fix: better auth validation, remove accidental top level "document" call

blue-build · Apr 17, 2024 · 5197910 · 5197910
1 parent c3766f8
commit 5197910
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 16 deletions.
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
@@ -0,0 +1,18 @@
+import type { Handle } from "@sveltejs/kit";
+
+export const handle: Handle = async ({ event, resolve }) => {
+    const githubToken = event.cookies.get("github_oauth_token") ?? null;
+    const githubUserResponse = await fetch("https://api.github.com/user", {
+        headers: {
+            Authorization: `Bearer ${githubToken}`
+        }
+    });
+    if (githubUserResponse.ok) {
+        const githubUser = await githubUserResponse.json();
+        event.locals.githubUser = githubUser;
+    } else {
+        event.locals.githubUser = null;
+    }
+
+    return resolve(event);
+};
diff --git a/src/routes/+layout.server.ts b/src/routes/+layout.server.ts
@@ -1,16 +1,5 @@
-// import { githubAuth } from "$lib/ts/github/auth";
-import type { RequestEvent } from "@sveltejs/kit";
-
-export async function load(event: RequestEvent) {
-    const token = event.cookies.get("github_oauth_token") ?? null;
-
-    const githubUserResponse = await fetch("https://api.github.com/user", {
-        headers: {
-            Authorization: `Bearer ${token}`
-        }
-    });
-    const githubUser = await githubUserResponse.json();
+export async function load({ locals }) {
     return {
-        githubUser
+        githubUser: locals.githubUser
     };
 }
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
@@ -34,7 +34,7 @@
                     class="absolute h-6 w-6 translate-y-10 transition-transform dark:translate-y-0"
                 />
             </Button>
-            {#if data.githubUser.login}
+            {#if data.githubUser}
                 <Avatar.Root>
                     <Avatar.Image src={data.githubUser.avatar_url} alt={data.githubUser.login} />
                     <Avatar.Fallback>CN</Avatar.Fallback>

diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
@@ -11,7 +11,7 @@
     >
         My repositories
     </h2>
-    {#if !data.githubUser.login}
+    {#if !data.githubUser}
         <Button href="/api/login" size="lg" variant="default" class="mx-auto max-w-xl">
             Log in with GitHub</Button
         >

diff --git a/src/routes/new/+page.server.ts b/src/routes/new/+page.server.ts
@@ -0,0 +1,7 @@
+import { redirect } from "@sveltejs/kit";
+export function load({ locals }) {
+    console.log(locals);
+    if (locals.githubUser === null) {
+        redirect(303, "/");
+    }
+}
diff --git a/src/routes/new/+page.svelte b/src/routes/new/+page.svelte
@@ -12,7 +12,7 @@
     let log: Array<string> = [];
     export let data;
 
-    let repoName = document.getElementById("reponame");
+    let repoName = "";
 
     async function createRepo() {
         setupStep = "inprogress";