From 80eedf744944769c8ba9bbdccc2aa7dad06b2151 Mon Sep 17 00:00:00 2001 From: MeiMei <30769358+mei23@users.noreply.github.com> Date: Fri, 20 Mar 2020 13:56:22 +0900 Subject: [PATCH] =?UTF-8?q?=E9=80=A3=E6=90=BA=E3=83=AD=E3=82=B0=E3=82=A4?= =?UTF-8?q?=E3=83=B3=E3=81=8C=E3=81=A7=E3=81=8D=E3=81=AA=E3=81=84=E3=81=AE?= =?UTF-8?q?=E3=81=AA=E3=81=A9=E3=82=92=E4=BF=AE=E6=AD=A3=20(#6162)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 連携ログインができないのを修正 * Cookie名変更, セッションに * igiはやっぱり非セッションCookieで * 2回目以降Discordログインできなくなるのを修正 --- src/client/mios.ts | 7 ++++++- src/client/pages/my-settings/integration.vue | 7 +++---- src/client/store.ts | 1 + src/server/api/common/signin.ts | 8 ++------ src/server/api/service/discord.ts | 15 ++++++--------- src/server/api/service/github.ts | 14 +++++--------- src/server/api/service/twitter.ts | 14 +++++--------- 7 files changed, 28 insertions(+), 38 deletions(-) diff --git a/src/client/mios.ts b/src/client/mios.ts index c2ba8ac5c..aa2b202ab 100644 --- a/src/client/mios.ts +++ b/src/client/mios.ts @@ -123,7 +123,12 @@ export default class MiOS extends EventEmitter { }); } else { // Get token from localStorage - const i = localStorage.getItem('i'); + let i = localStorage.getItem('i'); + + // 連携ログインの場合用にCookieを参照する + if (i == null || i === 'null') { + i = (document.cookie.match(/igi=(\w+)/) || [null, null])[1]; + } fetchme(i, me => { if (me) { diff --git a/src/client/pages/my-settings/integration.vue b/src/client/pages/my-settings/integration.vue index 742d43201..3dd7783f1 100644 --- a/src/client/pages/my-settings/integration.vue +++ b/src/client/pages/my-settings/integration.vue @@ -70,11 +70,10 @@ export default Vue.extend({ }, mounted() { - if (!document.cookie.match(/i=(\w+)/)) { - document.cookie = `i=${this.$store.state.i.token}; path=/;` + - ` domain=${document.location.hostname}; max-age=31536000;` + + document.cookie = `igi=${this.$store.state.i.token}; path=/;` + + ` max-age=31536000;` + (document.location.protocol.startsWith('https') ? ' secure' : ''); - } + this.$watch('integrations', () => { if (this.integrations.twitter) { if (this.twitterForm) this.twitterForm.close(); diff --git a/src/client/store.ts b/src/client/store.ts index 3064cfdec..8ded1ba00 100644 --- a/src/client/store.ts +++ b/src/client/store.ts @@ -101,6 +101,7 @@ export default (os: MiOS) => new Vuex.Store({ ctx.commit('settings/init', {}); ctx.commit('deviceUser/init', {}); localStorage.removeItem('i'); + document.cookie = `igi=; path=/`; }, async switchAccount(ctx, i) { diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts index aa2786f8f..50f79f191 100644 --- a/src/server/api/common/signin.ts +++ b/src/server/api/common/signin.ts @@ -9,16 +9,12 @@ import { publishMainStream } from '../../../services/stream'; export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) { if (redirect) { //#region Cookie - const expires = 1000 * 60 * 60 * 24 * 365; // One Year - ctx.cookies.set('i', user.token, { + ctx.cookies.set('igi', user.token, { path: '/', - domain: config.hostname, // SEE: https://github.com/koajs/koa/issues/974 // When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header secure: config.url.startsWith('https'), - httpOnly: false, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: false }); //#endregion diff --git a/src/server/api/service/discord.ts b/src/server/api/service/discord.ts index f9f3026aa..c2bb02453 100644 --- a/src/server/api/service/discord.ts +++ b/src/server/api/service/discord.ts @@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -113,14 +113,10 @@ router.get('/signin/discord', async ctx => { response_type: 