Update Discord OAuth callback to use OAuth Federation
cgen-5a093f40c44247fcae1d7d82d3f9edb9
This commit is contained in:
Builder.io
parent
ac30435fd0
commit
f607d58b4e
1 changed files with 26 additions and 66 deletions
|
|
@ -219,77 +219,37 @@ export default async function handler(req: any, res: any) {
|
||||||
return res.redirect(redirectTo);
|
return res.redirect(redirectTo);
|
||||||
}
|
}
|
||||||
|
|
||||||
// LOGIN FLOW: Don't auto-create accounts
|
// LOGIN FLOW: OAuth Federation
|
||||||
// Check if Discord user already exists
|
// Federate Discord OAuth to Foundation Passport
|
||||||
const { data: existingLink } = await supabase
|
// Users can login via Discord and it automatically links to their Foundation identity
|
||||||
.from("discord_links")
|
|
||||||
.select("user_id")
|
|
||||||
.eq("discord_id", discordUser.id)
|
|
||||||
.single();
|
|
||||||
|
|
||||||
let userId: string;
|
try {
|
||||||
|
const federationResult = await federateOAuthUser("discord", {
|
||||||
|
id: discordUser.id,
|
||||||
|
email: discordUser.email,
|
||||||
|
username: discordUser.username,
|
||||||
|
avatar: discordUser.avatar ? `https://cdn.discordapp.com/avatars/${discordUser.id}/${discordUser.avatar}.webp` : undefined,
|
||||||
|
});
|
||||||
|
|
||||||
if (existingLink) {
|
console.log("[Discord OAuth] Federation result:", {
|
||||||
// Discord ID already linked - use existing user
|
user_id: federationResult.user_id,
|
||||||
userId = existingLink.user_id;
|
is_new_user: federationResult.is_new_user,
|
||||||
console.log("[Discord OAuth] Discord ID already linked to user:", userId);
|
provider_linked: federationResult.provider_linked,
|
||||||
} else {
|
});
|
||||||
// Discord not linked yet. Check if email matches existing account.
|
|
||||||
|
|
||||||
// Check if email exists in user_profiles
|
// Send notification if this is a new user
|
||||||
const { data: existingUserProfile } = await supabase
|
if (federationResult.is_new_user) {
|
||||||
.from("user_profiles")
|
await notifyAccountLinked(federationResult.user_id, "Discord");
|
||||||
.select("id")
|
|
||||||
.eq("email", discordUser.email)
|
|
||||||
.single();
|
|
||||||
|
|
||||||
if (existingUserProfile) {
|
|
||||||
// Discord email matches existing user profile - link it
|
|
||||||
userId = existingUserProfile.id;
|
|
||||||
console.log(
|
|
||||||
"[Discord OAuth] Discord email matches existing user profile, linking Discord",
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
// Discord email doesn't match any existing account
|
|
||||||
// Don't auto-create - ask user to sign in with email first
|
|
||||||
console.log(
|
|
||||||
"[Discord OAuth] Discord email not found in existing accounts, redirecting to sign in",
|
|
||||||
{
|
|
||||||
discord_email: discordUser.email,
|
|
||||||
},
|
|
||||||
);
|
|
||||||
return res.redirect(
|
|
||||||
`/login?error=discord_no_match&message=${encodeURIComponent("Discord email (${discordUser.email}) not found. Please sign in with your email account first, then link Discord from settings.")}`,
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Redirect to dashboard after successful federation
|
||||||
|
return res.redirect("/dashboard");
|
||||||
|
} catch (federationError) {
|
||||||
|
console.error("[Discord OAuth] Federation error:", federationError);
|
||||||
|
return res.redirect(
|
||||||
|
`/login?error=federation_failed&message=${encodeURIComponent("Failed to link Discord account. Please try again.")}`,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// At this point, userId is guaranteed to exist in user_profiles
|
|
||||||
// Create Discord link
|
|
||||||
const { error: linkError } = await supabase.from("discord_links").upsert({
|
|
||||||
discord_id: discordUser.id,
|
|
||||||
user_id: userId,
|
|
||||||
linked_at: new Date().toISOString(),
|
|
||||||
});
|
|
||||||
|
|
||||||
if (linkError) {
|
|
||||||
console.error("[Discord OAuth] Link creation failed:", linkError);
|
|
||||||
return res.redirect("/login?error=link_create");
|
|
||||||
}
|
|
||||||
|
|
||||||
// Send notification if this is a new link (not from existing linking flow)
|
|
||||||
if (!existingLink) {
|
|
||||||
await notifyAccountLinked(userId, "Discord");
|
|
||||||
}
|
|
||||||
|
|
||||||
// Discord is now linked! Redirect to login for user to sign in
|
|
||||||
// The email is passed so they can see which account was linked
|
|
||||||
console.log(
|
|
||||||
"[Discord OAuth] Discord linked successfully, redirecting to login",
|
|
||||||
);
|
|
||||||
return res.redirect(
|
|
||||||
`/login?discord_linked=true&email=${encodeURIComponent(discordUser.email)}`,
|
|
||||||
);
|
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
console.error("[Discord OAuth] Callback error:", error);
|
console.error("[Discord OAuth] Callback error:", error);
|
||||||
res.redirect("/login?error=unknown");
|
res.redirect("/login?error=unknown");
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue