another stage of client authentication

2025-11-13 08:12:40 +10:00 · 2024-10-08 16:13:46 +11:00
parent 909432a6ce
commit 7523e536b5
10 changed files with 345 additions and 82 deletions
--- a/server/api/v1/client/callback/index.get.ts
+++ b/server/api/v1/client/callback/index.get.ts
@ -1,3 +1,27 @@
-export default defineEventHandler((h3) => {
+import clientHandler from "~/server/internal/clients/handler";

-});
+export default defineEventHandler(async (h3) => {
+  const userId = await h3.context.session.getUserId(h3);
+  if (!userId) throw createError({ statusCode: 403 });
+
+  const query = getQuery(h3);
+  const providedClientId = query.id?.toString();
+  if (!providedClientId)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Provide client ID in request params as 'id'",
+    });
+
+  const data = await clientHandler.fetchInitiateClientMetadata(
+    providedClientId
+  );
+  if (!data)
+    throw createError({
+      statusCode: 404,
+      statusMessage: "Request not found.",
+    });
+
+  await clientHandler.attachUserId(providedClientId, userId);
+
+  return data;
+});
--- a/server/api/v1/client/callback/index.post.ts
+++ b/server/api/v1/client/callback/index.post.ts
@ -1,3 +1,20 @@
-export default defineEventHandler((h3) => {
+import clientHandler from "~/server/internal/clients/handler";

-});
+export default defineEventHandler(async (h3) => {
+  const userId = await h3.context.session.getUserId(h3);
+  if (!userId) throw createError({ statusCode: 403 });
+
+  const body = await readBody(h3);
+  const clientId = await body.id;
+
+  const data = await clientHandler.fetchInitiateClientMetadata(clientId);
+  if (!data)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid or expired client ID.",
+    });
+
+  const token = await clientHandler.generateAuthToken(clientId);
+
+  return `drop://handshake/${clientId}/${token}`;
+});