mirror of
https://github.com/Drop-OSS/drop.git
synced 2025-11-09 20:12:10 +10:00
b72e1ef7a4
* feat: code-based authorization * fix: final touches * fix: require session on code fetch endpoint * feat: better error handling * refactor: move auth send to client handler * fix: lint
22 lines
667 B
TypeScript
22 lines
667 B
TypeScript
import clientHandler from "~/server/internal/clients/handler";
|
|
import sessionHandler from "~/server/internal/session";
|
|
|
|
export default defineEventHandler(async (h3) => {
|
|
const user = await sessionHandler.getSession(h3);
|
|
if (!user) throw createError({ statusCode: 403 });
|
|
|
|
const query = getQuery(h3);
|
|
const code = query.code?.toString()?.toUpperCase();
|
|
if (!code)
|
|
throw createError({
|
|
statusCode: 400,
|
|
statusMessage: "Code required in query params.",
|
|
});
|
|
|
|
const clientId = await clientHandler.fetchClientIdByCode(code);
|
|
if (!clientId)
|
|
throw createError({ statusCode: 400, statusMessage: "Invalid code." });
|
|
|
|
return clientId;
|
|
});
|