2021-08-16 04:40:56 +00:00
|
|
|
package website
|
|
|
|
|
|
|
|
|
|
import (
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
"context"
|
2021-08-16 04:40:56 +00:00
|
|
|
"errors"
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
"fmt"
|
2021-08-16 04:40:56 +00:00
|
|
|
"net/http"
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
"strings"
|
2021-08-16 04:40:56 +00:00
|
|
|
"time"
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
"git.handmade.network/hmn/hmn/src/assets"
|
2021-08-16 04:40:56 +00:00
|
|
|
"git.handmade.network/hmn/hmn/src/config"
|
|
|
|
|
"git.handmade.network/hmn/hmn/src/db"
|
|
|
|
|
"git.handmade.network/hmn/hmn/src/discord"
|
|
|
|
|
"git.handmade.network/hmn/hmn/src/hmnurl"
|
|
|
|
|
"git.handmade.network/hmn/hmn/src/models"
|
|
|
|
|
"git.handmade.network/hmn/hmn/src/oops"
|
2024-03-28 19:24:46 +00:00
|
|
|
"git.handmade.network/hmn/hmn/src/templates"
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
"git.handmade.network/hmn/hmn/src/utils"
|
|
|
|
|
"github.com/google/uuid"
|
2021-08-16 04:40:56 +00:00
|
|
|
)
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// This callback handles Discord account linking whether the user is signed in
|
|
|
|
|
// or not. In all cases, the end state is that the user is signed into a
|
|
|
|
|
// Handmade Network account with a linked Discord account. HMN accounts will be
|
|
|
|
|
// created as necessary.
|
|
|
|
|
//
|
|
|
|
|
// If we initiate OAuth while logged in, we will use the current session's CSRF
|
|
|
|
|
// token as the OAuth state. Otherwise, we will generate a new entry in the
|
|
|
|
|
// pending_login table with an equivalently random token and use that token for
|
|
|
|
|
// the state.
|
|
|
|
|
//
|
|
|
|
|
// Considerations:
|
|
|
|
|
//
|
|
|
|
|
// | | Already signed in | Not signed in |
|
|
|
|
|
// |-----------------------|----------------------|-------------------------------|
|
|
|
|
|
// | No matching info | Link Discord account | Create HMN account |
|
|
|
|
|
// |-----------------------| to current HMN |-------------------------------|
|
|
|
|
|
// | Matching Discord user | account (stealing is | Log into HMN account and link |
|
|
|
|
|
// |-----------------------| ok, but make sure | Discord user to it. (Double- |
|
|
|
|
|
// | One matching email | any other accounts | check Discord link settings.) |
|
|
|
|
|
// |-----------------------| are unlinked) |-------------------------------|
|
|
|
|
|
// | More than one | | Fail login |
|
|
|
|
|
// | matching email | | |
|
|
|
|
|
// |-----------------------|----------------------|-------------------------------|
|
2021-08-16 04:40:56 +00:00
|
|
|
func DiscordOAuthCallback(c *RequestContext) ResponseData {
|
|
|
|
|
query := c.Req.URL.Query()
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
var destinationUrl string
|
2021-08-16 04:40:56 +00:00
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
tx, err := c.Conn.Begin(c)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to start transaction for Discord OAuth"))
|
|
|
|
|
}
|
|
|
|
|
defer tx.Rollback(c)
|
2021-08-16 04:40:56 +00:00
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// Check the state, figure out where we're going
|
|
|
|
|
state := query.Get("state")
|
|
|
|
|
if c.CurrentUser == nil {
|
|
|
|
|
// Check the state against all our pending signins - if none is found,
|
|
|
|
|
// then CSRF'd!!!! (or the login just expired)
|
|
|
|
|
pendingLogin, err := db.QueryOne[models.PendingLogin](c, c.Conn,
|
|
|
|
|
`
|
|
|
|
|
SELECT $columns
|
|
|
|
|
FROM pending_login
|
|
|
|
|
WHERE
|
|
|
|
|
id = $1
|
|
|
|
|
AND expires_at > CURRENT_TIMESTAMP
|
|
|
|
|
`,
|
|
|
|
|
state,
|
|
|
|
|
)
|
|
|
|
|
if err == db.NotFound {
|
|
|
|
|
c.Logger.Warn().Str("userId", c.CurrentUser.Username).Msg("user failed Discord OAuth state validation - potential attack?")
