fix infinite loop on invalid origin
This commit is contained in:
parent
47e7baa4d5
commit
89f8133da4
|
@ -2,7 +2,11 @@
|
|||
// for information about these interfaces
|
||||
declare global {
|
||||
namespace App {
|
||||
// interface Error {}
|
||||
// interface Error {
|
||||
// status: number;
|
||||
// message: string;
|
||||
// }
|
||||
|
||||
interface Locals {
|
||||
session: boolean;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
import { env } from '$env/dynamic/private';
|
||||
import type { OAuth2Response } from '$lib/types';
|
||||
import { redirect, type Handle } from '@sveltejs/kit';
|
||||
import { error, redirect, type Handle } from '@sveltejs/kit';
|
||||
import { sequence } from '@sveltejs/kit/hooks';
|
||||
|
||||
const protectedRoutes = ['/'];
|
||||
|
@ -55,8 +55,8 @@ const handleAuth: Handle = async ({ resolve, event }) => {
|
|||
} else if (event.locals.session) return await resolve(event);
|
||||
|
||||
if (event.url.origin !== env.ORIGIN) {
|
||||
console.error(`invalid origin: ${event.url.origin}`);
|
||||
throw redirect(303, '/login');
|
||||
console.error(`invalid origin. ${event.url.origin}`);
|
||||
throw error(403, 'invalid origin');
|
||||
}
|
||||
|
||||
if (event.url.pathname === '/auth/discord') {
|
||||
|
|
Loading…
Reference in New Issue