diff --git a/app/.server/store/auth.ts b/app/.server/store/auth.ts index af5b78f..685cde3 100644 --- a/app/.server/store/auth.ts +++ b/app/.server/store/auth.ts @@ -12,8 +12,8 @@ import { TWITTER_CLIENT_ID, } from "./consts"; -const urlBase = - process.env.NODE_ENV === "production" +const urlBase = (mode: string) => + mode === "production" ? "https://edit.members.approvers.dev" : "http://localhost:3000"; @@ -24,6 +24,7 @@ export type Member = { export const getAuthenticator = ( cookieSecret: string, discordClientSecret: string, + mode: string, ) => { const authenticator = new Authenticator( createCookieSessionStorage({ @@ -44,7 +45,7 @@ export const getAuthenticator = ( clientSecret: discordClientSecret, authorizationEndpoint: "https://discord.com/oauth2/authorize", tokenEndpoint: "https://discord.com/api/v10/oauth2/token", - redirectURI: new URL("/redirect", urlBase), + redirectURI: new URL("/redirect", urlBase(mode)), tokenRevocationEndpoint: "https://discord.com/api/v10/oauth2/token/revoke", codeChallengeMethod: "S256", @@ -78,7 +79,10 @@ export type GitHubAssociation = { id: string; name: string; }; -export const getGithubAssocAuthenticator = (githubClientSecret: string) => { +export const getGithubAssocAuthenticator = ( + githubClientSecret: string, + mode: string, +) => { const assocAuthenticator = new Authenticator( createMemorySessionStorage(), ); @@ -88,7 +92,10 @@ export const getGithubAssocAuthenticator = (githubClientSecret: string) => { { clientId: GITHUB_CLIENT_ID, clientSecret: githubClientSecret, - redirectURI: new URL("/dashboard/redirect-github", urlBase), + redirectURI: new URL( + "/dashboard/redirect-github", + urlBase(mode), + ), }, async ({ profile }) => { return { id: profile.id, name: profile.displayName }; @@ -103,7 +110,10 @@ export type TwitterAssociation = { id: string; name: string; }; -export const getTwitterAssocAuthenticator = (twitterClientSecret: string) => { +export const getTwitterAssocAuthenticator = ( + twitterClientSecret: string, + mode: string, +) => { const assocAuthenticator = new Authenticator( createMemorySessionStorage(), ); @@ -114,7 +124,10 @@ export const getTwitterAssocAuthenticator = (twitterClientSecret: string) => { clientSecret: twitterClientSecret, authorizationEndpoint: "https://twitter.com/i/oauth2/authorize", tokenEndpoint: "https://api.twitter.com/2/oauth2/token", - redirectURI: new URL("/dashboard/redirect-twitter", urlBase), + redirectURI: new URL( + "/dashboard/redirect-twitter", + urlBase(mode), + ), scopes: ["tweet.read", "users.read"], codeChallengeMethod: "S256", authenticateWith: "http_basic_auth", diff --git a/app/routes/_index.tsx b/app/routes/_index.tsx index 47866f2..80be72a 100644 --- a/app/routes/_index.tsx +++ b/app/routes/_index.tsx @@ -17,13 +17,14 @@ export default function Index() { } export async function action({ request, context }: ActionFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET } = context.cloudflare.env; - return getAuthenticator(COOKIE_SECRET, DISCORD_CLIENT_SECRET).authenticate( - "discord-oauth", - request, - { - successRedirect: "/dashboard", - failureRedirect: "/", - }, - ); + const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, NODE_ENV } = + context.cloudflare.env; + return getAuthenticator( + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + NODE_ENV, + ).authenticate("discord-oauth", request, { + successRedirect: "/dashboard", + failureRedirect: "/", + }); } diff --git a/app/routes/dashboard.add-github.tsx b/app/routes/dashboard.add-github.tsx index 966b6ce..ce65ccc 100644 --- a/app/routes/dashboard.add-github.tsx +++ b/app/routes/dashboard.add-github.tsx @@ -6,21 +6,25 @@ import { } from "../.server/store/auth"; export async function action({ request, context }: ActionFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, GITHUB_CLIENT_SECRET } = - context.cloudflare.env; + const { + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + GITHUB_CLIENT_SECRET, + NODE_ENV, + } = context.cloudflare.env; await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); - return getGithubAssocAuthenticator(GITHUB_CLIENT_SECRET).authenticate( - "github-oauth", - request, - { - failureRedirect: "/dashboard", - }, - ); + return getGithubAssocAuthenticator( + GITHUB_CLIENT_SECRET, + NODE_ENV, + ).authenticate("github-oauth", request, { + failureRedirect: "/dashboard", + }); } export async function loader() { diff --git a/app/routes/dashboard.add-twitter.tsx b/app/routes/dashboard.add-twitter.tsx index e11dc79..40e69c9 100644 --- a/app/routes/dashboard.add-twitter.tsx +++ b/app/routes/dashboard.add-twitter.tsx @@ -6,21 +6,25 @@ import { } from "../.server/store/auth"; export async function action({ request, context }: ActionFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, TWITTER_CLIENT_SECRET } = - context.cloudflare.env; + const { + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + TWITTER_CLIENT_SECRET, + NODE_ENV, + } = context.cloudflare.env; await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); - return getTwitterAssocAuthenticator(TWITTER_CLIENT_SECRET).authenticate( - "twitter-oauth", - request, - { - failureRedirect: "/dashboard", - }, - ); + return getTwitterAssocAuthenticator( + TWITTER_CLIENT_SECRET, + NODE_ENV, + ).authenticate("twitter-oauth", request, { + failureRedirect: "/dashboard", + }); } export async function loader() { diff --git