DataHearth
/
tech-bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

fix infinite loop on invalid origin

This commit is contained in:
DataHearth 2023-08-09 16:22:52 +02:00
parent 47e7baa4d5
commit 89f8133da4
No known key found for this signature in database
GPG Key ID: E88FD356ACC5F3C4
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
frontend/src/app.d.ts vendored
View File

@ -2,7 +2,11 @@
// for information about these interfaces
declare global {
namespace App {
// interface Error {}
// interface Error {
// status: number;
// message: string;
// }
interface Locals {
session: boolean;
}

6
frontend/src/hooks.server.ts
View File

@ -1,6 +1,6 @@
import { env } from '$env/dynamic/private';
import type { OAuth2Response } from '$lib/types';
import { redirect, type Handle } from '@sveltejs/kit';
import { error, redirect, type Handle } from '@sveltejs/kit';
import { sequence } from '@sveltejs/kit/hooks';
const protectedRoutes = ['/'];
@ -55,8 +55,8 @@ const handleAuth: Handle = async ({ resolve, event }) => {
} else if (event.locals.session) return await resolve(event);
if (event.url.origin !== env.ORIGIN) {
console.error(`invalid origin: ${event.url.origin}`);
throw redirect(303, '/login');
console.error(`invalid origin. ${event.url.origin}`);
throw error(403, 'invalid origin');
}
if (event.url.pathname === '/auth/discord') {