Compare commits

..

No commits in common. "2cef7523d23055d03d6977bb055f3afda8d0b0e9" and "ff22530f0a20f6768db1b60c16aa001b8cec0420" have entirely different histories.

18 changed files with 101 additions and 330 deletions

View file

@ -1,3 +1,4 @@
using System.Diagnostics.CodeAnalysis;
using Serilog.Events; using Serilog.Events;
namespace Foxnouns.Backend; namespace Foxnouns.Backend;

View file

@ -45,7 +45,7 @@ public class AuthController(Config config, KeyCacheService keyCache, ILogger log
); );
public record CallbackResponse( public record CallbackResponse(
bool HasAccount, bool HasAccount, // If true, user has an account, but it's deleted
[property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)]
string? Ticket, string? Ticket,
[property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)]

View file

@ -3,7 +3,6 @@ using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions; using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Services; using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils; using Foxnouns.Backend.Utils;
using JetBrains.Annotations;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using NodaTime; using NodaTime;
@ -12,7 +11,7 @@ namespace Foxnouns.Backend.Controllers.Authentication;
[Route("/api/v2/auth/discord")] [Route("/api/v2/auth/discord")]
public class DiscordAuthController( public class DiscordAuthController(
[UsedImplicitly] Config config, Config config,
ILogger logger, ILogger logger,
IClock clock, IClock clock,
DatabaseContext db, DatabaseContext db,
@ -27,15 +26,14 @@ public class DiscordAuthController(
// TODO: duplicating attribute doesn't work, find another way to mark both as possible response // TODO: duplicating attribute doesn't work, find another way to mark both as possible response
// leaving it here for documentation purposes // leaving it here for documentation purposes
[ProducesResponseType<AuthController.CallbackResponse>(StatusCodes.Status200OK)] [ProducesResponseType<AuthController.CallbackResponse>(StatusCodes.Status200OK)]
public async Task<IActionResult> CallbackAsync([FromBody] AuthController.CallbackRequest req, public async Task<IActionResult> CallbackAsync([FromBody] AuthController.CallbackRequest req, CancellationToken ct = default)
CancellationToken ct = default)
{ {
CheckRequirements(); CheckRequirements();
await keyCacheService.ValidateAuthStateAsync(req.State, ct); await keyCacheService.ValidateAuthStateAsync(req.State, ct);
var remoteUser = await remoteAuthService.RequestDiscordTokenAsync(req.Code, req.State, ct); var remoteUser = await remoteAuthService.RequestDiscordTokenAsync(req.Code, req.State, ct);
var user = await authService.AuthenticateUserAsync(AuthType.Discord, remoteUser.Id, ct: ct); var user = await authService.AuthenticateUserAsync(AuthType.Discord, remoteUser.Id, ct: ct);
if (user != null) return Ok(await GenerateUserTokenAsync(user, ct)); if (user != null) return Ok(await GenerateUserTokenAsync(user,ct));
_logger.Debug("Discord user {Username} ({Id}) authenticated with no local account", remoteUser.Username, _logger.Debug("Discord user {Username} ({Id}) authenticated with no local account", remoteUser.Username,
remoteUser.Id); remoteUser.Id);
@ -55,25 +53,24 @@ public class DiscordAuthController(
[HttpPost("register")] [HttpPost("register")]
[ProducesResponseType<AuthController.AuthResponse>(StatusCodes.Status200OK)] [ProducesResponseType<AuthController.AuthResponse>(StatusCodes.Status200OK)]
public async Task<IActionResult> RegisterAsync([FromBody] AuthController.OauthRegisterRequest req) public async Task<IActionResult> RegisterAsync([FromBody] AuthController.OauthRegisterRequest req, CancellationToken ct = default)
{ {
var remoteUser = await keyCacheService.GetKeyAsync<RemoteAuthService.RemoteUser>($"discord:{req.Ticket}"); var remoteUser = await keyCacheService.GetKeyAsync<RemoteAuthService.RemoteUser>($"discord:{req.Ticket}",ct:ct);
if (remoteUser == null) throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket); if (remoteUser == null) throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket);
if (await db.AuthMethods.AnyAsync(a => a.AuthType == AuthType.Discord && a.RemoteId == remoteUser.Id)) if (await db.AuthMethods.AnyAsync(a => a.AuthType == AuthType.Discord && a.RemoteId == remoteUser.Id, ct))
{ {
_logger.Error("Discord user {Id} has valid ticket but is already linked to an existing account", _logger.Error("Discord user {Id} has valid ticket but is already linked to an existing account",
remoteUser.Id); remoteUser.Id);
throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket); throw new FoxnounsError("Discord ticket was issued for user with existing link");
} }
var user = await authService.CreateUserWithRemoteAuthAsync(req.Username, AuthType.Discord, remoteUser.Id, var user = await authService.CreateUserWithRemoteAuthAsync(req.Username, AuthType.Discord, remoteUser.Id,
remoteUser.Username); remoteUser.Username, ct: ct);
return Ok(await GenerateUserTokenAsync(user)); return Ok(await GenerateUserTokenAsync(user, ct));
} }
private async Task<AuthController.CallbackResponse> GenerateUserTokenAsync(User user, private async Task<AuthController.CallbackResponse> GenerateUserTokenAsync(User user, CancellationToken ct = default)
CancellationToken ct = default)
{ {
var frontendApp = await db.GetFrontendApplicationAsync(ct); var frontendApp = await db.GetFrontendApplicationAsync(ct);
_logger.Debug("Logging user {Id} in with Discord", user.Id); _logger.Debug("Logging user {Id} in with Discord", user.Id);

