auth finished

2026-04-19 15:30:05 +00:00 · 2024-09-06 22:56:08 +02:00
parent b1be8502c9
commit f26529b1a3
11 changed files with 397 additions and 35 deletions
--- a/proxy/auth.go
+++ b/proxy/auth.go
@@ -86,8 +86,7 @@ func (c *OsuApiClient) sendRequest(req *http.Request, v interface{}) error {
 	return nil
 }

-func LoginRedirect(w http.ResponseWriter, r *http.Request) {
-
+func LoginMiddlePage(w http.ResponseWriter, r *http.Request) {
 	cookie, ok := r.Context().Value("cookie").(string)

 	if !ok || cookie == "" {
@@ -98,13 +97,32 @@ func LoginRedirect(w http.ResponseWriter, r *http.Request) {

 	var clientid = os.Getenv("CLIENT_ID")
 	var redirect_uri = os.Getenv("REDIRECT_URI") + "/oauth/code"
-	http.Redirect(w, r,
-		fmt.Sprintf("https://osu.ppy.sh/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code&scope=%s&state=%s",
-			clientid,
-			redirect_uri,
-			strings.Join(scopes, " "),
-			cookie),
-		http.StatusTemporaryRedirect)
+
+	html := `
+		<!DOCTYPE html>
+		<html lang="en">
+		<head>
+			<meta charset="UTF-8">
+			<meta name="viewport" content="width=device-width, initial-scale=1.0">
+			<title>Login Required</title>
+		</head>
+		<body>
+			<p>Redirecting...</p>
+			<a href="%s">Click here if ur not being Redirected!</a>
+		<script>
+			window.location.href = "%s";
+		</script>
+		</body>
+		</html>
+		`
+
+	loginURL := fmt.Sprintf("https://osu.ppy.sh/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code&scope=%s&state=%s",
+		clientid,
+		redirect_uri,
+		strings.Join(scopes, " "),
+		cookie)
+	fmt.Fprintf(w, html, loginURL, loginURL)
+	return
 }

 func Oauth(w http.ResponseWriter, r *http.Request) {
@@ -204,13 +222,41 @@ func Oauth(w http.ResponseWriter, r *http.Request) {
 	user.UserID = apiuser.ID
 	user.Name = apiuser.Username
 	user.AvatarUrl = apiuser.AvatarURL
+	user.Share = false

 	SaveCookie(user.UserID, cookie)
 	if err = SaveUser(user); err != nil {
 		fmt.Println(err)
 	}

-	JSONResponse(w, http.StatusCreated, user)
+	var html = fmt.Sprintf(`
+		<!DOCTYPE html>
+		<html lang="en">
+		<head>
+			<meta charset="UTF-8">
+			<title>Login Success</title>
+		<body>
+		
+		<input type="password" value="%s" id="myInput" disabled>
+		<button onclick="copyToClipboard()">Copy Text</button>
+
+			<script>
+			function copyToClipboard() {
+				var copyText = document.getElementById("myInput");
+				copyText.select();
+				copyText.setSelectionRange(0, 99999); // For mobile devices
+				  navigator.clipboard.writeText(copyText.value);
+			}
+
+			window.close(); // Close the window after copy
+			</script>
+		</head>
+		</html>
+	`, cookie)
+
+	fmt.Fprint(w, html)
+	return
+
 }

 type AuthToken struct {
--- a/proxy/database.db
+++ b/proxy/database.db
--- a/proxy/db.go
+++ b/proxy/db.go
@@ -14,6 +14,7 @@ type User struct {
 	Name      string `json:"name"`
 	AvatarUrl string `json:"avatar_url"`
 	EndPoint  string `json:"endpoint"`
+	Share     bool   `json:"share"`
 	Token     `json:"-"`
 }