|
|
|
|
|
res := c.Redirect("/", http.StatusSeeOther)
|
|
|
|
|
logoutUser(c, &res)
|
|
|
|
|
return res
|
|
|
|
|
} else if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up pending login"))
|
|
|
|
|
}
|
|
|
|
|
destinationUrl = pendingLogin.DestinationUrl
|
2021-08-16 04:40:56 +00:00
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// Delete the pending login; we're done with it
|
|
|
|
|
_, err = tx.Exec(c, `DELETE FROM pending_login WHERE id = $1`, pendingLogin.ID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Logger.Warn().Str("id", pendingLogin.ID).Err(err).Msg("failed to delete pending login")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// Check the state against the current session - if it does not match,
|
|
|
|
|
// then CSRF'd!!!!
|
|
|
|
|
if state != c.CurrentSession.CSRFToken {
|
|
|
|
|
c.Logger.Warn().Str("userId", c.CurrentUser.Username).Msg("user failed Discord OAuth state validation - potential attack?")
|
|
|
|
|
res := c.Redirect("/", http.StatusSeeOther)
|
|
|
|
|
logoutUser(c, &res)
|
|
|
|
|
return res
|
|
|
|
|
}
|
|
|
|
|
// The only way into OAuth when logged in is when linking your Discord
|
|
|
|
|
// account in settings.
|
|
|
|
|
destinationUrl = hmnurl.BuildUserSettings("discord")
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// Check for error values and redirect back to from whence they came
|
2021-08-27 17:58:52 +00:00
|
|
|
if errCode := query.Get("error"); errCode != "" {
|
|
|
|
|
if errCode == "access_denied" {
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// This occurs when the user cancels. Just go back so they can try again.
|
|
|
|
|
var dest string
|
|
|
|
|
if c.CurrentUser == nil {
|
|
|
|
|
// Send 'em back to the login page for another go, with the
|
|
|
|
|
// same destination
|
|
|
|
|
dest = hmnurl.BuildLoginPage(destinationUrl)
|
|
|
|
|
} else {
|
|
|
|
|
dest = hmnurl.BuildUserSettings("discord")
|
|
|
|
|
}
|
|
|
|
|
return c.Redirect(dest, http.StatusSeeOther)
|
2021-08-27 17:58:52 +00:00
|
|
|
} else {
|
2022-06-24 21:38:11 +00:00
|
|
|
return c.RejectRequest("Failed to authenticate with Discord.")
|
2021-08-27 17:58:52 +00:00
|
|
|
}
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
|
|
|
|
|
2021-08-28 17:07:45 +00:00
|
|
|
// Do the actual token exchange
|
2021-08-16 04:40:56 +00:00
|
|
|
code := query.Get("code")
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
authRes, err := discord.ExchangeOAuthCode(c, code, hmnurl.BuildDiscordOAuthCallback())
|
2021-08-16 04:40:56 +00:00
|
|
|
if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to exchange Discord authorization code"))
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
expiry := time.Now().Add(time.Duration(authRes.ExpiresIn) * time.Second)
|
2021-08-16 04:40:56 +00:00
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
user, err := discord.GetCurrentUserAsOAuth(c, authRes.AccessToken)
|
2021-08-16 04:40:56 +00:00
|
|
|
if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch Discord user info"))
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
hmnMember, err := discord.GetGuildMember(c, config.Config.Discord.GuildID, user.ID)
|
2021-08-16 04:40:56 +00:00
|
|
|
if err != nil {
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
if err == discord.NotFound {
|
|
|
|
|
// nothing, this is fine
|
|
|
|
|
} else {
|
|
|
|
|
c.Logger.Error().Err(err).Msg("failed to get HMN Discord member for Discord user")
|
|
|
|
|
}
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// Make the necessary updates in our database (see table above)
|
|
|
|
|
|
|
|
|
|
// Determine which HMN user to associate this Discord login with. This
|
|
|
|
|
// may not turn anything up, in which case we need to make an account.
|
|
|
|
|
var hmnUser *models.User
|
|
|
|
|
if c.CurrentUser != nil {
|
|
|
|
|
hmnUser = c.CurrentUser
|
|
|
|
|
} else {
|
|
|
|
|
utils.Assert(user.Email, "didn't get an email from Discord! bad scopes?")