View file

@ -3,7 +3,6 @@ using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions; using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Services; using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils; using Foxnouns.Backend.Utils;
using JetBrains.Annotations;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using NodaTime; using NodaTime;
@ -12,8 +11,8 @@ namespace Foxnouns.Backend.Controllers.Authentication;
[Route("/api/v2/auth/email")] [Route("/api/v2/auth/email")]
public class EmailAuthController( public class EmailAuthController(
[UsedImplicitly] Config config,
DatabaseContext db, DatabaseContext db,
Config config,
AuthService authService, AuthService authService,
MailService mailService, MailService mailService,
KeyCacheService keyCacheService, KeyCacheService keyCacheService,

View file

@ -17,7 +17,7 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
private static string GetCleanedTemplate(string template) private static string GetCleanedTemplate(string template)
{ {
if (template.StartsWith("api/v2")) template = template["api/v2".Length..]; if (template.StartsWith("api/v2")) template = template.Substring("api/v2".Length);
template = PathVarRegex() template = PathVarRegex()
.Replace(template, "{id}") // Replace all path variables (almost always IDs) with `{id}` .Replace(template, "{id}") // Replace all path variables (almost always IDs) with `{id}`
.Replace("@me", "{id}"); // Also replace hardcoded `@me` with `{id}` .Replace("@me", "{id}"); // Also replace hardcoded `@me` with `{id}`
@ -50,7 +50,7 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
Snowflake? UserId, Snowflake? UserId,
string Template); string Template);
private static RouteEndpoint? GetEndpoint(HttpContext httpContext, string url, string requestMethod) private static Endpoint? GetEndpoint(HttpContext httpContext, string url, string requestMethod)
{ {
var endpointDataSource = httpContext.RequestServices.GetService<EndpointDataSource>(); var endpointDataSource = httpContext.RequestServices.GetService<EndpointDataSource>();
if (endpointDataSource == null) return null; if (endpointDataSource == null) return null;
@ -60,7 +60,7 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
{ {
if (endpoint.RoutePattern.RawText == null) continue; if (endpoint.RoutePattern.RawText == null) continue;
var templateMatcher = new TemplateMatcher(TemplateParser.Parse(endpoint.RoutePattern.RawText), new RouteValueDictionary()); var templateMatcher = new TemplateMatcher(TemplateParser.Parse(endpoint.RoutePattern.RawText), new());
if (!templateMatcher.TryMatch(url, new())) continue; if (!templateMatcher.TryMatch(url, new())) continue;
var httpMethodAttribute = endpoint.Metadata.GetMetadata<HttpMethodAttribute>(); var httpMethodAttribute = endpoint.Metadata.GetMetadata<HttpMethodAttribute>();
if (httpMethodAttribute != null && if (httpMethodAttribute != null &&

