wip: oauth

server/api/[server]/login.ts

@@ -0,0 +1,26 @@
+import { stringifyQuery } from 'ufo'
+import { getApp } from '~/server/shared'
+import { HOST_DOMAIN } from '~/constants'
+
+export default defineEventHandler(async ({ context, res }) => {
+  const server = context.params.server
+  const app = await getApp(server)
+
+  if (!app) {
+    res.statusCode = 400
+    return `App not registered for server: ${server}`
+  }
+
+  const query = stringifyQuery({
+    client_id: app.client_id,
+    scope: 'read write follow push',
+    redirect_uri: `${HOST_DOMAIN}/api/${server}/oauth`,
+    response_type: 'code',
+  })
+  const url = `https://${server}/oauth/authorize?${query}`
+
+  res.writeHead(302, {
+    Location: url,
+  })
+  res.end()
+})

server/api/[server]/oauth.ts

@@ -1,21 +1,29 @@
 import { getQuery } from 'ufo'
+import { getApp } from '~/server/shared'
 
 export default defineEventHandler(async (event) => {
+  const server = event.context.params.server
+  const app = await getApp(server)
+
+  if (!app) {
+    event.res.statusCode = 400
+    return `App not registered for server: ${server}`
+  }
+
   const query = getQuery(event.req.url!)
   const code = query.code
-  const server = event.context.params.server
-  console.log({ query, server })
 
   const res = await $fetch(`https://${server}/oauth/token`, {
     method: 'POST',
     body: {
-      client_id: 'your_client_id_here',
-      client_secret: 'your_client_secret_here',
+      client_id: app.client_id,
+      client_secret: app.client_secret,
       redirect_uri: 'urn:ietf:wg:oauth:2.0:oob',
       grant_type: 'authorization_code',
       code,
       scope: 'read write follow push',
     },
   })
+
   console.log({ res })
 })