@@ -127,3 +128,9 @@ func UpdateUserEndPoint(userID int, endPoint string) error {
 	_, err := db.Exec(query, endPoint, userID)
 	return err
 }
+
+func UpdateUserShare(userID int, sharing bool) error {
+	query := "UPDATE users SET sharing = ? WHERE id = ?"
+	_, err := db.Exec(query, sharing, userID)
+	return err
+}
--- a/proxy/middleware.go
+++ b/proxy/middleware.go
@@ -20,7 +20,7 @@ func AuthMiddleware(next http.Handler) http.Handler {

 		user, err := GetUserByCookie(cookie.Value)
 		if err != nil || cookie.Value == "" {
-			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
 			return
 		}

@@ -43,10 +43,13 @@ func CookieMiddleware(next http.Handler) http.Handler {
 				HttpOnly: true,
 				Secure:   true,
 				Path:     "/",
+				Domain:   ".illegalesachen.download",
+				SameSite: http.SameSiteLaxMode,
 			}

 			http.SetCookie(w, newCookie)
 			cookie = newCookie
+			r.AddCookie(cookie)
 		}

 		ctx := context.WithValue(r.Context(), "cookie", cookie.Value)
@@ -54,6 +57,30 @@ func CookieMiddleware(next http.Handler) http.Handler {
 	})
 }

+func CORS(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		w.Header().Set("Access-Control-Allow-Origin", "https://music.illegalesachen.download")
+		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+		w.Header().Set("Access-Control-Allow-Credentials", "true")
+
+		if r.Method == http.MethodOptions {
+			w.WriteHeader(http.StatusNoContent)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
+
+func Logger(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		fmt.Println(r.URL)
+		next.ServeHTTP(w, r)
+	})
+
+}
+
 func generateRandomString(length int) string {
 	bytes := make([]byte, length)
 	_, err := rand.Read(bytes)
--- a/proxy/routes.go
+++ b/proxy/routes.go
@@ -12,17 +12,29 @@ func run() error {
 	port := os.Getenv("PORT")
 	mux := http.NewServeMux()

-	mux.Handle("/me", AuthMiddleware(http.HandlerFunc(MeHandler)))
-	mux.Handle("/login", http.HandlerFunc(LoginRedirect))
+	mux.Handle("GET /me", AuthMiddleware(http.HandlerFunc(MeHandler)))
+	mux.Handle("GET /login", http.HandlerFunc(LoginMiddlePage))
+	mux.Handle("GET /oauth/code", http.HandlerFunc(Oauth))
+	mux.Handle("POST /settings", AuthMiddleware(http.HandlerFunc(Settings)))

-	mux.Handle("/oauth/code", http.HandlerFunc(Oauth))
+	//	mux.Handle("POST /setting", );

 	fmt.Println("Starting Server on", port)

 	//global middleware
-	handler := CookieMiddleware(mux)
+	handler := CORS(CookieMiddleware(Logger(mux)))

-	return http.ListenAndServe(port, handler)
+	finalMux := http.NewServeMux()
+
+	finalMux.Handle("/", handler)
+
+	finalMux.HandleFunc("/ping", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "text/plain")
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte("pong"))
+	})
+
+	return http.ListenAndServe(port, finalMux)
 }

 func MeHandler(w http.ResponseWriter, r *http.Request) {
@@ -37,6 +49,37 @@ func MeHandler(w http.ResponseWriter, r *http.Request) {
 	JSONResponse(w, http.StatusOK, user)
 }

+func Settings(w http.ResponseWriter, r *http.Request) {
+	type settings struct {
+		Sharing  *bool  `json:"sharing"`
+		Endpoint string `json:"endpoint"`
+	}
+
+	user, ok := r.Context().Value("user").(*User)
+	if !ok || user == nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	var s settings
+
+	if err := json.NewDecoder(r.Body).Decode(&s); err != nil {
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	if s.Endpoint != "" {
+		UpdateUserEndPoint(user.UserID, s.Endpoint)
+	}
+
+	if s.Sharing != nil {
+		UpdateUserShare(user.UserID, *s.Sharing)
+	}
+
+	w.WriteHeader(http.StatusOK)
+	return
+}
+
 func JSONResponse(w http.ResponseWriter, statusCode int, data interface{}) {
 	w.Header().Set("Content-Type", "application/json")