View file

@ -88,17 +88,19 @@ public class MembersController(
[HttpDelete("/api/v2/users/@me/members/{memberRef}")] [HttpDelete("/api/v2/users/@me/members/{memberRef}")]
[Authorize("member.update")] [Authorize("member.update")]
public async Task<IActionResult> DeleteMemberAsync(string memberRef) public async Task<IActionResult> DeleteMemberAsync(string memberRef, CancellationToken ct = default)
{ {
var member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef); var member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef, ct);
var deleteCount = await db.Members.Where(m => m.UserId == CurrentUser!.Id && m.Id == member.Id) var deleteCount = await db.Members.Where(m => m.UserId == CurrentUser!.Id && m.Id == member.Id)
.ExecuteDeleteAsync(); .ExecuteDeleteAsync(ct);
if (deleteCount == 0) if (deleteCount == 0)
{ {
_logger.Warning("Successfully resolved member {Id} but could not delete them", member.Id); _logger.Warning("Successfully resolved member {Id} but could not delete them", member.Id);
return NoContent(); return NoContent();
} }
await db.SaveChangesAsync(ct);
if (member.Avatar != null) await objectStorageService.DeleteMemberAvatarAsync(member.Id, member.Avatar); if (member.Avatar != null) await objectStorageService.DeleteMemberAvatarAsync(member.Id, member.Avatar);
return NoContent(); return NoContent();
} }

View file

@ -1,6 +1,7 @@
using System.Security.Cryptography; using System.Security.Cryptography;
using Foxnouns.Backend.Database.Models; using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Utils; using Foxnouns.Backend.Utils;
using Microsoft.AspNetCore.Mvc.Formatters;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using NodaTime; using NodaTime;
@ -94,7 +95,7 @@ public static class DatabaseQueryExtensions
{ {
Id = new Snowflake(0), Id = new Snowflake(0),
ClientId = RandomNumberGenerator.GetHexString(32, true), ClientId = RandomNumberGenerator.GetHexString(32, true),
ClientSecret = AuthUtils.RandomToken(), ClientSecret = AuthUtils.RandomToken(48),
Name = "pronouns.cc", Name = "pronouns.cc",
Scopes = ["*"], Scopes = ["*"],
RedirectUris = [], RedirectUris = [],

View file

@ -9,7 +9,7 @@ public class Application : BaseModel
public required string ClientSecret { get; init; } public required string ClientSecret { get; init; }
public required string Name { get; init; } public required string Name { get; init; }
public required string[] Scopes { get; init; } public required string[] Scopes { get; init; }
public required string[] RedirectUris { get; init; } public required string[] RedirectUris { get; set; }
public static Application Create(ISnowflakeGenerator snowflakeGenerator, string name, string[] scopes, public static Application Create(ISnowflakeGenerator snowflakeGenerator, string name, string[] scopes,
string[] redirectUrls) string[] redirectUrls)

View file

@ -1,4 +1,6 @@
using System.Collections.ObjectModel;
using System.Net; using System.Net;
using Foxnouns.Backend.Middleware;
using Microsoft.AspNetCore.Mvc.ModelBinding; using Microsoft.AspNetCore.Mvc.ModelBinding;
using Newtonsoft.Json; using Newtonsoft.Json;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
@ -49,7 +51,7 @@ public class ApiError(string message, HttpStatusCode? statusCode = null, ErrorCo
{ {
{ "status", (int)HttpStatusCode.BadRequest }, { "status", (int)HttpStatusCode.BadRequest },
{ "message", Message }, { "message", Message },
{ "code", "BAD_REQUEST" } { "code", ErrorCode.BadRequest.ToString() }
}; };
if (errors == null) return o; if (errors == null) return o;
@ -82,7 +84,7 @@ public class ApiError(string message, HttpStatusCode? statusCode = null, ErrorCo
{ {
{ "status", (int)HttpStatusCode.BadRequest }, { "status", (int)HttpStatusCode.BadRequest },
{ "message", Message }, { "message", Message },
{ "code", "BAD_REQUEST" } { "code", ErrorCode.BadRequest.ToString() }
}; };
if (modelState == null) return o; if (modelState == null) return o;

