From 315f6c501e4a22d4ac44a329506a5780d7dd58ad Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.me>
Date: Wed, 13 Sep 2023 01:59:44 -0700
Subject: refactor(oauth): move to single path

---
 src/routes/api/oauth-callback/+server.ts | 34 ++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 src/routes/api/oauth-callback/+server.ts

(limited to 'src/routes/api/oauth-callback')

diff --git a/src/routes/api/oauth-callback/+server.ts b/src/routes/api/oauth-callback/+server.ts
new file mode 100644
index 00000000..33ba6de9
--- /dev/null
+++ b/src/routes/api/oauth-callback/+server.ts
@@ -0,0 +1,34 @@
+import { dev } from '$app/environment';
+import { env } from '$env/dynamic/private';
+import { env as env2 } from '$env/dynamic/public';
+import { redirect } from '@sveltejs/kit';
+
+export const GET = async ({ url, cookies }) => {
+	const formData = new FormData();
+
+	formData.append('grant_type', 'authorization_code');
+	formData.append('client_id', env2.PUBLIC_ANILIST_CLIENT_ID);
+	formData.append('client_secret', env.ANILIST_CLIENT_SECRET);
+	formData.append('redirect_uri', env2.PUBLIC_ANILIST_REDIRECT_URI);
+	formData.append('code', url.searchParams.get('code') || 'null');
+	cookies.set(
+		'user',
+		JSON.stringify(
+			await (
+				await fetch('https://anilist.co/api/v2/oauth/token', {
+					method: 'POST',
+					body: formData
+				})
+			).json()
+		),
+		{
+			path: '/',
+			maxAge: 60 * 60 * 24 * 7,
+			httpOnly: true,
+			sameSite: 'lax',
+			secure: !dev
+		}
+	);
+
+	throw redirect(303, '/');
+};
-- 
cgit v1.2.3