back round 0 view raw

feat(oauth/handler): pass error codes back to login page #28

merged

opened by

brookjeynes.dev 1 month ago targeting master from push-wlwouvqurvkz

Signed-off-by: brookjeynes me@brookjeynes.dev

options

unified split

Changed files

+41 -8

internal

server

handlers

oauth

handler.go

views

views.go

internal/server/handlers/login.go

···

       19
       19
        
       	switch r.Method {

     

       20
       20
        
       	case http.MethodGet:

     

       21
       21
        
       		returnURL := r.URL.Query().Get("return_url")

     

       22
       22
       +
       		errorCode := r.URL.Query().Get("error")

     

       22
       23
        
       		views.LoginPage(views.LoginPageParams{

     

       23
       24
        
       			ReturnUrl: returnURL,

     

       25
       25
       +
       			ErrorCode: errorCode,

     

       24
       26
        
       		}).Render(r.Context(), w)

     

       25
       27
        
       	case http.MethodPost:

     

       26
       28
        
       		handle := r.FormValue("handle")

+15 -8

internal/server/oauth/handler.go

···

       3
       3
        
       import (

     

       4
       4
        
       	"context"

     

       5
       5
        
       	"encoding/json"

     

       6
       6
       +
       	"errors"

     

       6
       7
        
       	"fmt"

     

       7
       8
        
       	"net/http"

     

       8
       9
        
       	"time"

     

       9
       10
        
       

     

       10
       11
        
       	comatproto "github.com/bluesky-social/indigo/api/atproto"

     

       12
       12
       +
       	"github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       11
       13
        
       	lexutil "github.com/bluesky-social/indigo/lex/util"

     

       12
       14
        
       	"github.com/go-chi/chi/v5"

     

       13
       15
        
       	"github.com/lestrrat-go/jwx/v2/jwk"

     
···

       16
       18
        
       	"yoten.app/api/yoten"

     

       17
       19
        
       	ph "yoten.app/internal/clients/posthog"

     

       18
       20
        
       	"yoten.app/internal/db"

     

       19
       19
       -
       	"yoten.app/internal/server/htmx"

     

       20
       21
        
       )

     

       21
       22
        
       

     

       22
       23
        
       func (o *OAuth) Router() http.Handler {

     
···

       71
       72
        
       }

     

       72
       73
        
       

     

       73
       74
        
       func (o *OAuth) callback(w http.ResponseWriter, r *http.Request) {

     

       74
       74
       -
       	l := o.Logger.With("handler", "callback")

     

       75
       75
        
       	ctx := r.Context()

     

       76
       76
       +
       	l := o.Logger.With("handler", "callback").With("query", r.URL.Query())

     

       76
       77
        
       

     

       77
       78
        
       	sessData, err := o.ClientApp.ProcessCallback(ctx, r.URL.Query())

     

       78
       79
        
       	if err != nil {

     

       79
       79
       -
       		o.Logger.Error("failed to process callback", "err", err)

     

       80
       80
       -
       		http.Error(w, err.Error(), http.StatusInternalServerError)

     

       80
       80
       +
       		var callbackErr *oauth.AuthRequestCallbackError

     

       81
       81
       +
       		if errors.As(err, &callbackErr) {

     

       82
       82
       +
       			l.Debug("callback error", "err", callbackErr)

     

       83
       83
       +
       			http.Redirect(w, r, fmt.Sprintf("/login?error=%s", callbackErr.ErrorCode), http.StatusFound)

     

       84
       84
       +
       			return

     

       85
       85
       +
       		}

     

       86
       86
       +
       		l.Error("failed to process callback", "err", err)

     

       87
       87
       +
       		http.Redirect(w, r, "/login?error=oauth", http.StatusFound)

     

       81
       88
        
       		return

     

       82
       89
        
       	}

     

       83
       90
        
       

     

       84
       91
        
       	if err := o.SaveSession(w, r, sessData); err != nil {

     

       85
       92
        
       		l.Error("failed to save session", "err", err)

     

       86
       86
       -
       		http.Error(w, err.Error(), http.StatusInternalServerError)

