From 3ff7a4c417ecbecb8dd45c48a1d37df31b7d32f4 Mon Sep 17 00:00:00 2001
From: karishmas6 <carishmashukla28@gmail.com>
Date: Thu, 17 Oct 2024 13:28:06 +0530
Subject: [PATCH] fix: store robotId in state

---
 server/src/routes/auth.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/server/src/routes/auth.ts b/server/src/routes/auth.ts
index 5a0df9ee..406448fe 100644
--- a/server/src/routes/auth.ts
+++ b/server/src/routes/auth.ts
@@ -174,6 +174,10 @@ const oauth2Client = new google.auth.OAuth2(
 
 // Step 1: Redirect to Google for authentication
 router.get('/google', (req, res) => {
+    const { robotId } = req.query;
+    if (!robotId) {
+        return res.status(400).json({ message: 'Robot ID is required' });
+    }
     const scopes = [
         'https://www.googleapis.com/auth/spreadsheets',
         'https://www.googleapis.com/auth/userinfo.email',
@@ -183,18 +187,21 @@ router.get('/google', (req, res) => {
         access_type: 'offline',
         prompt: 'consent',  // Ensures you get a refresh token on first login
         scope: scopes,
+        state: robotId.toString(),
     });
     res.redirect(url);
 });
 
 // Step 2: Handle Google OAuth callback
 router.get('/google/callback', requireSignIn, async (req, res) => {
-    const { code, robotId } = req.query;
+    const { code, state } = req.query;
     try {
-        if (!robotId) {
+        if (!state) {
             return res.status(400).json({ message: 'Robot ID is required' });
         }
 
+        const robotId = state
+
         // Get access and refresh tokens
         if (typeof code !== 'string') {
             return res.status(400).json({ message: 'Invalid code' });