feat(oauth): redirect

author: rtkay123 <dev@kanjala.com> 2026-04-06 20:06:14 +0200
committer: rtkay123 <dev@kanjala.com> 2026-04-06 20:06:14 +0200
commit: cf51cf6f7424a85795bc67b3cece29c806a6d7e0 (patch)
tree: 115a76de126dabf2c912715ef898f482d1bb992b /crates/api-auth
parent: d575e966a422ea87508ef5370b2904f4818c6773 (diff)
download: sellershut-cf51cf6f7424a85795bc67b3cece29c806a6d7e0.tar.bz2
sellershut-cf51cf6f7424a85795bc67b3cece29c806a6d7e0.zip
4 files changed, 35 insertions, 6 deletions
diff --git a/crates/api-auth/Cargo.toml b/crates/api-auth/Cargo.toml
index a0868a5..5ce0647 100644
--- a/crates/api-auth/Cargo.toml
+++ b/crates/api-auth/Cargo.toml
@@ -11,6 +11,7 @@ homepage.workspace = true
 api-core = { workspace = true, features = ["auth", "users"] }
 async-trait.workspace = true
 oauth2 = "5.0.0"
+redis.workspace = true
 secrecy.workspace = true
 serde.workspace = true
 sh-util = { workspace = true, optional = true }
diff --git a/crates/api-auth/src/discord/mod.rs b/crates/api-auth/src/discord/mod.rs
index dbcb139..1a7d47d 100644
--- a/crates/api-auth/src/discord/mod.rs
+++ b/crates/api-auth/src/discord/mod.rs
@@ -1,11 +1,12 @@
 use api_core::models::user::User;
-use async_session::Session;
+use async_session::{Session, serde_json};
 use async_trait::async_trait;
 use oauth2::{CsrfToken, Scope};
-use sh_util::cache::RedisManager;
+use redis::AsyncCommands;
+use sh_util::cache::{CacheKey, RedisManager};
 use sqlx::PgPool;
 
-use crate::{BasicClient, CSRF_TOKEN, OauthDriver, error::AuthError};
+use crate::{BasicClient, CSRF_TOKEN, OauthDriver, SessionResponse, error::AuthError};
 
 #[derive(Clone)]
 pub struct AuthServiceDiscord {
@@ -32,7 +33,7 @@ impl OauthDriver for AuthServiceDiscord {
     async fn get_user(&self) -> Result<User, AuthError> {
         todo!()
     }
-    async fn create_oauth_session(&self) -> Result<String, AuthError> {
+    async fn create_oauth_session(&self) -> Result<SessionResponse, AuthError> {
         let (auth_url, csrf_token) = self
             .client
             .authorize_url(CsrfToken::new_random)
@@ -42,7 +43,22 @@ impl OauthDriver for AuthServiceDiscord {
         let mut session = Session::new();
         session.insert(CSRF_TOKEN, &csrf_token).unwrap();
 
-        Ok(String::default())
+        let cache_key = CacheKey::Session(session.id());
+        let mut cache = self.cache.get().await.unwrap();
+        cache
+            .set::<_, _, ()>(
+                cache_key,
+                serde_json::to_string(&session).or(Err(AuthError::InvalidSession))?,
+            )
+            .await?;
+        let cookie = session
+            .into_cookie_value()
+            .ok_or(AuthError::MissingSession)?;
+
+        Ok(SessionResponse {
+            cookie_value: cookie,
+            auth_url,
+        })
     }
     async fn save_session(&self, user: &User) -> Result<(), AuthError> {
         todo!()
diff --git a/crates/api-auth/src/error.rs b/crates/api-auth/src/error.rs
index ec60e51..72a7fba 100644
--- a/crates/api-auth/src/error.rs
+++ b/crates/api-auth/src/error.rs
@@ -22,4 +22,10 @@ pub enum AuthError {
     InvalidTokenUrl(#[source] oauth2::url::ParseError),
     #[error("invalid redirect url: {0}")]
     InvalidRedirectUrl(#[source] oauth2::url::ParseError),
+    #[error("cache")]
+    Cache(#[from] redis::RedisError),
+    #[error("missing session")]
+    MissingSession,
+    #[error("invalid session")]
+    InvalidSession,
 }
diff --git a/crates/api-auth/src/lib.rs b/crates/api-auth/src/lib.rs
index 367d395..85fdb01 100644
--- a/crates/api-auth/src/lib.rs
+++ b/crates/api-auth/src/lib.rs
@@ -23,17 +23,23 @@ pub struct BasicClient(C);
 pub trait OauthDriver: Send + Sync {
     async fn get_auth_token(&self) -> Result<String, AuthError>;
     async fn get_user(&self) -> Result<User, AuthError>;
-    async fn create_oauth_session(&self) -> Result<String, AuthError>;
+    async fn create_oauth_session(&self) -> Result<SessionResponse, AuthError>;
     async fn save_session(&self, user: &User) -> Result<(), AuthError>;
 }
 
 use oauth2::{AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
 use std::{convert::TryFrom, ops::Deref};
+use url::Url;
 
 use crate::error::AuthError;
 
 static CSRF_TOKEN: &str = "csrf_token";
 
+pub struct SessionResponse {
+    pub cookie_value: String,
+    pub auth_url: Url,
+}
+
 impl Deref for BasicClient {
     type Target = C;
author	rtkay123 <dev@kanjala.com>	2026-04-06 20:06:14 +0200
committer	rtkay123 <dev@kanjala.com>	2026-04-06 20:06:14 +0200
commit	cf51cf6f7424a85795bc67b3cece29c806a6d7e0 (patch)
tree	115a76de126dabf2c912715ef898f482d1bb992b /crates/api-auth
parent	d575e966a422ea87508ef5370b2904f4818c6773 (diff)
download	sellershut-cf51cf6f7424a85795bc67b3cece29c806a6d7e0.tar.bz2 sellershut-cf51cf6f7424a85795bc67b3cece29c806a6d7e0.zip