fix infinite loop on invalid origin
This commit is contained in:
parent
47e7baa4d5
commit
89f8133da4
|
@ -2,7 +2,11 @@
|
||||||
// for information about these interfaces
|
// for information about these interfaces
|
||||||
declare global {
|
declare global {
|
||||||
namespace App {
|
namespace App {
|
||||||
// interface Error {}
|
// interface Error {
|
||||||
|
// status: number;
|
||||||
|
// message: string;
|
||||||
|
// }
|
||||||
|
|
||||||
interface Locals {
|
interface Locals {
|
||||||
session: boolean;
|
session: boolean;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import { env } from '$env/dynamic/private';
|
import { env } from '$env/dynamic/private';
|
||||||
import type { OAuth2Response } from '$lib/types';
|
import type { OAuth2Response } from '$lib/types';
|
||||||
import { redirect, type Handle } from '@sveltejs/kit';
|
import { error, redirect, type Handle } from '@sveltejs/kit';
|
||||||
import { sequence } from '@sveltejs/kit/hooks';
|
import { sequence } from '@sveltejs/kit/hooks';
|
||||||
|
|
||||||
const protectedRoutes = ['/'];
|
const protectedRoutes = ['/'];
|
||||||
|
@ -55,8 +55,8 @@ const handleAuth: Handle = async ({ resolve, event }) => {
|
||||||
} else if (event.locals.session) return await resolve(event);
|
} else if (event.locals.session) return await resolve(event);
|
||||||
|
|
||||||
if (event.url.origin !== env.ORIGIN) {
|
if (event.url.origin !== env.ORIGIN) {
|
||||||
console.error(`invalid origin: ${event.url.origin}`);
|
console.error(`invalid origin. ${event.url.origin}`);
|
||||||
throw redirect(303, '/login');
|
throw error(403, 'invalid origin');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (event.url.pathname === '/auth/discord') {
|
if (event.url.pathname === '/auth/discord') {
|
||||||
|
|
Loading…
Reference in New Issue