|
|
|
|
|
|
|
|
|
|
userFromDiscordID, err := db.QueryOne[models.User](c, tx,
|
|
|
|
|
`
|
|
|
|
|
SELECT $columns{hmn_user}
|
|
|
|
|
FROM
|
|
|
|
|
discord_user
|
|
|
|
|
JOIN hmn_user ON discord_user.hmn_user_id = hmn_user.id
|
|
|
|
|
WHERE userid = $1
|
|
|
|
|
`,
|
|
|
|
|
user.ID,
|
|
|
|
|
)
|
|
|
|
|
if err == nil {
|
|
|
|
|
hmnUser = userFromDiscordID
|
|
|
|
|
} else if err == db.NotFound {
|
|
|
|
|
// no problem
|
|
|
|
|
} else {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up existing HMN user from Discord OAuth"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if hmnUser == nil {
|
|
|
|
|
usersFromDiscordEmail, err := db.Query[models.User](c, tx,
|
|
|
|
|
`
|
|
|
|
|
SELECT $columns
|
|
|
|
|
FROM hmn_user
|
|
|
|
|
WHERE
|
|
|
|
|
LOWER(email) = LOWER($1)
|
|
|
|
|
`,
|
|
|
|
|
user.Email,
|
|
|
|
|
)
|
|
|
|
|
if err == nil {
|
|
|
|
|
if len(usersFromDiscordEmail) > 1 {
|
|
|
|
|
// oh no why don't we have a unique constraint on emails
|
|
|
|
|
return c.RejectRequest("There are multiple Handmade Network accounts with this email address. Please sign into one of them separately.")
|
|
|
|
|
} else if len(usersFromDiscordEmail) == 1 {
|
|
|
|
|
hmnUser = usersFromDiscordEmail[0]
|
|
|
|
|
}
|
|
|
|
|
} else if err == db.NotFound {
|
|
|
|
|
// no problem
|
|
|
|
|
} else {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up existing HMN user by email"))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create a new HMN account if no existing account matches
|
|
|
|
|
if hmnUser == nil {
|
|
|
|
|
// Check if an HMN account already has this username. We don't link
|
|
|
|
|
// in this case because usernames can be changed and we don't want
|
|
|
|
|
// account takeovers.
|
|
|
|
|
usernameTaken, err := db.QueryOneScalar[bool](c, tx,
|
|
|
|
|
`SELECT COUNT(*) > 0 FROM hmn_user WHERE LOWER(username) = LOWER($1)`,
|
|
|
|
|
user.Username,
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to check if username was taken when logging in with Discord"))
|
|
|
|
|
}
|
|
|
|
|
if usernameTaken {
|
|
|
|
|
return c.RejectRequest(fmt.Sprintf("There is already a Handmade Network account with the username \"%s\".", user.Username))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var displayName string
|
|
|
|
|
if hmnMember != nil && hmnMember.Nick != nil {
|
|
|
|
|
displayName = *hmnMember.Nick
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var avatarHash *string
|
|
|
|
|
if hmnMember != nil && hmnMember.Avatar != nil {
|
|
|
|
|
avatarHash = hmnMember.Avatar
|
|
|
|
|
} else if user.Avatar != nil {
|
|
|
|
|
avatarHash = user.Avatar
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var avatarAssetID *uuid.UUID
|
|
|
|
|
if avatarHash != nil {
|
|
|
|
|
// Note! Not using the transaction here. Don't want to fail the login due to avatars.
