連携ログインができないのなどを修正 (#6162)

* 連携ログインができないのを修正

* Cookie名変更, セッションに

* igiはやっぱり非セッションCookieで

* 2回目以降Discordログインできなくなるのを修正
This commit is contained in:
MeiMei 2020-03-20 13:56:22 +09:00 committed by GitHub
parent 1b48e0d6e0
commit 80eedf7449
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 28 additions and 38 deletions

View File

@ -123,7 +123,12 @@ export default class MiOS extends EventEmitter {
});
} else {
// Get token from localStorage
const i = localStorage.getItem('i');
let i = localStorage.getItem('i');
// 連携ログインの場合用にCookieを参照する
if (i == null || i === 'null') {
i = (document.cookie.match(/igi=(\w+)/) || [null, null])[1];
}
fetchme(i, me => {
if (me) {

View File

@ -70,11 +70,10 @@ export default Vue.extend({
},
mounted() {
if (!document.cookie.match(/i=(\w+)/)) {
document.cookie = `i=${this.$store.state.i.token}; path=/;` +
` domain=${document.location.hostname}; max-age=31536000;` +
document.cookie = `igi=${this.$store.state.i.token}; path=/;` +
` max-age=31536000;` +
(document.location.protocol.startsWith('https') ? ' secure' : '');
}
this.$watch('integrations', () => {
if (this.integrations.twitter) {
if (this.twitterForm) this.twitterForm.close();

View File

@ -101,6 +101,7 @@ export default (os: MiOS) => new Vuex.Store({
ctx.commit('settings/init', {});
ctx.commit('deviceUser/init', {});
localStorage.removeItem('i');
document.cookie = `igi=; path=/`;
},
async switchAccount(ctx, i) {

View File

@ -9,16 +9,12 @@ import { publishMainStream } from '../../../services/stream';
export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
if (redirect) {
//#region Cookie
const expires = 1000 * 60 * 60 * 24 * 365; // One Year
ctx.cookies.set('i', user.token, {
ctx.cookies.set('igi', user.token, {
path: '/',
domain: config.hostname,
// SEE: https://github.com/koajs/koa/issues/974
// When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header
secure: config.url.startsWith('https'),
httpOnly: false,
expires: new Date(Date.now() + expires),
maxAge: expires
httpOnly: false
});
//#endregion

View File

@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
}
function compareOrigin(ctx: Koa.Context) {
@ -113,14 +113,10 @@ router.get('/signin/discord', async ctx => {
response_type: 'code'
};
const expires = 1000 * 60 * 60; // 1h
ctx.cookies.set('signin_with_discord_session_id', sessid, {
ctx.cookies.set('signin_with_discord_sid', sessid, {
path: '/',
domain: config.host,
secure: config.url.startsWith('https'),
httpOnly: true,
expires: new Date(Date.now() + expires),
maxAge: expires
httpOnly: true
});
redis.set(sessid, JSON.stringify(params));
@ -135,7 +131,7 @@ router.get('/dc/cb', async ctx => {
const oauth2 = await getOAuth2();
if (!userToken) {
const sessid = ctx.cookies.get('signin_with_discord_session_id');
const sessid = ctx.cookies.get('signin_with_discord_sid');
if (!sessid) {
ctx.throw(400, 'invalid session');
@ -199,7 +195,7 @@ router.get('/dc/cb', async ctx => {
}
const profile = await UserProfiles.createQueryBuilder()
.where('"integrations"->"discord"->"id" = :id', { id: id })
.where(`"integrations"->'discord'->>'id' = :id`, { id: id })
.andWhere('"userHost" IS NULL')
.getOne();
@ -212,6 +208,7 @@ router.get('/dc/cb', async ctx => {
integrations: {
...profile.integrations,
discord: {
id: id,
accessToken: accessToken,
refreshToken: refreshToken,
expiresDate: expiresDate,

View File

@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
}
function compareOrigin(ctx: Koa.Context) {
@ -111,14 +111,10 @@ router.get('/signin/github', async ctx => {
state: uuid()
};
const expires = 1000 * 60 * 60; // 1h
ctx.cookies.set('signin_with_github_session_id', sessid, {
ctx.cookies.set('signin_with_github_sid', sessid, {
path: '/',
domain: config.host,
secure: config.url.startsWith('https'),
httpOnly: true,
expires: new Date(Date.now() + expires),
maxAge: expires
httpOnly: true
});
redis.set(sessid, JSON.stringify(params));
@ -133,7 +129,7 @@ router.get('/gh/cb', async ctx => {
const oauth2 = await getOath2();
if (!userToken) {
const sessid = ctx.cookies.get('signin_with_github_session_id');
const sessid = ctx.cookies.get('signin_with_github_sid');
if (!sessid) {
ctx.throw(400, 'invalid session');
@ -192,7 +188,7 @@ router.get('/gh/cb', async ctx => {
}
const link = await UserProfiles.createQueryBuilder()
.where('"integrations"->"github"->"id" = :id', { id: id })
.where(`"integrations"->'github'->>'id' = :id`, { id: id })
.andWhere('"userHost" IS NULL')
.getOne();

View File

@ -12,7 +12,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1];
return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
}
function compareOrigin(ctx: Koa.Context) {
@ -102,14 +102,10 @@ router.get('/signin/twitter', async ctx => {
redis.set(sessid, JSON.stringify(twCtx));
const expires = 1000 * 60 * 60; // 1h
ctx.cookies.set('signin_with_twitter_session_id', sessid, {
ctx.cookies.set('signin_with_twitter_sid', sessid, {
path: '/',
domain: config.host,
secure: config.url.startsWith('https'),
httpOnly: true,
expires: new Date(Date.now() + expires),
maxAge: expires
httpOnly: true
});
ctx.redirect(twCtx.url);
@ -121,7 +117,7 @@ router.get('/tw/cb', async ctx => {
const twAuth = await getTwAuth();
if (userToken == null) {
const sessid = ctx.cookies.get('signin_with_twitter_session_id');
const sessid = ctx.cookies.get('signin_with_twitter_sid');
if (sessid == null) {
ctx.throw(400, 'invalid session');
@ -139,7 +135,7 @@ router.get('/tw/cb', async ctx => {
const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
const link = await UserProfiles.createQueryBuilder()
.where('"integrations"->"twitter"->"userId" = :id', { id: result.userId })
.where(`"integrations"->'twitter'->>'userId' = :id`, { id: result.userId })
.andWhere('"userHost" IS NULL')
.getOne();