fix: store robotId in state

2024-10-17 13:28:06 +05:30
parent 3cf084b102
commit 3ff7a4c417
1 changed files with 9 additions and 2 deletions
--- a/server/src/routes/auth.ts
+++ b/server/src/routes/auth.ts
@@ -174,6 +174,10 @@ const oauth2Client = new google.auth.OAuth2(

 // Step 1: Redirect to Google for authentication
 router.get('/google', (req, res) => {
+    const { robotId } = req.query;
+    if (!robotId) {
+        return res.status(400).json({ message: 'Robot ID is required' });
+    }
    const scopes = [
        'https://www.googleapis.com/auth/spreadsheets',
        'https://www.googleapis.com/auth/userinfo.email',
@@ -183,18 +187,21 @@ router.get('/google', (req, res) => {
        access_type: 'offline',
        prompt: 'consent',  // Ensures you get a refresh token on first login
        scope: scopes,
+        state: robotId.toString(),
    });
    res.redirect(url);
 });

 // Step 2: Handle Google OAuth callback
 router.get('/google/callback', requireSignIn, async (req, res) => {
-    const { code, robotId } = req.query;
+    const { code, state } = req.query;
    try {
-        if (!robotId) {
+        if (!state) {
            return res.status(400).json({ message: 'Robot ID is required' });
        }

+        const robotId = state
+
        // Get access and refresh tokens
        if (typeof code !== 'string') {
            return res.status(400).json({ message: 'Invalid code' });