|
|
|
|
|
if avatarAsset, err := saveDiscordAvatar(c, c.Conn, user.ID, *user.Avatar); err == nil {
|
|
|
|
|
avatarAssetID = &avatarAsset.ID
|
|
|
|
|
} else {
|
|
|
|
|
c.Logger.Warn().Err(err).Msg("failed to save Discord avatar")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
newHMNUser, err := db.QueryOne[models.User](c, tx,
|
|
|
|
|
`
|
|
|
|
|
INSERT INTO hmn_user (
|
|
|
|
|
username, name, email, password, avatar_asset_id, date_joined, registration_ip
|
|
|
|
|
) VALUES (
|
|
|
|
|
$1, $2, $3, '', $4, $5, $6
|
|
|
|
|
)
|
|
|
|
|
RETURNING $columns
|
|
|
|
|
`,
|
|
|
|
|
user.Username, displayName, strings.ToLower(user.Email), avatarAssetID, time.Now(), c.GetIP(),
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to create new HMN user for Discord login"))
|
|
|
|
|
}
|
|
|
|
|
hmnUser = newHMNUser
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the Discord user data to our database
|
|
|
|
|
_, err = tx.Exec(c,
|
2021-08-16 04:40:56 +00:00
|
|
|
`
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
INSERT INTO
|
|
|
|
|
discord_user (username, discriminator, access_token, refresh_token, avatar, locale, userid, expiry, hmn_user_id)
|
|
|
|
|
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
|
|
|
|
|
ON CONFLICT (userid) DO UPDATE SET
|
|
|
|
|
username = EXCLUDED.username,
|
|
|
|
|
discriminator = EXCLUDED.discriminator,
|
|
|
|
|
access_token = EXCLUDED.access_token,
|
|
|
|
|
refresh_token = EXCLUDED.refresh_token,
|
|
|
|
|
avatar = EXCLUDED.avatar,
|
|
|
|
|
locale = EXCLUDED.locale,
|
|
|
|
|
expiry = EXCLUDED.expiry,
|
|
|
|
|
hmn_user_id = EXCLUDED.hmn_user_id
|
2021-08-16 04:40:56 +00:00
|
|
|
`,
|
|
|
|
|
user.Username,
|
|
|
|
|
user.Discriminator,
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
authRes.AccessToken,
|
|
|
|
|
authRes.RefreshToken,
|
2021-08-16 04:40:56 +00:00
|
|
|
user.Avatar,
|
|
|
|
|
user.Locale,
|
|
|
|
|
user.ID,
|
|
|
|
|
expiry,
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
hmnUser.ID,
|
2021-08-16 04:40:56 +00:00
|
|
|
)
|
|
|
|
|
if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to save new Discord user info"))
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
// Mark the HMN user as confirmed - Discord is good enough auth for us
|
|
|
|
|
_, err = tx.Exec(c,
|
|
|
|
|
`
|
|
|
|
|
UPDATE hmn_user
|
|
|
|
|
SET status = $1
|
|
|
|
|
WHERE id = $2
|
|
|
|
|
`,
|
|
|
|
|
models.UserStatusApproved,
|
|
|
|
|
hmnUser.ID,
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Logger.Error().Err(err).Msg("failed to set user status to approved after linking discord account")
|
|
|
|
|
// NOTE(asaf): It's not worth failing the request over this, so we're not returning an error to the user.
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = tx.Commit(c)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to save updates from Discord OAuth"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the role on Discord
|
|
|
|
|
if hmnMember != nil {
|
|
|
|
|
err = discord.AddGuildMemberRole(c, user.ID, config.Config.Discord.MemberRoleID)
|
2022-04-07 04:28:04 +00:00
|
|
|
if err != nil {
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
c.Logger.Error().Err(err).Msg("failed to add member role")
|
2022-04-07 04:28:04 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
res := c.Redirect(destinationUrl, http.StatusSeeOther)
|
|
|
|
|
err = loginUser(c, hmnUser, &res)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, err)
|
|
|
|
|
}
|
|
|
|
|
return res
|
2021-08-16 04:40:56 +00:00
|
|
|
}
|
2021-08-16 05:07:17 +00:00
|
|
|
|
|
|
|
|
func DiscordUnlink(c *RequestContext) ResponseData {
|
2022-06-24 21:38:11 +00:00
|
|
|
tx, err := c.Conn.Begin(c)
|
2021-08-16 05:07:17 +00:00
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
