連携ログインができないのなどを修正 (#6162)

* 連携ログインができないのを修正

* Cookie名変更, セッションに

* igiはやっぱり非セッションCookieで

* 2回目以降Discordログインできなくなるのを修正
This commit is contained in:
MeiMei 2020-03-20 13:56:22 +09:00 committed by GitHub
parent 1b48e0d6e0
commit 80eedf7449
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 28 additions and 38 deletions

View file

@ -123,7 +123,12 @@ export default class MiOS extends EventEmitter {
}); });
} else { } else {
// Get token from localStorage // Get token from localStorage
const i = localStorage.getItem('i'); let i = localStorage.getItem('i');
// 連携ログインの場合用にCookieを参照する
if (i == null || i === 'null') {
i = (document.cookie.match(/igi=(\w+)/) || [null, null])[1];
}
fetchme(i, me => { fetchme(i, me => {
if (me) { if (me) {

View file

@ -70,11 +70,10 @@ export default Vue.extend({
}, },
mounted() { mounted() {
if (!document.cookie.match(/i=(\w+)/)) { document.cookie = `igi=${this.$store.state.i.token}; path=/;` +
document.cookie = `i=${this.$store.state.i.token}; path=/;` + ` max-age=31536000;` +
` domain=${document.location.hostname}; max-age=31536000;` +
(document.location.protocol.startsWith('https') ? ' secure' : ''); (document.location.protocol.startsWith('https') ? ' secure' : '');
}
this.$watch('integrations', () => { this.$watch('integrations', () => {
if (this.integrations.twitter) { if (this.integrations.twitter) {
if (this.twitterForm) this.twitterForm.close(); if (this.twitterForm) this.twitterForm.close();

View file

@ -101,6 +101,7 @@ export default (os: MiOS) => new Vuex.Store({
ctx.commit('settings/init', {}); ctx.commit('settings/init', {});
ctx.commit('deviceUser/init', {}); ctx.commit('deviceUser/init', {});
localStorage.removeItem('i'); localStorage.removeItem('i');
document.cookie = `igi=; path=/`;
}, },
async switchAccount(ctx, i) { async switchAccount(ctx, i) {

View file

@ -9,16 +9,12 @@ import { publishMainStream } from '../../../services/stream';
export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) { export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
if (redirect) { if (redirect) {
//#region Cookie //#region Cookie
const expires = 1000 * 60 * 60 * 24 * 365; // One Year ctx.cookies.set('igi', user.token, {
ctx.cookies.set('i', user.token, {
path: '/', path: '/',
domain: config.hostname,
// SEE: https://github.com/koajs/koa/issues/974 // SEE: https://github.com/koajs/koa/issues/974
// When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header // When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header
secure: config.url.startsWith('https'), secure: config.url.startsWith('https'),
httpOnly: false, httpOnly: false
expires: new Date(Date.now() + expires),
maxAge: expires
}); });
//#endregion //#endregion

View file

@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure'; import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) { function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
} }
function compareOrigin(ctx: Koa.Context) { function compareOrigin(ctx: Koa.Context) {
@ -113,14 +113,10 @@ router.get('/signin/discord', async ctx => {
response_type: 'code' response_type: 'code'
}; };
const expires = 1000 * 60 * 60; // 1h ctx.cookies.set('signin_with_discord_sid', sessid, {
ctx.cookies.set('signin_with_discord_session_id', sessid, {
path: '/', path: '/',
domain: config.host,
secure: config.url.startsWith('https'), secure: config.url.startsWith('https'),
httpOnly: true, httpOnly: true
expires: new Date(Date.now() + expires),
maxAge: expires
}); });
redis.set(sessid, JSON.stringify(params)); redis.set(sessid, JSON.stringify(params));
@ -135,7 +131,7 @@ router.get('/dc/cb', async ctx => {
const oauth2 = await getOAuth2(); const oauth2 = await getOAuth2();
if (!userToken) { if (!userToken) {
const sessid = ctx.cookies.get('signin_with_discord_session_id'); const sessid = ctx.cookies.get('signin_with_discord_sid');
if (!sessid) { if (!sessid) {
ctx.throw(400, 'invalid session'); ctx.throw(400, 'invalid session');
@ -199,7 +195,7 @@ router.get('/dc/cb', async ctx => {
} }
const profile = await UserProfiles.createQueryBuilder() const profile = await UserProfiles.createQueryBuilder()
.where('"integrations"->"discord"->"id" = :id', { id: id }) .where(`"integrations"->'discord'->>'id' = :id`, { id: id })
.andWhere('"userHost" IS NULL') .andWhere('"userHost" IS NULL')
.getOne(); .getOne();
@ -212,6 +208,7 @@ router.get('/dc/cb', async ctx => {
integrations: { integrations: {
...profile.integrations, ...profile.integrations,
discord: { discord: {
id: id,
accessToken: accessToken, accessToken: accessToken,
refreshToken: refreshToken, refreshToken: refreshToken,
expiresDate: expiresDate, expiresDate: expiresDate,

