61 lines
1.5 KiB
TypeScript
61 lines
1.5 KiB
TypeScript
import { prisma, PrismaClient } from "@repo/db";
|
|
import { NextRequest, NextResponse } from "next/server";
|
|
import { sign } from "jsonwebtoken";
|
|
import { services } from "../../../(auth)/oauth/page";
|
|
|
|
export const POST = async (req: NextRequest) => {
|
|
const form = new URLSearchParams(await req.text());
|
|
const client = new PrismaClient();
|
|
const accessToken = form.get("token") || form.get("code");
|
|
const clientId = form.get("client_id");
|
|
const clientSecret = form.get("client_secret");
|
|
|
|
const service = services.find((s) => s.id === clientId);
|
|
|
|
if (!accessToken)
|
|
return new Response("No access token provided", { status: 400 });
|
|
|
|
if (!clientId)
|
|
return new Response("No client ID token provided", { status: 400 });
|
|
|
|
const accessRequest = await client.oAuthToken.findFirst({
|
|
where: {
|
|
accessToken: accessToken,
|
|
clientId: clientId,
|
|
},
|
|
include: {
|
|
user: true,
|
|
},
|
|
});
|
|
|
|
if (!service || service.secret !== clientSecret)
|
|
return new Response("Invalid client ID or secret", { status: 400 });
|
|
|
|
if (!accessRequest)
|
|
return new Response("Access token not found", { status: 404 });
|
|
|
|
if (new Date().getTime() - accessRequest?.createdAt.getTime() > 60 * 1000) {
|
|
await prisma.oAuthToken.delete({
|
|
where: {
|
|
id: accessRequest.id,
|
|
},
|
|
});
|
|
return new Response("Code expired", { status: 400 });
|
|
}
|
|
|
|
const jwt = sign(
|
|
{
|
|
...accessRequest.user,
|
|
},
|
|
process.env.NEXTAUTH_SECRET as string,
|
|
{
|
|
expiresIn: "30d",
|
|
},
|
|
);
|
|
|
|
return Response.json({
|
|
access_token: jwt,
|
|
token_type: "Bearer",
|
|
});
|
|
};
|