better discord auth

2023-05-25 17:58:47 +03:00 · 2023-05-25 17:58:47 +03:00 · 31b0e86d09
parent dced1b0a02
commit 31b0e86d09
11 changed files with 14 additions and 15 deletions
--- a/.env.example
+++ b/.env.example
@ -1,6 +1,7 @@
 MONGO_DB_URL = mongodb://localhost:27017/akf-forum
 SECRET = secret
 DISCORD_SECRET = yourDiscordSecret
+DISCORD_ID = yourDiscordId
 EMAIL_USER =
 EMAIL_PASS = 
 EMAIL_SERVICE = 
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -20,7 +20,7 @@
                "browser": true
            },
            "files": [
-                "public/**"
+                "src/public/js/*"
            ]
        }
    ]
--- a/README.md
+++ b/README.md
@ -17,8 +17,8 @@ Edit `config.json` for default theme for users, forum name, meta description, ch
 Additional note for themes: If a theme has not got any .ejs file, it will use default theme's .ejs files. default theme is in themes folder, named as `common`.

 ### DISCORD AUTH: 
-`"discord_auth": "your_app_id"` in config.json.
-Add your app secret to `.env` as `DISCORD_SECRET`.
+`"discord_auth": true` in config.json.
+Add your app secret and app id to `.env` as `DISCORD_SECRET` and `DISCORD_ID`.
 Create a redirect url in discord developer portal:
 `https://forum_url.com/auth/discord`

@ -64,6 +64,7 @@ Akf-forum has got an API for AJAX (fetch), other clients etc. And, you can learn
 - add used open source libraries to README.md
 - send public to common/public
 - new screenshoots
+- user.ejs for per theme
 ### front-end
 - text alling center body
 - add a css file for CodeMirror in threads / send message ok
--- a/config.json.example
+++ b/config.json.example
@ -16,7 +16,7 @@
        "max": 25,
        "windowMs": 60000
    },
-    "discord_auth": "",
+    "discord_auth": false,
    "default_thread_state": "OPEN",
    "default_user_state": "ACTIVE",
    "email_auth": false,
--- a/src/index.js
+++ b/src/index.js
@ -71,7 +71,7 @@ app.use(express.static(join(__dirname, "public")), express.json(), express.urlen
 );

 if (discord_auth)
-    app.set("discord_auth", `https://discord.com/api/oauth2/authorize?client_id=${discord_auth}&redirect_uri=${host}%2Fauth%2Fdiscord&response_type=code&scope=identify`);
+    app.set("DISCORD_AUTH_URL", `https://discord.com/api/oauth2/authorize?client_id=${process.env.DISCORD_ID}&redirect_uri=${host}%2Fauth%2Fdiscord&response_type=code&scope=identify`);

 for (const file of fs.readdirSync(join(__dirname, "routes")))
    app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
--- a/src/routes/auth.js
+++ b/src/routes/auth.js
@ -2,10 +2,10 @@ const { Router } = require("express")
 const { UserModel } = require("../models");
 const fetch = require("node-fetch");
 const app = Router();
-const { host, discord_auth, email_auth } = require("../../config.json")
+const { host, email_auth } = require("../../config.json")

 app.get("/discord", async (req, res) => {
-    const client_id = discord_auth;
+    const client_id = process.env.DISCORD_ID;
    if (!client_id) return res.error(404, "Discord auth is disabled")
    const { code } = req.query;
    if (!code) return res.error(400, "No code provided");
--- a/src/routes/login.js
+++ b/src/routes/login.js
@ -3,7 +3,7 @@ const { Router } = require("express");
 const app = Router();
 const bcrypt = require("bcrypt");

-app.get("/", (req, res) => res.reply("login", { redirect: req.query.redirect, user: null, discord: req.app.get("discord_auth") }));
+app.get("/", (req, res) => res.reply("login", { redirect: req.query.redirect, user: null, discord: req.app.get("DISCORD_AUTH_URL") }));

 app.post("/", async (req, res) => {
    req.session.userID = null;
--- a/src/routes/register.js
+++ b/src/routes/register.js
@ -4,7 +4,7 @@ const bcrypt = require("bcrypt");
 const { RL, transporter, emailRegEx, getGravatar } = require('../lib');
 const app = Router();
 const { email_auth, forum_name, host } = require("../../config.json");
-app.get("/", (req, res) => res.reply("register", { user: null, discord: req.app.get("discord_auth"), mail: email_auth }));
+app.get("/", (req, res) => res.reply("register", { user: null, discord: req.app.get("DISCORD_AUTH_URL"), mail: email_auth }));

 app.post("/", RL(24 * 60 * 60_000, 5), async (req, res) => {

--- a/src/routes/users.js
+++ b/src/routes/users.js
@ -28,7 +28,7 @@ app.get("/:id", async (req, res) => {

        const message = await MessageModel.count({ authorID: id });
        const thread = await ThreadModel.count({ authorID: id });
-        res.reply("user", { member, counts: { message, thread }, discord: req.app.get("discord_auth") })
+        res.reply("user", { member, counts: { message, thread }, discord: req.app.get("DISCORD_AUTH_URL") })
    }
    else res.error(404, `We don't have any user with id ${id}.`);

--- a/src/themes/common/views/setup.ejs
+++ b/src/themes/common/views/setup.ejs
@ -22,10 +22,7 @@
    <input class="input" type="text" name="default_thread_state" value="ACTIVE" required>
    Domain of the forum, defaulty setted:
    <input class="input" type="text" name="host" id="domain" value="Akf-forum!" required>
-    <hr>
-    (Optional) Discord app ID for Discord login:
-    <input class="input" type="text" name="discord_auth">
-    
+   
    <input type="submit" class="btn-primary" value="Setup">
  </form>
  <script>
--- a/src/themes/common/views/user.ejs
+++ b/src/themes/common/views/user.ejs
@ -14,7 +14,7 @@

  <div class="usercontent">

-    <%- include(dataset.getFile(dataset.theme.codename +"/extra/usermenu")) %>
+    <%- include(dataset.getFile(dataset.theme.codename +"/views/extra/usermenu")) %>
    <div class="userbox" style="justify-content:center;">
      <img style="width:150px;height:150px;border-radius:50%;" src="<%=member.avatar %>">
    </div>