granblue.team/hensei-web
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
hensei-web/src/routes/auth/refresh/+server.ts

73 lines
1.6 KiB
TypeScript
Raw Blame History

import type { RequestHandler } from '@sveltejs/kit'
import { json } from '@sveltejs/kit'
import { PUBLIC_SIERO_OAUTH_URL } from '$env/static/public'
import {
getRefreshFromCookies,
setAccountCookie,
setRefreshCookie,
clearAuthCookies
} from '$lib/auth/cookies'
type OAuthRefreshResponse = {
access_token: string
token_type: 'Bearer'
expires_in: number
refresh_token: string
created_at: number
user: {
id: string
username: string
role: number
}
}
export const POST: RequestHandler = async ({ cookies, fetch, url }) => {
const refresh = getRefreshFromCookies(cookies)
if (!refresh) {
return json({ error: 'no_refresh_token' }, { status: 401 })
}
const res = await fetch(`${PUBLIC_SIERO_OAUTH_URL}/token`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
refresh_token: refresh,
grant_type: 'refresh_token'
})
})
if (res.status === 401) {
clearAuthCookies(cookies)
return json({ error: 'refresh_unauthorized' }, { status: 401 })
}
if (!res.ok) {
return json({ error: 'refresh_failed' }, { status: 502 })
}
const data = (await res.json()) as OAuthRefreshResponse
const secure = url.protocol === 'https:'
const accessTokenExpiresAt = new Date((data.created_at + data.expires_in) * 1000)
setAccountCookie(
cookies,
{
userId: data.user.id,
username: data.user.username,
token: data.access_token,
role: data.user.role
},
{
secure,
expires: accessTokenExpiresAt
}
)
setRefreshCookie(cookies, data.refresh_token, { secure })
return json({
success: true,
username: data.user.username,
expires_at: accessTokenExpiresAt.toISOString()
})
}
Reference in a new issue View git blame Copy permalink