PxlLoewe/var-monorepo
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Finished Moodle oAuth service

Browse Source 
READ Moodle section in README file
This commit is contained in:
PxlLoewe
2025-02-27 00:32:44 +01:00
parent b81bab1dc2
commit 9366f8f6b4
8 changed files with 149 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
apps/hub/app/api/auth/accessToken/route.ts
View File

@@ -1,30 +1,40 @@
import { prisma, PrismaClient } from "@repo/db";
import { NextRequest, NextResponse } from "next/server";
import { sign } from "jsonwebtoken";
import { services } from "../../../(auth)/oauth/page";
export const GET = async (req: NextRequest) => {
export const POST = async (req: NextRequest) => {
const form = new URLSearchParams(await req.text());
console.log("POST body:");
const client = new PrismaClient();
const accessToken =
req.nextUrl.searchParams.get("token") ||
req.nextUrl.searchParams.get("code");
const client_id = req.nextUrl.searchParams.get("client_id");
const client_secret = req.nextUrl.searchParams.get("client_secret");
const accessToken = form.get("token") || form.get("code");
const clientId = form.get("client_id");
const clientSecret = form.get("client_secret");
console.log("Access token:", accessToken);
console.log("Client ID:", clientId);
console.log("Secret:", clientSecret);
const service = services.find((s) => s.id === clientId);
if (!accessToken)
return new Response("No access token provided", { status: 400 });
if (!client_id)
if (!clientId)
return new Response("No client ID token provided", { status: 400 });
const accessRequest = await client.oAuthToken.findFirst({
where: {
accessToken: accessToken,
clientId: client_id,
clientId: clientId,
},
include: {
user: true,
},
});
if (!service || service.secret !== clientSecret)
return new Response("Invalid client ID or secret", { status: 400 });
if (!accessRequest)
return new Response("Access token not found", { status: 404 });
@@ -37,12 +47,18 @@ export const GET = async (req: NextRequest) => {
return new Response("Code expired", { status: 400 });
}
const jwt = sign(accessRequest.user, process.env.NEXTAUTH_SECRET as string, {
expiresIn: "30d",
});
const jwt = sign(
{
...accessRequest.user,
},
process.env.NEXTAUTH_SECRET as string,
{
expiresIn: "30d",
},
);
return Response.json({
user: accessRequest.user,
jwt,
access_token: jwt,
token_type: "Bearer",
});
};

42
apps/hub/app/api/user/route.ts
View File

@@ -1,21 +1,47 @@
import { NextRequest, NextResponse } from "next/server";
import { getServerSession } from "../auth/[...nextauth]/auth";
import { prisma } from "@repo/db";
import { generateToken } from "../../(auth)/oauth/_components/action";
import { decode, verify } from "jsonwebtoken";
export async function middleware(req: NextRequest) {
const authHeader = req.headers.get("authorization");
if (authHeader?.startsWith("Bearer ")) {
const token = authHeader.split(" ")[1];
if (token) {
// Hier kannst du den Token validieren (optional)
req.headers.set("x-next-auth-token", token);
}
// Falls NextAuth keine Session hat, erstellen wir eine Fake-Session
}
return NextResponse.next();
}
export const GET = async (req: NextRequest) => {
const session = await getServerSession();
if (!session) {
return {
status: 401,
body: "Unauthorized",
};
// This route is only used by Moodle, so NextAuth is not used here
const authHeader = req.headers.get("Authorization");
const token = authHeader?.split(" ")[1];
if (!authHeader || !token) {
return NextResponse.json({ error: "Not logged in" }, { status: 401 });
}
const decoded = await verify(token, process.env.NEXTAUTH_SECRET as string);
if (typeof decoded === "string")
return NextResponse.json({ error: "Invalid token" }, { status: 401 });
const user = await prisma.user.findUnique({
where: {
id: session.user.id,
id: decoded.id,
},
});
return NextResponse.json(user);
return NextResponse.json({
...user,
moodleLastname: `${user?.lastname.split("")[0]}. - ${user?.publicId}`,
});
};