From 302677e41fea4befb88597787b00f7f60088cd3b Mon Sep 17 00:00:00 2001 From: TheClashFruit Date: Fri, 15 Sep 2023 17:10:03 +0200 Subject: [PATCH] feat: auth --- auth.php | 36 ++++++++++++++++++++++++++ index.php | 4 +++ util/Auth.php | 15 ----------- util/Discord.php | 67 +++++++++++++++++++++++++++++++++--------------- 4 files changed, 87 insertions(+), 35 deletions(-) create mode 100644 auth.php delete mode 100644 util/Auth.php diff --git a/auth.php b/auth.php new file mode 100644 index 0000000..3072065 --- /dev/null +++ b/auth.php @@ -0,0 +1,36 @@ +validateCode($_GET['code']); + + if(!$res->error) { + $_SESSION['access_token'] = $res->access_token; + $_SESSION['refresh_token'] = $res->refresh_token; + $_SESSION['expires_in'] = $res->expires_in; + + $guilds = $discord->getGuilds($res->access_token); + + if(!in_array('', $guilds)) { + echo json_encode(array( + 'error' => true, + 'error_description' => 'You are not in the CRSS guild.' + )); + } else { + $_SESSION['user'] = $discord->getUser($res->access_token); + + header('Location: /'); + } + } else { + echo json_encode($res); + } + } else { + echo json_encode(array( + 'error' => true, + 'error_description' => 'No code provided.' + )); + } \ No newline at end of file diff --git a/index.php b/index.php index 1090e38..201e1fc 100644 --- a/index.php +++ b/index.php @@ -1,5 +1,9 @@ discord = $discord; - } - - function getLoggedInUser() { - - } - } \ No newline at end of file diff --git a/util/Discord.php b/util/Discord.php index d82cc01..acc6de5 100644 --- a/util/Discord.php +++ b/util/Discord.php @@ -2,22 +2,10 @@ use anlutro\cURL\cURL; class Discord { - /** - * @var string - */ - private $client; - /** - * @var string - */ - private $secret; - /** - * @var string - */ - private $redirect; - /** - * @var cURL - */ - private $curl; + private string $client; + private string $secret; + private string $redirect; + private cURL $curl; function __construct($client, $secret, $redirect) { $this->client = $client; @@ -27,10 +15,8 @@ $this->curl = new anlutro\cURL\cURL; } - function ValidateCode($code) { - $curl = $this->curl; - - $res = $curl->post('', [ + function validateCode($code): array { + $res = $this->curl->post('https://discord.com/api/v10/oauth2/token', [ 'client_id' => $this->client, 'client_secret' => $this->secret, 'grant_type' => 'authorization_code', @@ -54,4 +40,45 @@ ); } } + + function refreshToken($refresh_token): array { + $res = $this->curl->post('https://discord.com/api/oauth2/token', [ + 'client_id' => $this->client, + 'client_secret' => $this->secret, + 'grant_type' => 'authorization_code', + 'refresh_token' => $refresh_token + ]); + + $json = json_decode($res->body, true); + + if($json['error']) { + return array( + 'error' => true, + 'error_description' => $json['error_description'] + ); + } else { + return array( + 'error' => false, + 'access_token' => $json['access_token'], + 'refresh_token' => $json['refresh_token'], + 'expires_in' => $json['expires_in'] + ); + } + } + + function getUser($token): array { + $res = $this->curl->newRequest('get', '/users/@me') + ->setHeader('Authorization', 'Bearer ' . $token) + ->send(); + + return json_decode($res->body, true); + } + + function getGuilds($token): array { + $res = $this->curl->newRequest('get', '/users/@me/guilds') + ->setHeader('Authorization', 'Bearer ' . $token) + ->send(); + + return json_decode($res->body, true); + } } \ No newline at end of file