View file

@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure'; import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) { function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
} }
function compareOrigin(ctx: Koa.Context) { function compareOrigin(ctx: Koa.Context) {
@ -111,14 +111,10 @@ router.get('/signin/github', async ctx => {
state: uuid() state: uuid()
}; };
const expires = 1000 * 60 * 60; // 1h ctx.cookies.set('signin_with_github_sid', sessid, {
ctx.cookies.set('signin_with_github_session_id', sessid, {
path: '/', path: '/',
domain: config.host,
secure: config.url.startsWith('https'), secure: config.url.startsWith('https'),
httpOnly: true, httpOnly: true
expires: new Date(Date.now() + expires),
maxAge: expires
}); });
redis.set(sessid, JSON.stringify(params)); redis.set(sessid, JSON.stringify(params));
@ -133,7 +129,7 @@ router.get('/gh/cb', async ctx => {
const oauth2 = await getOath2(); const oauth2 = await getOath2();
if (!userToken) { if (!userToken) {
const sessid = ctx.cookies.get('signin_with_github_session_id'); const sessid = ctx.cookies.get('signin_with_github_sid');
if (!sessid) { if (!sessid) {
ctx.throw(400, 'invalid session'); ctx.throw(400, 'invalid session');
@ -192,7 +188,7 @@ router.get('/gh/cb', async ctx => {
} }
const link = await UserProfiles.createQueryBuilder() const link = await UserProfiles.createQueryBuilder()
.where('"integrations"->"github"->"id" = :id', { id: id }) .where(`"integrations"->'github'->>'id' = :id`, { id: id })
.andWhere('"userHost" IS NULL') .andWhere('"userHost" IS NULL')
.getOne(); .getOne();

View file

@ -12,7 +12,7 @@ import { ILocalUser } from '../../../models/entities/user';
import { ensure } from '../../../prelude/ensure'; import { ensure } from '../../../prelude/ensure';
function getUserToken(ctx: Koa.Context) { function getUserToken(ctx: Koa.Context) {
return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1];
} }
function compareOrigin(ctx: Koa.Context) { function compareOrigin(ctx: Koa.Context) {
@ -102,14 +102,10 @@ router.get('/signin/twitter', async ctx => {
redis.set(sessid, JSON.stringify(twCtx)); redis.set(sessid, JSON.stringify(twCtx));
const expires = 1000 * 60 * 60; // 1h ctx.cookies.set('signin_with_twitter_sid', sessid, {
ctx.cookies.set('signin_with_twitter_session_id', sessid, {
path: '/', path: '/',
domain: config.host,
secure: config.url.startsWith('https'), secure: config.url.startsWith('https'),
httpOnly: true, httpOnly: true
expires: new Date(Date.now() + expires),
maxAge: expires
}); });
ctx.redirect(twCtx.url); ctx.redirect(twCtx.url);
@ -121,7 +117,7 @@ router.get('/tw/cb', async ctx => {
const twAuth = await getTwAuth(); const twAuth = await getTwAuth();
if (userToken == null) { if (userToken == null) {
const sessid = ctx.cookies.get('signin_with_twitter_session_id'); const sessid = ctx.cookies.get('signin_with_twitter_sid');
if (sessid == null) { if (sessid == null) {
ctx.throw(400, 'invalid session'); ctx.throw(400, 'invalid session');
@ -139,7 +135,7 @@ router.get('/tw/cb', async ctx => {
const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier); const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier);
const link = await UserProfiles.createQueryBuilder() const link = await UserProfiles.createQueryBuilder()
.where('"integrations"->"twitter"->"userId" = :id', { id: result.userId }) .where(`"integrations"->'twitter'->>'userId' = :id`, { id: result.userId })
.andWhere('"userHost" IS NULL') .andWhere('"userHost" IS NULL')
.getOne(); .getOne();