'code' }; - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_discord_session_id', sessid, { + ctx.cookies.set('signin_with_discord_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); redis.set(sessid, JSON.stringify(params)); @@ -135,7 +131,7 @@ router.get('/dc/cb', async ctx => { const oauth2 = await getOAuth2(); if (!userToken) { - const sessid = ctx.cookies.get('signin_with_discord_session_id'); + const sessid = ctx.cookies.get('signin_with_discord_sid'); if (!sessid) { ctx.throw(400, 'invalid session'); @@ -199,7 +195,7 @@ router.get('/dc/cb', async ctx => { } const profile = await UserProfiles.createQueryBuilder() - .where('"integrations"->"discord"->"id" = :id', { id: id }) + .where(`"integrations"->'discord'->>'id' = :id`, { id: id }) .andWhere('"userHost" IS NULL') .getOne(); @@ -212,6 +208,7 @@ router.get('/dc/cb', async ctx => { integrations: { ...profile.integrations, discord: { + id: id, accessToken: accessToken, refreshToken: refreshToken, expiresDate: expiresDate, diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts index ec9cce7ad..e36c43ee3 100644 --- a/src/server/api/service/github.ts +++ b/src/server/api/service/github.ts @@ -13,7 +13,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -111,14 +111,10 @@ router.get('/signin/github', async ctx => { state: uuid() }; - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_github_session_id', sessid, { + ctx.cookies.set('signin_with_github_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); redis.set(sessid, JSON.stringify(params)); @@ -133,7 +129,7 @@ router.get('/gh/cb', async ctx => { const oauth2 = await getOath2(); if (!userToken) { - const sessid = ctx.cookies.get('signin_with_github_session_id'); + const sessid = ctx.cookies.get('signin_with_github_sid'); if (!sessid) { ctx.throw(400, 'invalid session'); @@ -192,7 +188,7 @@ router.get('/gh/cb', async ctx => { } const link = await UserProfiles.createQueryBuilder() - .where('"integrations"->"github"->"id" = :id', { id: id }) + .where(`"integrations"->'github'->>'id' = :id`, { id: id }) .andWhere('"userHost" IS NULL') .getOne(); diff --git a/src/server/api/service/twitter.ts b/src/server/api/service/twitter.ts index 881915b58..000eb57c1 100644 --- a/src/server/api/service/twitter.ts +++ b/src/server/api/service/twitter.ts @@ -12,7 +12,7 @@ import { ILocalUser } from '../../../models/entities/user'; import { ensure } from '../../../prelude/ensure'; function getUserToken(ctx: Koa.Context) { - return ((ctx.headers['cookie'] || '').match(/i=(\w+)/) || [null, null])[1]; + return ((ctx.headers['cookie'] || '').match(/igi=(\w+)/) || [null, null])[1]; } function compareOrigin(ctx: Koa.Context) { @@ -102,14 +102,10 @@ router.get('/signin/twitter', async ctx => { redis.set(sessid, JSON.stringify(twCtx)); - const expires = 1000 * 60 * 60; // 1h - ctx.cookies.set('signin_with_twitter_session_id', sessid, { + ctx.cookies.set('signin_with_twitter_sid', sessid, { path: '/', - domain: config.host, secure: config.url.startsWith('https'), - httpOnly: true, - expires: new Date(Date.now() + expires), - maxAge: expires + httpOnly: true }); ctx.redirect(twCtx.url); @@ -121,7 +117,7 @@ router.get('/tw/cb', async ctx => { const twAuth = await getTwAuth(); if (userToken == null) { - const sessid = ctx.cookies.get('signin_with_twitter_session_id'); + const sessid = ctx.cookies.get('signin_with_twitter_sid'); if (sessid == null) { ctx.throw(400, 'invalid session'); @@ -139,7 +135,7 @@ router.get('/tw/cb', async ctx => { const result = await twAuth!.done(JSON.parse(twCtx), ctx.query.oauth_verifier); const link = await UserProfiles.createQueryBuilder() - .where('"integrations"->"twitter"->"userId" = :id', { id: result.userId }) + .where(`"integrations"->'twitter'->>'userId' = :id`, { id: result.userId }) .andWhere('"userHost" IS NULL') .getOne();