2 files changed, 7 insertions, 5 deletions

diff --git a/backend/discord.py b/backend/discord.py
index 9cdd2c4..8cb602c 100644
--- a/backend/discord.py
+++ b/backend/discord.py
@@ -2,18 +2,18 @@
 import httpx
 
 from backend.constants import (
-    OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, OAUTH2_REDIRECT_URI
+    OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET
 )
 
 API_BASE_URL = "https://discord.com/api/v8"
 
 
-async def fetch_bearer_token(code: str, *, refresh: bool) -> dict:
+async def fetch_bearer_token(code: str, redirect: str, *, refresh: bool) -> dict:
     async with httpx.AsyncClient() as client:
         data = {
             "client_id": OAUTH2_CLIENT_ID,
             "client_secret": OAUTH2_CLIENT_SECRET,
-            "redirect_uri": OAUTH2_REDIRECT_URI
+            "redirect_uri": f"{redirect}/callback"
         }
 
         if refresh:
diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py
index c6cd86c..65709ab 100644
--- a/backend/routes/auth/authorize.py
+++ b/backend/routes/auth/authorize.py
@@ -87,7 +87,8 @@ class AuthorizeRoute(Route):
         """Generate an authorization token."""
         data = await request.json()
         try:
-            bearer_token = await fetch_bearer_token(data["token"], refresh=False)
+            url = request.headers.get("origin")
+            bearer_token = await fetch_bearer_token(data["token"], url, refresh=False)
         except httpx.HTTPStatusError:
             return AUTH_FAILURE
 
@@ -111,7 +112,8 @@ class TokenRefreshRoute(Route):
         """Refresh an authorization token."""
         try:
             token = request.user.decoded_token.get("refresh")
-            bearer_token = await fetch_bearer_token(token, refresh=True)
+            url = request.headers.get("origin")
+            bearer_token = await fetch_bearer_token(token, url, refresh=True)
         except httpx.HTTPStatusError:
             return AUTH_FAILURE