Skip to content

Commit 1588185

Browse files
dswbxdswbx
authored
Merge pull request #65 from bknd-io/feat/auth-redirect-param
feat/auth-redirect-param
2 parents dfe7d55 + 4755288 commit 1588185

File tree

2 files changed

+53
-22
lines changed

2 files changed

+53
-22
lines changed

app/src/auth/authenticate/Authenticator.ts

+3-3
Original file line numberDiff line numberDiff line change
@@ -299,8 +299,8 @@ export class Authenticator<Strategies extends Record<string, Strategy> = Record<
299299
}
300300
}
301301

302-
private getSuccessPath(c: Context) {
303-
const p = (this.config.cookie.pathSuccess ?? "/").replace(/\/+$/, "/");
302+
private getSafeUrl(c: Context, path: string) {
303+
const p = path.replace(/\/+$/, "/");
304304

305305
// nextjs doesn't support non-fq urls
306306
// but env could be proxied (stackblitz), so we shouldn't fq every url
@@ -316,7 +316,7 @@ export class Authenticator<Strategies extends Record<string, Strategy> = Record<
316316
return c.json(data);
317317
}
318318

319-
const successUrl = this.getSuccessPath(c);
319+
const successUrl = this.getSafeUrl(c, redirect ?? this.config.cookie.pathSuccess ?? "/");
320320
const referer = redirect ?? c.req.header("Referer") ?? successUrl;
321321
//console.log("auth respond", { redirect, successUrl, successPath });
322322

app/src/auth/authenticate/strategies/PasswordStrategy.ts

+50-19
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
import type { Authenticator, Strategy } from "auth";
2+
import { isDebug, tbValidator as tb } from "core";
23
import { type Static, StringEnum, Type, parse } from "core/utils";
34
import { hash } from "core/utils";
45
import { type Context, Hono } from "hono";
@@ -56,26 +57,56 @@ export class PasswordStrategy implements Strategy {
5657
const hono = new Hono();
5758

5859
return hono
59-
.post("/login", async (c) => {
60-
const body = await authenticator.getBody(c);
61-
62-
try {
63-
const payload = await this.login(body);
64-
const data = await authenticator.resolve("login", this, payload.password, payload);
65-
66-
return await authenticator.respond(c, data);
67-
} catch (e) {
68-
return await authenticator.respond(c, e);
60+
.post(
61+
"/login",
62+
tb(
63+
"query",
64+
Type.Object({
65+
redirect: Type.Optional(Type.String())
66+
})
67+
),
68+
async (c) => {
69+
const body = await authenticator.getBody(c);
70+
const { redirect } = c.req.valid("query");
71+
72+
try {
73+
const payload = await this.login(body);
74+
const data = await authenticator.resolve(
75+
"login",
76+
this,
77+
payload.password,
78+
payload
79+
);
80+
81+
return await authenticator.respond(c, data, redirect);
82+
} catch (e) {
83+
return await authenticator.respond(c, e);
84+
}
6985
}
70-
})
71-
.post("/register", async (c) => {
72-
const body = await authenticator.getBody(c);
73-
74-
const payload = await this.register(body);
75-
const data = await authenticator.resolve("register", this, payload.password, payload);
76-
77-
return await authenticator.respond(c, data);
78-
});
86+
)
87+
.post(
88+
"/register",
89+
tb(
90+
"query",
91+
Type.Object({
92+
redirect: Type.Optional(Type.String())
93+
})
94+
),
95+
async (c) => {
96+
const body = await authenticator.getBody(c);
97+
const { redirect } = c.req.valid("query");
98+
99+
const payload = await this.register(body);
100+
const data = await authenticator.resolve(
101+
"register",
102+
this,
103+
payload.password,
104+
payload
105+
);
106+
107+
return await authenticator.respond(c, data, redirect);
108+
}
109+
);
79110
}
80111

81112
getActions(): StrategyActions {

0 commit comments

Comments
 (0)