add auth-code

components/pages/DashboardEdit.js

@@ -23,8 +23,6 @@ export default function DashboardEdit({ websites }) {
 
   const ordered = useMemo(() => sortArrayByMap(websites, order, 'website_id'), [websites, order]);
 
-  console.log({ order, ordered });
-
   function handleWebsiteDrag({ destination, source }) {
     if (!destination || destination.index === source.index) return;
 

components/pages/WebsiteList.js

@@ -24,8 +24,6 @@ export default function WebsiteList({ websites, showCharts, limit }) {
   const { websiteOrder } = useDashboard();
   const { formatMessage } = useIntl();
 
-  console.log({ websiteOrder });
-
   const ordered = useMemo(
     () => sortArrayByMap(websites, websiteOrder, 'website_id'),
     [websites, websiteOrder],

lib/crypto.js

@@ -5,16 +5,20 @@ import { JWT, JWE, JWK } from 'jose';
 import { startOfMonth } from 'date-fns';
 
 const SALT_ROUNDS = 10;
-const KEY = JWK.asKey(Buffer.from(secret()));
+const KEY = key();
 const ROTATING_SALT = hash(startOfMonth(new Date()).toUTCString());
 const CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
 
+export function key(value) {
+  return JWK.asKey(Buffer.from(secret(value)));
+}
+
 export function hash(...args) {
   return crypto.createHash('sha512').update(args.join('')).digest('hex');
 }
 
-export function secret() {
+export function secret(secret = process.env.HASH_SALT || process.env.DATABASE_URL) {
-  return hash(process.env.HASH_SALT || process.env.DATABASE_URL);
+  return hash(secret);
 }
 
 export function salt() {
@@ -51,23 +55,23 @@ export async function createToken(payload) {
   return JWT.sign(payload, KEY);
 }
 
-export async function parseToken(token) {
+export async function parseToken(token, key = KEY) {
   try {
-    return JWT.verify(token, KEY);
+    return JWT.verify(token, key);
   } catch {
     return null;
   }
 }
 
-export async function createSecureToken(payload) {
+export async function createSecureToken(payload, key = KEY) {
-  return JWE.encrypt(await createToken(payload), KEY);
+  return JWE.encrypt(await createToken(payload), key);
 }
 
-export async function parseSecureToken(token) {
+export async function parseSecureToken(token, key = KEY) {
   try {
-    const result = await JWE.decrypt(token, KEY);
+    const result = await JWE.decrypt(token, key);
 
-    return parseToken(result.toString());
+    return parseToken(result.toString(), key);
   } catch {
     return null;
   }

lib/filters.js

@@ -98,7 +98,5 @@ export const paramFilter = data => {
     Object.keys(map[key]).map(n => ({ x: `${key}=${n}`, p: key, v: n, y: map[key][n] })),
   );
 
-  console.log({ map, d });
-
   return d;
 };

pages/api/auth/token.js

@@ -0,0 +1,36 @@
+import { ok, unauthorized, methodNotAllowed } from 'lib/response';
+import { post } from 'lib/web';
+import { parseSecureToken, key, createSecureToken } from 'lib/crypto';
+import { getAccountByUsername } from 'queries';
+
+export default async (req, res) => {
+  var { authCode } = req.body;
+
+  if (req.method === 'POST') {
+    const params = {
+      authorizationCode: authCode,
+      clientId: process.env.CLIENT_ID,
+      clientSecret: process.env.CLIENT_SECRET,
+    };
+
+    var { ok: authOk, data } = await post(process.env.OAUTH_URL, params);
+
+    if (authOk) {
+      const { username } = await parseSecureToken(data.token, key(process.env.CLIENT_SECRET));
+
+      const account = await getAccountByUsername(username);
+
+      if (account) {
+        const { user_id, username, is_admin } = account;
+        const user = { user_id, username, is_admin };
+        const token = await createSecureToken(user);
+
+        return ok(res, { token, user });
+      }
+    }
+
+    return unauthorized(res);
+  }
+
+  return methodNotAllowed(res);
+};

pages/auth.js

@@ -0,0 +1,43 @@
+import React from 'react';
+import Layout from 'components/layout/Layout';
+import useApi from 'hooks/useApi';
+import { useRouter } from 'next/router';
+import { useEffect } from 'react';
+import { setItem } from 'lib/web';
+import { setUser } from 'store/app';
+import { AUTH_TOKEN } from 'lib/constants';
+
+export default function AuthPage({ loginDisabled }) {
+  const { post } = useApi();
+  const router = useRouter();
+
+  useEffect(() => {
+    const { auth_code } = router.query;
+    const verifyyData = async () => {
+      const { ok, data } = await post('/auth/token', { authCode: auth_code });
+
+      if (ok) {
+        setItem(AUTH_TOKEN, data.token);
+        setUser(data.user);
+
+        await router.push('/');
+
+        return null;
+      }
+    };
+
+    verifyyData().catch(async () => await router.push('/'));
+  }, [post, router]);
+
+  if (loginDisabled) {
+    return null;
+  }
+
+  return <Layout title="auth" header={false} footer={false} center></Layout>;
+}
+
+export async function getServerSideProps() {
+  return {
+    props: { loginDisabled: !!process.env.DISABLE_LOGIN },
+  };
+}