     

       93
       93
       +
       		http.Redirect(w, r, "/login?error=session", http.StatusFound)

     

       87
       94
        
       		return

     

       88
       95
        
       	}

     

       89
       96
        
       

     
···

       91
       98
        
       	resolved, err := o.IdResolver.ResolveIdent(context.Background(), did)

     

       92
       99
        
       	if err != nil {

     

       93
       100
        
       		l.Error("failed to resolve handle", "handle", resolved.Handle.String(), "err", err)

     

       94
       94
       -
       		htmx.HxError(w, http.StatusBadRequest, fmt.Sprintf("'%s' is an invalid handle", resolved.Handle.String()))

     

       101
       101
       +
       		http.Redirect(w, r, "/login?error=handle", http.StatusFound)

     

       95
       102
        
       		return

     

       96
       103
        
       	}

     

       97
       104
        
       

     

       98
       105
        
       	client, err := o.AuthorizedClient(r)

     

       99
       106
        
       	if err != nil {

     

       100
       107
        
       		l.Error("failed to get authorized client", "err", err)

     

       101
       101
       -
       		http.Error(w, err.Error(), http.StatusInternalServerError)

     

       108
       108
       +
       		http.Redirect(w, r, "/login?error=client", http.StatusFound)

     

       102
       109
        
       		return

     

       103
       110
        
       	}

     

       104
       111
        
       

     
···

       128
       135
        
       		})

     

       129
       136
        
       		if err != nil {

     

       130
       137
        
       			l.Error("failed to create profile record", "err", err)

     

       131
       131
       -
       			htmx.HxError(w, http.StatusInternalServerError, "Failed to announce profile creation, try again later")

     

       138
       138
       +
       			http.Redirect(w, r, "/login?error=profile-creation", http.StatusFound)

     

       132
       139
        
       			return

     

       133
       140
        
       		}

     

       134
       141

+23

internal/server/views/login.templ

···

       44
       44
        
       						<i class="w-4 h-4" data-lucide="arrow-right"></i>

     

       45
       45
        
       					</button>

     

       46
       46
        
       				</form>

     

       47
       47
       +
       				if params.ErrorCode != "" {

     

       48
       48
       +
       					<div class="flex flex-col my-4 p-4 bg-red-50 border border-red-500 rounded-lg text-red-500">

     

       49
       49
       +
       						<div class="flex items-center gap-1">

     

       50
       50
       +
       							<i class="w-4 h-4" data-lucide="circle-alert"></i>

     

       51
       51
       +
       							<h5 class="font-medium">Login error</h5>

     

       52
       52
       +
       						</div>

     

       53
       53
       +
       						<div>

     

       54
       54
       +
       							<p class="text-sm">

     

       55
       55
       +
       								switch (params.ErrorCode) {

     

       56
       56
       +
       									case "access_denied":

     

       57
       57
       +
       										You have not authorized the app.

     

       58
       58
       +
       									case "session":

     

       59
       59
       +
       										Server failed to create user session.

     

       60
       60
       +
       									case "handle":

     

       61
       61
       +
       										Server failed to validate your handle.

     

       62
       62
       +
       									default:

     

       63
       63
       +
       										Internal Server error.

     

       64
       64
       +
       								}

     

       65
       65
       +
       								Please try again.

     

       66
       66
       +
       							</p>

     

       67
       67
       +
       						</div>

     

       68
       68
       +
       					</div>

     

       69
       69
       +
       				}

     

       47
       70
        
       				<div class="mt-6 pt-6 border-t border-bg-dark">

     

       48
       71
        
       					<div class="text-center">

     

       49
       72
        
       						<p class="text-sm text-text-muted mb-3">New to the AT Protocol?</p>

internal/server/views/views.go

···

       18
       18
        
       

     

       19
       19
        
       type LoginPageParams struct {

     

       20
       20
        
       	ReturnUrl string

     

       21
       21
       +
       	ErrorCode string

     

       21
       22
        
       }

     

       22
       23
        
       

     

       23
       24
        
       type ProfilePageParams struct {