next-github-auth/src/pages/SignIn.js at 3d91c4f73e4609bab21117aca33483d991a63e57 · possibilities/next-github-auth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import { Component } from 'react'
import PropTypes from 'prop-types'
import request from 'axios'
import demandEnvVar from '../modules/demandEnvVar'
import getGithubAccessTokenCookie from '../modules/getGithubAccessTokenCookie'
import getGithubAuthorizeUrl from '../modules/getGithubAuthorizeUrl'
import PublicPage from '../decorators/PublicPage'

const GITHUB_URL = process.env.GITHUB_URL || 'https://github.com'
const githubAccessTokenUrl = `${GITHUB_URL}/login/oauth/access_token`
const githubClientSecret = demandEnvVar('GITHUB_CLIENT_SECRET')

const fetchGithubAccessToken = async (githubAuthCode, githubClientId) => {
  const response = await request.post(
    githubAccessTokenUrl,
    {
      code: githubAuthCode,
      client_id: githubClientId,
      client_secret: githubClientSecret
    },
    {
      headers: {
        Accept: 'application/json'
      }
    }
  )

  if (response.status === 200) {
    return response.data.access_token
  }
}

class SignIn extends Component {
  static propTypes = {
    githubClientId: PropTypes.string.isRequired,
    afterSignInUrl: PropTypes.string.isRequired,
    isAuthorized: PropTypes.bool.isRequired,
    scope: PropTypes.string
  }

  static defaultProps = {
    scope: ''
  }

  static async getInitialProps ({
    req,
    res,
    env: {
      githubClientId
    },
    query: {
      afterSignInUrl = '/',
      code: githubAuthCode
    }
  }) {
    let isAuthorized = false

    if (githubAuthCode) {
      const accessToken =
        await fetchGithubAccessToken(githubAuthCode, githubClientId)
      const githubAccessTokenCookie =
        getGithubAccessTokenCookie(req, accessToken)

      res.setHeader('Set-Cookie', githubAccessTokenCookie)

      isAuthorized = !!accessToken
    }

    return { githubClientId, afterSignInUrl, isAuthorized }
  }

  constructor (props) {
    super(props)

    if (process.browser && props.afterSignInUrl) {
      if (props.isAuthorized) {
        // Wait to redirect on the client so the cookie will be available
        window.location = props.afterSignInUrl
      } else {
        window.location = getGithubAuthorizeUrl(
          props.githubClientId,
          props.scope,
          props.afterSignInUrl
        )
      }
    }
  }

  render () {
    // All server side, nothing to show
    return null
  }
}

export default PublicPage(SignIn)