View file

@ -10,7 +10,6 @@
<PackageReference Include="Coravel.Mailer" Version="5.0.1" /> <PackageReference Include="Coravel.Mailer" Version="5.0.1" />
<PackageReference Include="EFCore.NamingConventions" Version="8.0.3" /> <PackageReference Include="EFCore.NamingConventions" Version="8.0.3" />
<PackageReference Include="EntityFrameworkCore.Exceptions.PostgreSQL" Version="8.1.2" /> <PackageReference Include="EntityFrameworkCore.Exceptions.PostgreSQL" Version="8.1.2" />
<PackageReference Include="JetBrains.Annotations" Version="2024.2.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.7" /> <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.7" />
<PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.7" /> <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.7" />
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="8.0.7" /> <PackageReference Include="Microsoft.EntityFrameworkCore" Version="8.0.7" />

View file

@ -1,6 +1,7 @@
using System.Net; using System.Net;
using Foxnouns.Backend.Utils; using Foxnouns.Backend.Utils;
using Newtonsoft.Json; using Newtonsoft.Json;
using Newtonsoft.Json.Converters;
namespace Foxnouns.Backend.Middleware; namespace Foxnouns.Backend.Middleware;

View file

@ -74,7 +74,6 @@ public class AuthService(IClock clock, DatabaseContext db, ISnowflakeGenerator s
/// </summary> /// </summary>
/// <param name="email">The user's email address</param> /// <param name="email">The user's email address</param>
/// <param name="password">The user's password, in plain text</param> /// <param name="password">The user's password, in plain text</param>
/// <param name="ct">Cancellation token</param>
/// <returns>A tuple of the authenticated user and whether multi-factor authentication is required</returns> /// <returns>A tuple of the authenticated user and whether multi-factor authentication is required</returns>
/// <exception cref="ApiError.NotFound">Thrown if the email address is not associated with any user /// <exception cref="ApiError.NotFound">Thrown if the email address is not associated with any user
/// or if the password is incorrect</exception> /// or if the password is incorrect</exception>

View file

@ -1,5 +1,6 @@
using Foxnouns.Backend.Database; using Foxnouns.Backend.Database;
using Foxnouns.Backend.Database.Models; using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Utils;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Newtonsoft.Json; using Newtonsoft.Json;
using NodaTime; using NodaTime;

View file

@ -1,5 +1,5 @@
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using JetBrains.Annotations; using System.Web;
namespace Foxnouns.Backend.Services; namespace Foxnouns.Backend.Services;
@ -27,8 +27,7 @@ public class RemoteAuthService(Config config, ILogger logger)
if (!resp.IsSuccessStatusCode) if (!resp.IsSuccessStatusCode)
{ {
var respBody = await resp.Content.ReadAsStringAsync(ct); var respBody = await resp.Content.ReadAsStringAsync(ct);
_logger.Error("Received error status {StatusCode} when exchanging OAuth token: {ErrorBody}", _logger.Error("Received error status {StatusCode} when exchanging OAuth token: {ErrorBody}", (int)resp.StatusCode, respBody);
(int)resp.StatusCode, respBody);
throw new FoxnounsError("Invalid Discord OAuth response"); throw new FoxnounsError("Invalid Discord OAuth response");
} }
@ -47,14 +46,10 @@ public class RemoteAuthService(Config config, ILogger logger)
return new RemoteUser(user.id, user.username); return new RemoteUser(user.id, user.username);
} }
[SuppressMessage("ReSharper", "InconsistentNaming", [SuppressMessage("ReSharper", "InconsistentNaming")]
Justification = "Easier to use snake_case here, rather than passing in JSON converter options")]
[UsedImplicitly]
private record DiscordTokenResponse(string access_token, string token_type); private record DiscordTokenResponse(string access_token, string token_type);
[SuppressMessage("ReSharper", "InconsistentNaming", [SuppressMessage("ReSharper", "InconsistentNaming")]
Justification = "Easier to use snake_case here, rather than passing in JSON converter options")]
[UsedImplicitly]
private record DiscordUserResponse(string id, string username); private record DiscordUserResponse(string id, string username);
public record RemoteUser(string Id, string Username); public record RemoteUser(string Id, string Username);

