UserPublic,
+)
 from app.utils import (
     generate_password_reset_token,
     generate_reset_password_email,
@@ -215,17 +222,18 @@ def google_oauth(session: SessionDep, code: str, response: Response):
 
 
 # Handle Github OAuth callback
-@router.get("/auth/github")
-def github_oauth(session: SessionDep, code: str, response: Response):
+@router.post("/auth/github")
+def github_oauth(session: SessionDep, body: OauthRequest) -> Token:
     token_url = "https://github.com/login/oauth/access_token"
     token_data = {
-        "code": code,
+        "code": body.code,
         "client_id": settings.GH_CLIENT_ID,
         "client_secret": settings.GH_CLIENT_SECRET,
     }
     headers = {"Accept": "application/json"}
 
     token_r = requests.post(token_url, data=token_data, headers=headers)
+    print(token_r.json())
     token_json = token_r.json()
     if "error" in token_json:
         raise HTTPException(
@@ -245,20 +253,13 @@ def github_oauth(session: SessionDep, code: str, response: Response):
 
     # Check if the user already exists
     user = crud.get_user_by_email(session=session, email=user_emails[0]["email"])
-    access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
     if user:
-        response = RedirectResponse(settings.OAUTH_REDIRECT_URI)
-        response.set_cookie(
-            key="access_token",
-            value=security.create_access_token(
+        access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+        return Token(
+            access_token=security.create_access_token(
                 user.id, expires_delta=access_token_expires
-            ),
-            # httponly=True,
-            secure=True,
-            samesite="none",
-            domain=".vercel.app",
+            )
         )
-        return response
 
     # Check if the app is open for new user registration
     if not settings.USERS_OPEN_REGISTRATION:
@@ -277,14 +278,9 @@ def github_oauth(session: SessionDep, code: str, response: Response):
         }
     )
     user = crud.create_user_oauth(session=session, user_create=user_create)
-
-    response = RedirectResponse(settings.OAUTH_REDIRECT_URI)
-    response.set_cookie(
-        key="access_token",
-        value=security.create_access_token(user.id, expires_delta=access_token_expires),
-        # httponly=True,
-        secure=True,
-        samesite="none",
-        domain=".vercel.app",
+    access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+    return Token(
+        access_token=security.create_access_token(
+            user.id, expires_delta=access_token_expires
+        )
     )
-    return response
diff --git a/backend/src/app/models.py b/backend/src/app/models.py
@@ -193,3 +193,7 @@ class ChatPublic(SQLModel):
     created_at: datetime
     updated_at: datetime
     owner_id: int
+
+
+class OauthRequest(SQLModel):
+    code: str
diff --git a/frontend/app/callback/github/actions.tsx b/frontend/app/callback/github/actions.tsx
@@ -0,0 +1,24 @@
+"use server";
+import initiateClient from "@/lib/api";
+import { revalidatePath } from "next/cache";
+import { redirect } from "next/navigation";
+import { cookies } from "next/headers";
+
+export async function getAccessTokenGithubAuth(code: string) {
+  const client = initiateClient();
+  const { data, error } = await client.POST("/api/v1/auth/github", {
+    body: {
+      code: code,
+    } as { code: string },
+    cache: "no-store",
+  });
+  if (error) {
+    console.log(error);
+    // redirect("/login");
+  }
+  if (data) {
+    cookies().set("access_token", data.access_token);
+    // revalidatePath("/", "layout");
+    redirect("/dashboard");
+  }
+}
diff --git a/frontend/app/callback/github/page.tsx b/frontend/app/callback/github/page.tsx
@@ -0,0 +1,31 @@
+"use client";
+
+// callback function to handle OAuth2 authorization code flow, authenticators will redirect to this page
+// after the user has authenticated on their platoform (e.g., Google, GitHub, etc.)
+
+import { useEffect, useState } from "react";
+import { getAccessTokenGithubAuth } from "./actions";
+
+const BACKEND_URL = process.env.NEXT_PUBLIC_API_BASE_URL;
+
+export default function Callback() {
+  const [hasFetched, setHasFetched] = useState(false);
+  useEffect(() => {
+    if (!hasFetched) {
+      const queryParams = new URLSearchParams(window.location.search);
+      const code = queryParams.get("code");
+      if (code) {
+        const getAccessTokenGithubAuthwithCode = getAccessTokenGithubAuth.bind(
+          null,
+          code as string
+        );
+        getAccessTokenGithubAuthwithCode();
+        setHasFetched(true);
+      } else {
+        console.error("Authorization code is missing");
+      }
+    }
+  }, [hasFetched]);
+
+  return <div>Processing login...</div>;
+}
diff --git a/frontend/lib/api/openapi.json b/frontend/lib/api/openapi.json
diff --git a/frontend/lib/api/v1.d.ts b/frontend/lib/api/v1.d.ts
@@ -49,8 +49,12 @@ export interface paths {
     get: operations["login_google_api_v1_login_google_get"];
   };
   "/api/v1/auth/google": {
-    /** Auth */
-    get: operations["auth_api_v1_auth_google_get"];
+    /** Google Oauth */
+    get: operations["google_oauth_api_v1_auth_google_get"];
+  };
+  "/api/v1/auth/github": {
+    /** Github Oauth */
+    post: operations["github_oauth_api_v1_auth_github_post"];
   };
   "/api/v1/users/": {
     /**
@@ -337,6 +341,11 @@ export interface components {
       /** New Password */
       new_password: string;
     };
+    /** OauthRequest */
+    OauthRequest: {
+      /** Code */
+      code: string;
+    };
     /** Token */
     Token: {
       /** Access Token */
@@ -595,8 +604,8 @@ export interface operations {
       };
     };
   };
-  /** Auth */
-  auth_api_v1_auth_google_get: {
+  /** Google Oauth */
+  google_oauth_api_v1_auth_google_get: {
     parameters: {
       query: {
         code: string;
@@ -617,6 +626,28 @@ export interface operations {
       };
     };
   };
+  /** Github Oauth */
+  github_oauth_api_v1_auth_github_post: {
+    requestBody: {
+      content: {
+        "application/json": components["schemas"]["OauthRequest"];
+      };
+    };
+    responses: {
+      /** @description Successful Response */
+      200: {
+        content: {
+          "application/json": components["schemas"]["Token"];
+        };
+      };
+      /** @description Validation Error */
+      422: {
+        content: {
+          "application/json": components["schemas"]["HTTPValidationError"];
+        };
+      };
+    };
+  };
   /**
    * Read Users
    * @description Retrieve users.