2022-06-24 21:38:11 +00:00
|
|
|
defer tx.Rollback(c)
|
2021-08-16 05:07:17 +00:00
|
|
|
|
2022-06-24 21:38:11 +00:00
|
|
|
discordUser, err := db.QueryOne[models.DiscordUser](c, tx,
|
2021-08-16 05:07:17 +00:00
|
|
|
`
|
|
|
|
|
SELECT $columns
|
2022-05-07 13:11:05 +00:00
|
|
|
FROM discord_user
|
2021-08-16 05:07:17 +00:00
|
|
|
WHERE hmn_user_id = $1
|
|
|
|
|
`,
|
|
|
|
|
c.CurrentUser.ID,
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
2021-09-14 04:13:58 +00:00
|
|
|
if errors.Is(err, db.NotFound) {
|
2021-08-27 17:58:52 +00:00
|
|
|
return c.Redirect(hmnurl.BuildUserSettings("discord"), http.StatusSeeOther)
|
2021-08-16 05:07:17 +00:00
|
|
|
} else {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to get Discord user for unlink"))
|
2021-08-16 05:07:17 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-24 21:38:11 +00:00
|
|
|
_, err = tx.Exec(c,
|
2021-08-16 05:07:17 +00:00
|
|
|
`
|
2022-05-07 13:11:05 +00:00
|
|
|
DELETE FROM discord_user
|
2021-08-16 05:07:17 +00:00
|
|
|
WHERE id = $1
|
|
|
|
|
`,
|
|
|
|
|
discordUser.ID,
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete Discord user"))
|
2021-08-16 05:07:17 +00:00
|
|
|
}
|
|
|
|
|
|
2022-06-24 21:38:11 +00:00
|
|
|
err = tx.Commit(c)
|
2021-08-16 05:07:17 +00:00
|
|
|
if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to commit Discord user delete"))
|
2021-08-16 05:07:17 +00:00
|
|
|
}
|
|
|
|
|
|
2022-06-24 21:38:11 +00:00
|
|
|
err = discord.RemoveGuildMemberRole(c, discordUser.UserID, config.Config.Discord.MemberRoleID)
|
2021-08-16 05:07:17 +00:00
|
|
|
if err != nil {
|
|
|
|
|
c.Logger.Warn().Err(err).Msg("failed to remove member role on unlink")
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-27 17:58:52 +00:00
|
|
|
return c.Redirect(hmnurl.BuildUserSettings("discord"), http.StatusSeeOther)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func DiscordShowcaseBacklog(c *RequestContext) ResponseData {
|
2022-06-24 21:38:11 +00:00
|
|
|
duser, err := db.QueryOne[models.DiscordUser](c, c.Conn,
|
2022-05-07 13:11:05 +00:00
|
|
|
`SELECT $columns FROM discord_user WHERE hmn_user_id = $1`,
|
2021-08-27 17:58:52 +00:00
|
|
|
c.CurrentUser.ID,
|
|
|
|
|
)
|
2021-09-14 04:13:58 +00:00
|
|
|
if errors.Is(err, db.NotFound) {
|
2021-08-27 17:58:52 +00:00
|
|
|
// Nothing to do
|
|
|
|
|
c.Logger.Warn().Msg("could not do showcase backlog because no discord user exists")
|
|
|
|
|
return c.Redirect(hmnurl.BuildUserProfile(c.CurrentUser.Username), http.StatusSeeOther)
|
|
|
|
|
} else if err != nil {
|
2021-08-28 12:21:03 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to get discord user"))
|
2021-08-27 17:58:52 +00:00
|
|
|
}
|
|
|
|
|
|
2022-06-24 21:38:11 +00:00
|
|
|
msgIDs, err := db.QueryScalar[string](c, c.Conn,
|
2021-08-27 17:58:52 +00:00
|
|
|
`
|
2022-04-16 17:49:29 +00:00
|
|
|
SELECT msg.id
|
2021-08-27 17:58:52 +00:00
|
|
|
FROM
|
2022-05-07 13:11:05 +00:00
|
|
|
discord_message AS msg
|
2021-08-27 17:58:52 +00:00
|
|
|
WHERE
|
|
|
|
|
msg.user_id = $1
|
|
|
|
|
AND msg.channel_id = $2
|
|
|
|
|
`,
|
|
|
|
|
duser.UserID,
|
|
|
|
|
config.Config.Discord.ShowcaseChannelID,
|
|
|
|
|
)
|
2021-12-15 01:36:37 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, err)
|
|
|
|
|
}
|
2021-12-13 07:40:54 +00:00
|
|
|
|
2022-01-31 06:46:43 +00:00
|
|
|
for _, msgID := range msgIDs {
|
2022-06-24 21:38:11 +00:00
|
|
|
interned, err := discord.FetchInternedMessage(c, c.Conn, msgID)
|
2022-02-07 12:21:40 +00:00
|
|
|
if err != nil && !errors.Is(err, db.NotFound) {
|
2022-01-31 06:46:43 +00:00
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, err)
|
2022-02-07 12:21:40 +00:00
|
|
|
} else if err == nil {
|
2022-01-31 06:46:43 +00:00
|
|
|
// NOTE(asaf): Creating snippet even if the checkbox is off because the user asked us to.