View file

@ -1,13 +1,7 @@
import { TFunction } from "i18next"; import { TFunction } from "i18next";
import Alert from "react-bootstrap/Alert"; import Alert from "react-bootstrap/Alert";
import { Trans, useTranslation } from "react-i18next"; import { useTranslation } from "react-i18next";
import { import { ApiError, ErrorCode } from "~/lib/api/error";
ApiError,
ErrorCode,
ValidationError,
validationErrorType,
ValidationErrorType,
} from "~/lib/api/error";
export default function ErrorAlert({ error }: { error: ApiError }) { export default function ErrorAlert({ error }: { error: ApiError }) {
const { t } = useTranslation(); const { t } = useTranslation();
@ -16,112 +10,10 @@ export default function ErrorAlert({ error }: { error: ApiError }) {
<Alert variant="danger"> <Alert variant="danger">
<Alert.Heading as="h4">{t("error.heading")}</Alert.Heading> <Alert.Heading as="h4">{t("error.heading")}</Alert.Heading>
{errorCodeDesc(t, error.code)} {errorCodeDesc(t, error.code)}
{error.errors && (
<ul>
{error.errors.map((e, i) => (
<ValidationErrors key={i} errorKey={e.key} errors={e.errors} />
))}
</ul>
)}
</Alert> </Alert>
); );
} }
function ValidationErrors({ errorKey, errors }: { errorKey: string; errors: ValidationError[] }) {
return (
<li>
<strong>
<code>{errorKey}</code>
</strong>
:
<ul>
{errors.map((e, i) => (
<li key={i}>
<ValidationErrorEntry error={e} />
</li>
))}
</ul>
</li>
);
}
function ValidationErrorEntry({ error }: { error: ValidationError }) {
const { t } = useTranslation();
const {
min_length: minLength,
max_length: maxLength,
actual_length: actualLength,
message: reason,
actual_value: actualValue,
allowed_values: allowedValues,
} = error;
switch (validationErrorType(error)) {
case ValidationErrorType.LengthError:
if (error.actual_length! > error.max_length!) {
return (
<Trans
t={t}
i18nKey={"error.validation.too-long"}
values={{ maxLength: error.max_length!, actualLength: error.actual_length! }}
>
Value is too long, maximum length is {{ maxLength }}, current length is{" "}
{{ actualLength }}.
</Trans>
);
}
if (error.actual_length! < error.min_length!) {
return (
<Trans
t={t}
i18nKey={"error.validation.too-short"}
values={{ minLength: error.min_length!, actualLength: error.actual_length! }}
>
Value is too short, minimum length is {{ minLength }}, current length is{" "}
{{ actualLength }}.
</Trans>
);
}
break;
case ValidationErrorType.DisallowedValueError:
return (
<Trans
t={t}
i18nKey={"error.validation.disallowed-value"}
values={{
actualValue: error.actual_value!.toString(),
allowedValues: error.allowed_values!.map((v) => v.toString()).join(", "),
}}
>
{/* @ts-expect-error i18next handles interpolation */}
The value <code>{{ actualValue }}</code> is not allowed here. Allowed values are:{" "}
{/* @ts-expect-error i18next handles interpolation */}
<code>{{ allowedValues }}</code>
</Trans>
);
default:
if (error.actual_value) {
return (
<Trans
t={t}
i18nKey={"error.validation.generic"}
values={{ actualValue: error.actual_value!.toString(), reason: error.message }}
>
{/* @ts-expect-error i18next handles interpolation */}
The value <code>{{ actualValue }}</code> is not allowed here. Reason: {{ reason }}
</Trans>
);
}
return <>{t("error.validation.generic-no-value", { reason: error.message })}</>;
}
}
export const errorCodeDesc = (t: TFunction, code: ErrorCode) => { export const errorCodeDesc = (t: TFunction, code: ErrorCode) => {
switch (code) { switch (code) {
case ErrorCode.AuthenticationError: case ErrorCode.AuthenticationError:

View file

@ -3,7 +3,7 @@ export type ApiError = {
status: number; status: number;
message: string; message: string;
code: ErrorCode; code: ErrorCode;
errors?: Array<{ key: string; errors: ValidationError[] }>; errors?: ValidationError[];
}; };
export enum ErrorCode { export enum ErrorCode {
@ -26,31 +26,3 @@ export type ValidationError = {
allowed_values?: any[]; allowed_values?: any[];
actual_value?: any; actual_value?: any;
}; };
/**
* Returns the first error for the value `key` in `error`.
* @param error The error object to traverse.
* @param key The JSON key to find.
*/
export const firstErrorFor = (error: ApiError, key: string): ValidationError | undefined => {
if (!error.errors) return undefined;
const field = error.errors.find((e) => e.key == key);
if (!field?.errors) return undefined;
return field.errors.length != 0 ? field.errors[0] : undefined;
};
export enum ValidationErrorType {
LengthError = 0,
DisallowedValueError = 1,
GenericValidationError = 2,
}
export const validationErrorType = (error: ValidationError) => {
if (error.min_length && error.max_length && error.actual_length) {
return ValidationErrorType.LengthError;
}
if (error.allowed_values && error.actual_value) {
return ValidationErrorType.DisallowedValueError;
}
return ValidationErrorType.GenericValidationError;
};

