57 lines
1.9 KiB
JavaScript
57 lines
1.9 KiB
JavaScript
const DiscordStrategy = require('passport-discord').Strategy;
|
|
const db = require('../db');
|
|
|
|
module.exports = (passport) => {
|
|
passport.use(new DiscordStrategy({
|
|
clientID: process.env.DISCORD_CLIENT_ID,
|
|
clientSecret: process.env.DISCORD_CLIENT_SECRET,
|
|
callbackURL: `${process.env.APP_URL}/auth/discord/callback`,
|
|
scope: ['identify'],
|
|
},
|
|
async (accessToken, refreshToken, profile, done) => {
|
|
try {
|
|
const avatar = profile.avatar
|
|
? `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png`
|
|
: null;
|
|
|
|
// User in DB upserten — speichert username + avatar für deserializeUser
|
|
await db.query(
|
|
`INSERT INTO users (discord_id, username, avatar)
|
|
VALUES (?, ?, ?)
|
|
ON DUPLICATE KEY UPDATE username=VALUES(username), avatar=VALUES(avatar)`,
|
|
[profile.id, profile.username, avatar]
|
|
);
|
|
|
|
const isAdmin = (await db.query(
|
|
'SELECT discord_id FROM admin_whitelist WHERE discord_id = ?',
|
|
[profile.id]
|
|
)).length > 0;
|
|
|
|
return done(null, { id: profile.id, username: profile.username, avatar, isAdmin });
|
|
} catch (err) {
|
|
return done(err, null);
|
|
}
|
|
}));
|
|
|
|
// Nur die Discord-ID in der Session — der Cookie bleibt winzig
|
|
passport.serializeUser((user, done) => done(null, user.id));
|
|
|
|
// Bei jedem Request alles frisch aus der DB laden
|
|
passport.deserializeUser(async (id, done) => {
|
|
try {
|
|
const users = await db.query(
|
|
'SELECT discord_id, username, avatar FROM users WHERE discord_id = ?', [id]
|
|
);
|
|
if (!users.length) return done(null, false);
|
|
|
|
const isAdmin = (await db.query(
|
|
'SELECT discord_id FROM admin_whitelist WHERE discord_id = ?', [id]
|
|
)).length > 0;
|
|
|
|
done(null, { id, username: users[0].username, avatar: users[0].avatar, isAdmin });
|
|
} catch (e) {
|
|
done(e, null);
|
|
}
|
|
});
|
|
};
|