fix: redirect link for verification handler

Resolves #70
2021-12-08 01:24:07 +05:30
parent cc2e03815c
commit 2f7e6f3dc1
7 changed files with 14 additions and 10 deletions
--- a/server/constants/constants.go
+++ b/server/constants/constants.go
@@ -14,6 +14,7 @@ var (
 	JWT_SECRET                   = ""
 	ALLOWED_ORIGINS              = []string{}
 	AUTHORIZER_URL               = ""
+	APP_URL                      = ""
 	PORT                         = "8080"
 	REDIS_URL                    = ""
 	IS_PROD                      = false
--- a/server/handlers/verifyEmail.go
+++ b/server/handlers/verifyEmail.go
@@ -69,6 +69,6 @@ func VerifyEmailHandler() gin.HandlerFunc {
 			db.Mgr.SaveSession(sessionData)
 		}()
 		utils.SetCookie(c, accessToken)
-		c.Redirect(http.StatusTemporaryRedirect, claim.Host)
+		c.Redirect(http.StatusTemporaryRedirect, claim.RedirectURL)
 	}
 }
--- a/server/main.go
+++ b/server/main.go
@@ -32,6 +32,8 @@ func GinContextToContextMiddleware() gin.HandlerFunc {
 func CORSMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		origin := c.Request.Header.Get("Origin")
+		constants.APP_URL = origin
+
 		c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
 		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
 		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
--- a/server/resolvers/verifyEmail.go
+++ b/server/resolvers/verifyEmail.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"

+	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/enum"
 	"github.com/authorizerdev/authorizer/server/graph/model"
@@ -76,6 +77,8 @@ func VerifyEmail(ctx context.Context, params model.VerifyEmailInput) (*model.Aut
 		},
 	}

+	gc.Request.Header.Set("origin", constants.APP_URL)
+
 	utils.SetCookie(gc, accessToken)

 	return res, nil
--- a/server/utils/cookie.go
+++ b/server/utils/cookie.go
@@ -1,7 +1,6 @@
 package utils

 import (
-	"log"
 	"net/http"

 	"github.com/authorizerdev/authorizer/server/constants"
@@ -11,13 +10,11 @@ import (
 func SetCookie(gc *gin.Context, token string) {
 	secure := true
 	httpOnly := true
-	origin := gc.Request.Header.Get("Origin")
+	origin := constants.APP_URL

 	host := GetHostName(constants.AUTHORIZER_URL)
 	originHost := GetHostName(origin)

-	log.Println("=> cookie host", host, origin)
-
 	gc.SetSameSite(http.SameSiteNoneMode)
 	gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly)
 	gc.SetCookie(constants.COOKIE_NAME+"-client", token, 3600, "/", originHost, secure, httpOnly)
@@ -35,7 +32,7 @@ func GetCookie(gc *gin.Context) (string, error) {
 func DeleteCookie(gc *gin.Context) {
 	secure := true
 	httpOnly := true
-	origin := gc.Request.Header.Get("Origin")
+	origin := constants.APP_URL

 	if !constants.IS_PROD {
 		secure = false
--- a/server/utils/urls.go
+++ b/server/utils/urls.go
@@ -5,7 +5,7 @@ import (
 	"strings"
 )

-// function to get hostname
+// GetHostName function to get hostname
 func GetHostName(auth_url string) string {
 	u, err := url.Parse(auth_url)
 	if err != nil {
--- a/server/utils/verificationToken.go
+++ b/server/utils/verificationToken.go
@@ -8,8 +8,9 @@ import (
 )

 type UserInfo struct {
-	Email string `json:"email"`
-	Host  string `json:"host"`
+	Email       string `json:"email"`
+	Host        string `json:"host"`
+	RedirectURL string `json:"redirect_url"`
 }

 type CustomClaim struct {
@@ -28,7 +29,7 @@ func CreateVerificationToken(email string, tokenType string) (string, error) {
 			ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),
 		},
 		tokenType,
-		UserInfo{Email: email, Host: constants.AUTHORIZER_URL},
+		UserInfo{Email: email, Host: constants.AUTHORIZER_URL, RedirectURL: constants.APP_URL},
 	}

 	return t.SignedString([]byte(constants.JWT_SECRET))