From 0689c5f84414d609537b4fc5216d958b6e6cadc1 Mon Sep 17 00:00:00 2001 From: TheClashFruit Date: Fri, 15 Sep 2023 17:25:33 +0200 Subject: [PATCH] fix: fix auth --- auth.php | 20 +++++++++++++------- util/Discord.php | 4 ++-- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/auth.php b/auth.php index 3072065..7c54919 100644 --- a/auth.php +++ b/auth.php @@ -8,20 +8,26 @@ if(isset($_GET['code'])) { $res = $discord->validateCode($_GET['code']); - if(!$res->error) { - $_SESSION['access_token'] = $res->access_token; - $_SESSION['refresh_token'] = $res->refresh_token; - $_SESSION['expires_in'] = $res->expires_in; + if(!$res['error']) { + $_SESSION['access_token'] = $res['access_token']; + $_SESSION['refresh_token'] = $res['refresh_token']; + $_SESSION['expires_in'] = $res['expires_in']; - $guilds = $discord->getGuilds($res->access_token); + $guilds = $discord->getGuilds($res['access_token']); - if(!in_array('', $guilds)) { + $guildIds = array(); + + foreach ($guilds as $guild) { + $guildIds[] = $guild['id']; + } + + if(!in_array('1127731341283307520', $guildIds)) { echo json_encode(array( 'error' => true, 'error_description' => 'You are not in the CRSS guild.' )); } else { - $_SESSION['user'] = $discord->getUser($res->access_token); + $_SESSION['user'] = $discord->getUser($res['access_token']); header('Location: /'); } diff --git a/util/Discord.php b/util/Discord.php index fa5b9d9..9076d69 100644 --- a/util/Discord.php +++ b/util/Discord.php @@ -67,7 +67,7 @@ } function getUser($token): array { - $res = $this->curl->newRequest('get', '/users/@me') + $res = $this->curl->newRequest('get', 'https://discord.com/api/v10/users/@me') ->setHeader('Authorization', 'Bearer ' . $token) ->send(); @@ -75,7 +75,7 @@ } function getGuilds($token): array { - $res = $this->curl->newRequest('get', '/users/@me/guilds') + $res = $this->curl->newRequest('get', 'https://discord.com/api/v10/users/@me/guilds') ->setHeader('Authorization', 'Bearer ' . $token) ->send();