mirror of
https://gitdab.com/cadence/out-of-your-element.git
synced 2025-09-10 12:22:50 +02:00
Log in with Matrix
This commit is contained in:
Cadence Ember
parent
63cc089bdb
commit
443618b974
13 changed files with 222 additions and 23 deletions
126
src/web/routes/log-in-with-matrix.js
Normal file
126
src/web/routes/log-in-with-matrix.js
Normal file
|
|
@ -0,0 +1,126 @@
|
|||
// @ts-check
|
||||
|
||||
const {z} = require("zod")
|
||||
const {randomUUID} = require("crypto")
|
||||
const {defineEventHandler, getValidatedQuery, sendRedirect, readValidatedBody, useSession, createError, getRequestHeader} = require("h3")
|
||||
const {SnowTransfer} = require("snowtransfer")
|
||||
const DiscordTypes = require("discord-api-types/v10")
|
||||
const fetch = require("node-fetch")
|
||||
const getRelativePath = require("get-relative-path")
|
||||
const {LRUCache} = require("lru-cache")
|
||||
|
||||
const {as, db, select, from} = require("../../passthrough")
|
||||
const {id} = require("../../../addbot")
|
||||
const {reg} = require("../../matrix/read-registration")
|
||||
|
||||
const {sync} = require("../../passthrough")
|
||||
const assert = require("assert").strict
|
||||
/** @type {import("../pug-sync")} */
|
||||
const pugSync = sync.require("../pug-sync")
|
||||
/** @type {import("../../matrix/api")} */
|
||||
const api = sync.require("../../matrix/api")
|
||||
|
||||
const redirect_uri = `${reg.ooye.bridge_origin}/oauth`
|
||||
|
||||
const schema = {
|
||||
form: z.object({
|
||||
mxid: z.string()
|
||||
}),
|
||||
token: z.object({
|
||||
token: z.string()
|
||||
})
|
||||
}
|
||||
|
||||
/** @type {LRUCache<string, string>} token to mxid */
|
||||
const validToken = new LRUCache({max: 200})
|
||||
|
||||
/*
|
||||
1st request, GET, they clicked the button, need to input their mxid
|
||||
2nd request, POST, they input their mxid and we need to send a link
|
||||
3rd request, GET, they clicked the link and we need to set the session data (just their mxid)
|
||||
*/
|
||||
|
||||
as.router.get("/log-in-with-matrix", defineEventHandler(async event => {
|
||||
const parsed = await getValidatedQuery(event, schema.token.safeParse)
|
||||
|
||||
if (!parsed.success) {
|
||||
// We are in the first request and need to tell them to input their mxid
|
||||
return pugSync.render(event, "log-in-with-matrix.pug", {})
|
||||
}
|
||||
|
||||
const userAgent = getRequestHeader(event, "User-Agent")
|
||||
if (userAgent?.match(/bot/)) throw createError({status: 400, data: "Sorry URL previewer, you can't have this URL."})
|
||||
|
||||
const token = parsed.data.token
|
||||
if (!validToken.has(token)) return sendRedirect(event, `${reg.ooye.bridge_origin}/log-in-with-matrix`, 302)
|
||||
|
||||
const session = await useSession(event, {password: reg.as_token})
|
||||
const mxid = validToken.get(token)
|
||||
assert(mxid)
|
||||
validToken.delete(token)
|
||||
|
||||
const matrixGuilds = db.prepare("SELECT guild_id FROM guild_space INNER JOIN member_cache ON space_id = room_id WHERE mxid = ? AND power_level >= 50").pluck().all(mxid)
|
||||
|
||||
await session.update({mxid, matrixGuilds})
|
||||
|
||||
return sendRedirect(event, "./", 302) // open to homepage where they can see they're logged in
|
||||
}))
|
||||
|
||||
as.router.post("/api/log-in-with-matrix", defineEventHandler(async event => {
|
||||
const {mxid} = await readValidatedBody(event, schema.form.parse)
|
||||
let roomID = null
|
||||
|
||||
// Don't extend a duplicate invite for the same user
|
||||
for (const alreadyInvited of validToken.values()) {
|
||||
if (mxid === alreadyInvited) {
|
||||
return sendRedirect(event, "../ok?msg=We already sent you a link on Matrix. Please click it!", 302)
|
||||
}
|
||||
}
|
||||
|
||||
// See if we can reuse an existing room from account data
|
||||
let directData = {}
|
||||
try {
|
||||
directData = await api.getAccountData("m.direct")
|
||||
} catch (e) {}
|
||||
const rooms = directData[mxid] || []
|
||||
for (const candidate of rooms) {
|
||||
// Check that the person is/still in the room
|
||||
let member
|
||||
try {
|
||||
member = await api.getStateEvent(candidate, "m.room.member", mxid)
|
||||
} catch (e) {}
|
||||
if (!member || member.membership === "leave") {
|
||||
// We can reinvite them back to the same room!
|
||||
await api.inviteToRoom(candidate, mxid)
|
||||
roomID = candidate
|
||||
} else {
|
||||
// Member is in this room
|
||||
roomID = candidate
|
||||
}
|
||||
if (roomID) break // no need to check other candidates
|
||||
}
|
||||
|
||||
// No candidates available, create a new room and invite
|
||||
if (!roomID) {
|
||||
roomID = await api.createRoom({
|
||||
invite: [mxid],
|
||||
is_direct: true,
|
||||
preset: "trusted_private_chat"
|
||||
})
|
||||
// Store the newly created room in account data (Matrix doesn't do this for us automatically, sigh...)
|
||||
;(directData[mxid] ??= []).push(roomID)
|
||||
await api.setAccountData("m.direct", directData)
|
||||
}
|
||||
|
||||
const token = randomUUID()
|
||||
validToken.set(token, mxid)
|
||||
|
||||
console.log(`web log in requested for ${mxid}`)
|
||||
const body = `Hi, this is Out Of Your Element! You just clicked the "log in" button on the website.\nOpen this link to finish: ${reg.ooye.bridge_origin}/log-in-with-matrix?token=${token}\nThe link can be used once.`
|
||||
await api.sendEvent(roomID, "m.room.message", {
|
||||
msgtype: "m.text",
|
||||
body
|
||||
})
|
||||
|
||||
return sendRedirect(event, "../ok?msg=Please check your inbox on Matrix!&spot=SpotMailXL", 302)
|
||||
}))
|
||||
Loading…
Add table
Add a link
Reference in a new issue