AeThex-Corporation/aethex-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

completionId: cgen-ca6e6eb9170e49f8a845e5646fe01e57

Browse source 
cgen-ca6e6eb9170e49f8a845e5646fe01e57
This commit is contained in:
Builder.io 2025-11-10 02:46:00 +00:00
parent c66987bdf5
commit e37457e6a1
1 changed files with 39 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

96
api/discord/oauth/callback.ts
View file

@ -49,73 +49,55 @@ export default async function handler(req: any, res: any) {
} }
} }
// For linking flow, extract user ID from auth cookies // For linking flow, extract user ID from temporary session stored in database
let authenticatedUserId: string | null = null; let authenticatedUserId: string | null = null;
if (isLinkingFlow) { if (isLinkingFlow) {
try { try {
const cookie = req.headers.cookie || ""; const stateData = JSON.parse(decodeURIComponent(state));
console.log("[Discord OAuth] Cookie header present:", !!cookie); const sessionToken = stateData.sessionToken;
// Try to find the access token cookie if (!sessionToken) {
const accessTokenMatch = cookie.match(/sb-access-token=([^;,\s]+)/); console.error(
if (accessTokenMatch) { "[Discord OAuth] No session token found in linking flow state",
const accessToken = accessTokenMatch[1];
console.log("[Discord OAuth] Found access token in cookies");
// Decode JWT to get user ID
const tokenParts = accessToken.split(".");
if (tokenParts.length === 3) {
try {
const payload = JSON.parse(
Buffer.from(tokenParts[1], "base64").toString(),
);
authenticatedUserId = payload.sub;
console.log(
"[Discord OAuth] Successfully extracted user ID from token:",
authenticatedUserId,
);
} catch (decodeError) {
console.error(
"[Discord OAuth] Failed to decode JWT payload:",
decodeError,
);
}
} else {
console.error(
"[Discord OAuth] Token does not have 3 parts:",
tokenParts.length,
);
}
} else {
console.warn(
"[Discord OAuth] No sb-access-token cookie found in request",
); );
console.log( return res.redirect(
"[Discord OAuth] Available cookies:", "/login?error=session_lost&message=Session%20expired.%20Please%20try%20linking%20Discord%20again.",
cookie.substring(0, 200),
); );
} }
} catch (e) {
console.error(
"[Discord OAuth] Error extracting user ID from cookies:",
e,
);
}
if (!authenticatedUserId) { // Query database for the temporary linking session
console.error( const { data: session, error: sessionError } = await adminSupabase
"[Discord OAuth] Linking flow but no authenticated user found - session cookies not present in request", .from("discord_linking_sessions")
.select("user_id")
.eq("session_token", sessionToken)
.gt("expires_at", new Date().toISOString())
.single();
if (sessionError || !session) {
console.error(
"[Discord OAuth] Linking session not found or expired",
sessionError,
);
return res.redirect(
"/login?error=session_lost&message=Session%20expired.%20Please%20try%20linking%20Discord%20again.",
);
}
authenticatedUserId = session.user_id;
console.log(
"[Discord OAuth] Linking session found, user_id:",
authenticatedUserId,
); );
console.error(
"[Discord OAuth] DIAGNOSTIC: Ensure Discord Dev Portal OAuth2 Redirects includes:", // Clean up: delete the temporary session
"https://aethex.dev/api/discord/oauth/callback", await adminSupabase
); .from("discord_linking_sessions")
console.error( .delete()
"[Discord OAuth] If using custom domain, update the redirect URI accordingly", .eq("session_token", sessionToken);
); } catch (e) {
// Redirect to login with a helpful message console.error("[Discord OAuth] Error parsing/using session token:", e);
return res.redirect( return res.redirect(
`/login?error=session_lost&message=${encodeURIComponent("Your session was lost. Please sign in again and try linking Discord.")}`, "/login?error=session_lost&message=Session%20error.%20Please%20try%20again.",
); );
} }
} }