diff options
| -rw-r--r-- | backend/discord.py | 6 | ||||
| -rw-r--r-- | backend/routes/auth/authorize.py | 6 |
2 files changed, 7 insertions, 5 deletions
diff --git a/backend/discord.py b/backend/discord.py index 9cdd2c4..8cb602c 100644 --- a/backend/discord.py +++ b/backend/discord.py @@ -2,18 +2,18 @@ import httpx from backend.constants import ( - OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, OAUTH2_REDIRECT_URI + OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET ) API_BASE_URL = "https://discord.com/api/v8" -async def fetch_bearer_token(code: str, *, refresh: bool) -> dict: +async def fetch_bearer_token(code: str, redirect: str, *, refresh: bool) -> dict: async with httpx.AsyncClient() as client: data = { "client_id": OAUTH2_CLIENT_ID, "client_secret": OAUTH2_CLIENT_SECRET, - "redirect_uri": OAUTH2_REDIRECT_URI + "redirect_uri": f"{redirect}/callback" } if refresh: diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py index c6cd86c..65709ab 100644 --- a/backend/routes/auth/authorize.py +++ b/backend/routes/auth/authorize.py @@ -87,7 +87,8 @@ class AuthorizeRoute(Route): """Generate an authorization token.""" data = await request.json() try: - bearer_token = await fetch_bearer_token(data["token"], refresh=False) + url = request.headers.get("origin") + bearer_token = await fetch_bearer_token(data["token"], url, refresh=False) except httpx.HTTPStatusError: return AUTH_FAILURE @@ -111,7 +112,8 @@ class TokenRefreshRoute(Route): """Refresh an authorization token.""" try: token = request.user.decoded_token.get("refresh") - bearer_token = await fetch_bearer_token(token, refresh=True) + url = request.headers.get("origin") + bearer_token = await fetch_bearer_token(token, url, refresh=True) except httpx.HTTPStatusError: return AUTH_FAILURE |