63 lines
1.8 KiB
TypeScript
63 lines
1.8 KiB
TypeScript
import type { MiddlewareHandler } from 'hono'
|
|
import { setCookie, getCookie } from 'hono/cookie'
|
|
import { env } from 'hono/adapter'
|
|
import { HTTPException } from 'hono/http-exception'
|
|
|
|
import { getRandomState } from '../../utils/getRandomState'
|
|
import { AuthFlow } from './authFlow'
|
|
import type { Fields, Permissions } from './types'
|
|
|
|
export function facebookAuth(options: {
|
|
scope: Permissions[]
|
|
fields: Fields[]
|
|
client_id?: string
|
|
client_secret?: string
|
|
}): MiddlewareHandler {
|
|
return async (c, next) => {
|
|
const newState = getRandomState()
|
|
// Create new Auth instance
|
|
const auth = new AuthFlow({
|
|
client_id: options.client_id || (env(c).FACEBOOK_ID as string),
|
|
client_secret: options.client_secret || (env(c).FACEBOOK_SECRET as string),
|
|
redirect_uri: c.req.url.split('?')[0],
|
|
scope: options.scope,
|
|
fields: options.fields,
|
|
state: newState,
|
|
code: c.req.query('code'),
|
|
token: {
|
|
token: c.req.query('access_token') as string,
|
|
expires_in: Number(c.req.query('expires_in')),
|
|
},
|
|
})
|
|
|
|
// Avoid CSRF attack by checking state
|
|
if (c.req.url.includes('?')) {
|
|
const storedState = getCookie(c, 'state')
|
|
if (c.req.query('state') !== storedState) {
|
|
throw new HTTPException(401)
|
|
}
|
|
}
|
|
|
|
// Redirect to login dialog
|
|
if (!auth.code) {
|
|
setCookie(c, 'state', newState, {
|
|
maxAge: 60 * 10,
|
|
httpOnly: true,
|
|
path: '/',
|
|
// secure: true,
|
|
})
|
|
return c.redirect(auth.redirect())
|
|
}
|
|
|
|
// Retrieve user data from facebook
|
|
await auth.getUserData()
|
|
|
|
// Set return info
|
|
c.set('token', auth.token)
|
|
c.set('user-facebook', auth.user)
|
|
c.set('granted-scopes', c.req.query('granted_scopes')?.split(','))
|
|
|
|
await next()
|
|
}
|
|
}
|