|
2022-06-24 21:38:11 +00:00
|
|
|
err = discord.HandleSnippetForInternedMessage(c, c.Conn, interned, true)
|
2022-01-31 06:46:43 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return c.ErrorResponse(http.StatusInternalServerError, err)
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-08-27 17:58:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return c.Redirect(hmnurl.BuildUserProfile(c.CurrentUser.Username), http.StatusSeeOther)
|
2021-08-16 05:07:17 +00:00
|
|
|
}
|
Add Discord login (#106)
This leverages our existing Discord OAuth implementation. Any users with a linked Discord account will be able to log in immediately. When logging in, we request the `email` scope in addition to `identity`, so existing users will be prompted one time to accept the new permissions. On subsequent logins, Discord will skip the prompt.
When linking your Discord account to an existing HMN account, we continue to only request the `identity` scope, so we do not receive the user's Discord email.
Both login and linking go through the same Discord OAuth callback. All flows through the callback try to achieve the same end goal: a logged-in HMN user with a linked Discord account.
Linking works the same as it ever has. Login, however, is different because we do not have a session ID to use as the OAuth state. To account for this, I have added a `pending_login` table that stores a secure unique ID and the eventual destination URL. These pending logins expire after 10 minutes. When we receive the OAuth callback, we look up the pending login by the OAuth `state` and immediately delete it. The destination URL will be used to redirect the user to the right place.
If we have a `discord_user` entry for the OAuth'd Discord user, we immediately log the user into the associated HMN account. This is the typical login case. If we do not have a `discord_user`, but there is exactly one HMN user with the same email address as the Discord user, we will link the two accounts and log into the HMN account.
(It is possible for multiple HMN accounts to have the same email, because we don't have a uniqueness constraint there. We fail the login in this case rather than link to the wrong account.)
Finally, if no associated HMN user exists, a new one will be created. It will use the Discord user's username, email, and avatar. This user will have no password, but they can set or reset a password through the usual flows.
Co-authored-by: Ben Visness <bvisness@gmail.com>
Reviewed-on: https://git.handmade.network/hmn/hmn/pulls/106
2023-05-06 19:38:50 +00:00
|
|
|
|
|
|
|
|
func saveDiscordAvatar(ctx context.Context, conn db.ConnOrTx, userID, avatarHash string) (*models.Asset, error) {
|
|
|
|
|
const size = 256
|
|
|
|
|
|
|
|
|
|
filename := fmt.Sprintf("%s.png", avatarHash)
|
|
|
|
|
url := fmt.Sprintf("https://cdn.discordapp.com/avatars/%s/%s?size=%d", userID, filename, size)
|
|
|
|
|
|
|
|
|
|
content, _, err := discord.DownloadDiscordResource(ctx, url)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, oops.New(err, "failed to download Discord avatar")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
asset, err := assets.Create(ctx, conn, assets.CreateInput{
|
|
|
|
|
Content: content,
|
|
|
|
|
Filename: filename,
|
|
|
|
|
ContentType: "image/png",
|
|
|
|
|
|
|
|
|
|
Width: size,
|
|
|
|
|
Height: size,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, oops.New(err, "failed to save asset for Discord attachment")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return asset, nil
|
|
|
|
|
}
|
2024-03-28 19:24:46 +00:00
|
|
|
|
|
|
|
|
func DiscordBotDebugPage(c *RequestContext) ResponseData {
|
|
|
|
|
type DiscordBotDebugData struct {
|
|
|
|
|
templates.BaseData
|
|
|
|
|
BotEvents []discord.BotEvent
|
|
|
|
|
}
|
|
|
|
|
botEvents := discord.GetBotEvents()
|
|
|
|
|
var res ResponseData
|
|
|
|
|
res.MustWriteTemplate("discord_bot_debug.html", DiscordBotDebugData{
|
|
|
|
|
BaseData: getBaseData(c, "", nil),
|
|
|
|
|
|
|
|
|
|
BotEvents: botEvents,
|
|
|
|
|
}, c.Perf)
|
|
|
|
|
return res
|
|
|
|
|
}
|