View file

@ -1,23 +1,11 @@
import { ActionFunctionArgs, json, redirect, LoaderFunctionArgs } from "@remix-run/node"; import { json, LoaderFunctionArgs } from "@remix-run/node";
import { type ApiError, ErrorCode, firstErrorFor } from "~/lib/api/error"; import { type ApiError, ErrorCode } from "~/lib/api/error";
import serverRequest, { writeCookie } from "~/lib/request.server"; import serverRequest, { writeCookie } from "~/lib/request.server";
import { AuthResponse, CallbackResponse } from "~/lib/api/auth"; import { CallbackResponse } from "~/lib/api/auth";
import { import { Form as RemixForm, Link, useLoaderData } from "@remix-run/react";
Form as RemixForm,
Link,
useActionData,
useLoaderData,
ShouldRevalidateFunction,
} from "@remix-run/react";
import { Trans, useTranslation } from "react-i18next"; import { Trans, useTranslation } from "react-i18next";
import Form from "react-bootstrap/Form"; import Form from "react-bootstrap/Form";
import Button from "react-bootstrap/Button"; import Button from "react-bootstrap/Button";
import ErrorAlert from "~/components/ErrorAlert";
import Alert from "react-bootstrap/Alert";
export const shouldRevalidate: ShouldRevalidateFunction = ({ actionResult }) => {
return !actionResult;
};
export const loader = async ({ request }: LoaderFunctionArgs) => { export const loader = async ({ request }: LoaderFunctionArgs) => {
const url = new URL(request.url); const url = new URL(request.url);
@ -29,7 +17,7 @@ export const loader = async ({ request }: LoaderFunctionArgs) => {
throw { status: 400, code: ErrorCode.BadRequest, message: "Missing code or state" } as ApiError; throw { status: 400, code: ErrorCode.BadRequest, message: "Missing code or state" } as ApiError;
const resp = await serverRequest<CallbackResponse>("POST", "/auth/discord/callback", { const resp = await serverRequest<CallbackResponse>("POST", "/auth/discord/callback", {
body: { code, state }, body: { code, state }
}); });
if (resp.has_account) { if (resp.has_account) {
@ -37,9 +25,9 @@ export const loader = async ({ request }: LoaderFunctionArgs) => {
{ hasAccount: true, user: resp.user!, ticket: null, remoteUser: null }, { hasAccount: true, user: resp.user!, ticket: null, remoteUser: null },
{ {
headers: { headers: {
"Set-Cookie": writeCookie("pronounscc-token", resp.token!), "Set-Cookie": writeCookie("pronounscc-token", resp.token!)
}, }
}, }
); );
} }
@ -47,47 +35,15 @@ export const loader = async ({ request }: LoaderFunctionArgs) => {
hasAccount: false, hasAccount: false,
user: null, user: null,
ticket: resp.ticket!, ticket: resp.ticket!,
remoteUser: resp.remote_username!, remoteUser: resp.remote_username!
}); });
}; };
export const action = async ({ request }: ActionFunctionArgs) => { // TODO: action function
const data = await request.formData();
const username = data.get("username") as string | null;
const ticket = data.get("ticket") as string | null;
if (!username || !ticket)
return json({
error: {
status: 403,
code: ErrorCode.BadRequest,
message: "Invalid username or ticket",
} as ApiError,
user: null,
});
try {
const resp = await serverRequest<AuthResponse>("POST", "/auth/discord/register", {
body: { username, ticket },
});
return redirect("/auth/welcome", {
headers: {
"Set-Cookie": writeCookie("pronounscc-token", resp.token),
},
status: 303,
});
} catch (e) {
JSON.stringify(e);
return json({ error: e as ApiError });
}
};
export default function DiscordCallbackPage() { export default function DiscordCallbackPage() {
const { t } = useTranslation(); const { t } = useTranslation();
const data = useLoaderData<typeof loader>(); const data = useLoaderData<typeof loader>();
const actionData = useActionData<typeof action>();
if (data.hasAccount) { if (data.hasAccount) {
const username = data.user!.username; const username = data.user!.username;
@ -96,13 +52,9 @@ export default function DiscordCallbackPage() {
<> <>
<h1>{t("log-in.callback.success")}</h1> <h1>{t("log-in.callback.success")}</h1>
<p> <p>
<Trans <Trans t={t} i18nKey={"log-in.callback.success-link"} values={{ username: data.user!.username }}>
t={t}
i18nKey={"log-in.callback.success-link"}
values={{ username: data.user!.username }}
>
{/* @ts-expect-error react-i18next handles interpolation here */} {/* @ts-expect-error react-i18next handles interpolation here */}
Welcome back, <Link to={`/@${data.user!.username}`}>@{{ username }}</Link>! Welcome back, <Link to={`/@${data.user!.username}`}>@{{username}}</Link>!
</Trans> </Trans>
<br /> <br />
{t("log-in.callback.redirect-hint")} {t("log-in.callback.redirect-hint")}
@ -114,7 +66,6 @@ export default function DiscordCallbackPage() {
return ( return (
<RemixForm method="POST"> <RemixForm method="POST">
<Form as="div"> <Form as="div">
{actionData?.error && <RegisterError error={actionData.error} />}
<Form.Group className="mb-3" controlId="remote-username"> <Form.Group className="mb-3" controlId="remote-username">
<Form.Label>{t("log-in.callback.remote-username.discord")}</Form.Label> <Form.Label>{t("log-in.callback.remote-username.discord")}</Form.Label>
<Form.Control type="text" readOnly={true} value={data.remoteUser!} /> <Form.Control type="text" readOnly={true} value={data.remoteUser!} />
@ -131,34 +82,3 @@ export default function DiscordCallbackPage() {
</RemixForm> </RemixForm>
); );
} }
function RegisterError({ error }: { error: ApiError }) {
const { t } = useTranslation();
// TODO: maybe turn these messages into their own error codes?
const ticketMessage = firstErrorFor(error, "ticket")?.message;
const usernameMessage = firstErrorFor(error, "username")?.message;
if (ticketMessage === "Invalid ticket") {
return (
<Alert variant="danger">
<Alert.Heading as="h4">{t("error.heading")}</Alert.Heading>
<Trans t={t} i18nKey={"log-in.callback.invalid-ticket"}>
Invalid ticket (it might have been too long since you logged in with Discord), please{" "}
<Link to="/auth/log-in">try again</Link>.
</Trans>
</Alert>
);
}
if (usernameMessage === "Username is already taken") {
return (
<Alert variant="danger">
<Alert.Heading as="h4">{t("log-in.callback.invalid-username")}</Alert.Heading>
{t("log-in.callback.username-taken")}
</Alert>
);
}
return <ErrorAlert error={error} />;
}