a/app/routes/dashboard.redirect-github.tsx b/app/routes/dashboard.redirect-github.tsx index b503a48..abcecf9 100644 --- a/app/routes/dashboard.redirect-github.tsx +++ b/app/routes/dashboard.redirect-github.tsx @@ -15,15 +15,23 @@ export default function Redirect(): JSX.Element { } export async function loader({ request, context }: LoaderFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, GITHUB_CLIENT_SECRET } = - context.cloudflare.env; + const { + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + GITHUB_CLIENT_SECRET, + NODE_ENV, + } = context.cloudflare.env; const { discordToken, discordId } = await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); - const githubAssocAuth = getGithubAssocAuthenticator(GITHUB_CLIENT_SECRET); + const githubAssocAuth = getGithubAssocAuthenticator( + GITHUB_CLIENT_SECRET, + NODE_ENV, + ); const { id: addingId, name: addingName } = await githubAssocAuth.authenticate("github-oauth", request, { failureRedirect: "/dashboard", diff --git a/app/routes/dashboard.redirect-twitter.tsx b/app/routes/dashboard.redirect-twitter.tsx index bde59c2..58aa9ea 100644 --- a/app/routes/dashboard.redirect-twitter.tsx +++ b/app/routes/dashboard.redirect-twitter.tsx @@ -15,16 +15,22 @@ export default function Redirect(): JSX.Element { } export async function loader({ request, context }: LoaderFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, TWITTER_CLIENT_SECRET } = - context.cloudflare.env; + const { + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + TWITTER_CLIENT_SECRET, + NODE_ENV, + } = context.cloudflare.env; const { discordToken, discordId } = await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); const twitterAssocAuth = getTwitterAssocAuthenticator( TWITTER_CLIENT_SECRET, + NODE_ENV, ); const { id: addingId, name: addingName } = await twitterAssocAuth.authenticate("twitter-oauth", request, { diff --git a/app/routes/dashboard.remove.tsx b/app/routes/dashboard.remove.tsx index ec4b6fc..7ef930d 100644 --- a/app/routes/dashboard.remove.tsx +++ b/app/routes/dashboard.remove.tsx @@ -4,10 +4,12 @@ import { getAssociationLinks } from "../.server/store/association"; import { getAuthenticator } from "../.server/store/auth"; export async function action({ request, context }: ActionFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET } = context.cloudflare.env; + const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, NODE_ENV } = + context.cloudflare.env; const { discordToken, discordId } = await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); diff --git a/app/routes/dashboard.tsx b/app/routes/dashboard.tsx index c7708e9..8fbe34a 100644 --- a/app/routes/dashboard.tsx +++ b/app/routes/dashboard.tsx @@ -10,10 +10,12 @@ import { import { getAuthenticator } from "../.server/store/auth"; export async function loader({ request, context }: LoaderFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET } = context.cloudflare.env; + const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, NODE_ENV } = + context.cloudflare.env; const { discordId } = await getAuthenticator( COOKIE_SECRET, DISCORD_CLIENT_SECRET, + NODE_ENV, ).isAuthenticated(request, { failureRedirect: "/", }); @@ -28,7 +30,7 @@ const AccountIcon = ({ type }: { type: "github" | "twitter" }): JSX.Element => ({ github: , twitter: , - })[type]; + }[type]); const AccountList = ({ list }: { list: AssociationLinks }): JSX.Element => list.length === 0 ? ( diff --git a/app/routes/logout.tsx b/app/routes/logout.tsx index c4c7c13..7a0b795 100644 --- a/app/routes/logout.tsx +++ b/app/routes/logout.tsx @@ -3,11 +3,13 @@ import type { LoaderFunctionArgs } from "@remix-run/cloudflare"; import { getAuthenticator } from "../.server/store/auth"; export async function loader({ request, context }: LoaderFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET } = context.cloudflare.env; - await getAuthenticator(COOKIE_SECRET, DISCORD_CLIENT_SECRET).logout( - request, - { redirectTo: "/" }, - ); + const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, NODE_ENV } = + context.cloudflare.env; + await getAuthenticator( + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + NODE_ENV, + ).logout(request, { redirectTo: "/" }); } export default function Redirect(): JSX.Element { diff --git a/app/routes/redirect.tsx b/app/routes/redirect.tsx index ee67295..a2fe429 100644 --- a/app/routes/redirect.tsx +++ b/app/routes/redirect.tsx @@ -11,13 +11,14 @@ export default function Redirect(): JSX.Element { } export async function loader({ request, context }: LoaderFunctionArgs) { - const { COOKIE_SECRET, DISCORD_CLIENT_SECRET } = context.cloudflare.env; - return getAuthenticator(COOKIE_SECRET, DISCORD_CLIENT_SECRET).authenticate( - "discord-oauth", - request, - { - successRedirect: "/dashboard", - failureRedirect: "/", - }, - ); + const { COOKIE_SECRET, DISCORD_CLIENT_SECRET, NODE_ENV } = + context.cloudflare.env; + return getAuthenticator( + COOKIE_SECRET, + DISCORD_CLIENT_SECRET, + NODE_ENV, + ).authenticate("discord-oauth", request, { + successRedirect: "/dashboard", + failureRedirect: "/", + }); } diff --git a/load-context.ts b/load-context.ts index dbd71e3..7798a84 100644 --- a/load-context.ts +++ b/load-context.ts @@ -7,6 +7,7 @@ import { type PlatformProxy } from "wrangler"; // even if no `wrangler.toml` exists. type Env = { + NODE_ENV: string; COOKIE_SECRET: string; DISCORD_CLIENT_SECRET: string; TWITTER_CLIENT_SECRET: string;