peter/tvone
1
0
Fork 0
mirror of https://github.com/PeterMaquiran/tvone.git synced 2026-04-23 12:35:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

set settsion to http and https

Browse Source
This commit is contained in:
Peter Maquiran
2026-04-19 00:52:09 +01:00
parent 174febe986
commit a6d475ed13
1 changed files with 37 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/api/auth/callback/route.ts
+37 -15
View File
@@ -3,30 +3,52 @@ import { NextResponse } from "next/server";
export async function GET(req: Request) { export async function GET(req: Request) {
const url = new URL(req.url); const url = new URL(req.url);
const code = url.searchParams.get("code"); const code = url.searchParams.get("code");
const origin = url.origin;
const isHttps = url.protocol === "https:";
// exchange code for token (Keycloak token endpoint) if (!code) {
const tokenRes = await fetch("https://keycloak.petermaquiran.xyz/realms/tvone/protocol/openid-connect/token", { return NextResponse.redirect(`${origin}/login?error=missing_code`);
method: "POST", }
headers: { "Content-Type": "application/x-www-form-urlencoded" },
body: new URLSearchParams({ const redirectUri = `${origin}/api/auth/callback`;
client_id: "tvone-web",
client_secret: "7jQUciQCCf2WRFRe170UANKzGKVWFIkY", const tokenRes = await fetch(
grant_type: "authorization_code", "https://keycloak.petermaquiran.xyz/realms/tvone/protocol/openid-connect/token",
code: code!, {
redirect_uri: "http://localhost:3000/api/auth/callback", method: "POST",
}), headers: { "Content-Type": "application/x-www-form-urlencoded" },
}); body: new URLSearchParams({
client_id: "tvone-web",
client_secret: "7jQUciQCCf2WRFRe170UANKzGKVWFIkY",
grant_type: "authorization_code",
code,
redirect_uri: redirectUri,
}),
}
);
const text = await tokenRes.text(); const text = await tokenRes.text();
var data = JSON.parse(text); let data: { access_token?: string; expires_in?: number };
try {
data = JSON.parse(text) as typeof data;
} catch {
return NextResponse.redirect(`${origin}/login?error=token_parse`);
}
const res = NextResponse.redirect("http://localhost:3000/dashboard"); if (!tokenRes.ok || !data.access_token) {
console.error("token exchange failed", tokenRes.status, text);
return NextResponse.redirect(`${origin}/login?error=token_exchange`);
}
const res = NextResponse.redirect(`${origin}/dashboard`);
// Secure cookies are ignored on http:// (e.g. localhost) — browser drops them.
res.cookies.set("access_token", data.access_token, { res.cookies.set("access_token", data.access_token, {
httpOnly: true, httpOnly: true,
secure: true, secure: isHttps,
sameSite: "lax", sameSite: "lax",
path: "/", path: "/",
maxAge: data.expires_in,
}); });
return res; return res;