Doc

058280df · Thomas SAUVAGE · bb56ee87 · 058280df
Verified Commit 058280df authored 1 year ago by Thomas SAUVAGE
--- a/app/Controllers/auth/authSigmaUser.ts
+++ b/app/Controllers/auth/authSigmaUser.ts
@@ -28,15 +28,17 @@ export const loginSigmaUser = async ({ response }: HttpContextContract) => {
  const issuer = await Issuer.discover(AUTH_URL)
  const client = new issuer.Client(clientOptions)

-  // Generate and store a codeVerifier,
+  // Generate state and codeVerifier,
  // used in the callback to verify the integrity of the request
  const state = generators.state()
  const codeVerifier = generators.codeVerifier()

+  // Store the codeVerifier in the DB
  AuthCodeVerifier.create({ state, codeVerifier })
-  const codeChallenge = generators.codeChallenge(codeVerifier)

  // Generate the url
+  const codeChallenge = generators.codeChallenge(codeVerifier)
+
  const url = client.authorizationUrl({
    scope: 'openid email profile groups', // What info we want about the user
    code_challenge: codeChallenge,
@@ -93,5 +95,6 @@ export const callbackSigmaUser = async ({ response, request, auth }: HttpContext
  // Generate token using Adonis JS default auth provider
  const token = await auth.use('api').login(user)

+  // TODO: Redirect to the frontend with the token ?
  return response.ok({ token, user })
 }