View file

@ -1,13 +1,6 @@
{ {
"error": { "error": {
"heading": "An error occurred", "heading": "An error occurred",
"validation": {
"too-long": "Value is too long, maximum length is {{maxLength}}, current length is {{actualLength}}.",
"too-short": "Value is too short, minimum length is {{minLength}}, current length is {{actualLength}}.",
"disallowed-value": "The value <1>{{actualValue}}</1> is not allowed here. Allowed values are: <4>{{allowedValues}}</4>",
"generic": "The value <1>{{actualValue}}</1> is not allowed here. Reason: {{reason}}",
"generic-no-value": "The value you entered is not allowed here. Reason: {{reason}}"
},
"errors": { "errors": {
"authentication-error": "There was an error validating your credentials.", "authentication-error": "There was an error validating your credentials.",
"authentication-required": "You need to log in.", "authentication-required": "You need to log in.",
@ -39,10 +32,7 @@
"discord": "Your discord username" "discord": "Your discord username"
}, },
"username": "Username", "username": "Username",
"sign-up-button": "Sign up", "sign-up-button": "Sign up"
"invalid-ticket": "Invalid ticket (it might have been too long since you logged in with Discord), please <2>try again</2>.",
"invalid-username": "Invalid username",
"username-taken": "That username is already taken, please try something else."
}, },
"title": "Log in", "title": "Log in",
"form-title": "Log in with email", "form-title": "Log in with email",