mirror of
https://github.com/calli-eve/eve-pi.git
synced 2026-06-11 08:35:41 +02:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 calli
|
f49cc61da4 |
Generated
+1102
-1031
File diff suppressed because it is too large
Load Diff
@@ -255,7 +255,7 @@ export const AccountCard = ({ characters, isCollapsed: propIsCollapsed }: { char
|
||||
const newIds = ids.filter(id => !valid.includes(id));
|
||||
return [...valid, ...newIds];
|
||||
}
|
||||
} catch {}
|
||||
} catch (_) { /* ignore corrupt localStorage */ }
|
||||
return characters.map(c => c.character.characterId);
|
||||
});
|
||||
|
||||
@@ -278,7 +278,7 @@ export const AccountCard = ({ characters, isCollapsed: propIsCollapsed }: { char
|
||||
try {
|
||||
const saved = localStorage.getItem(`collapsedCharacters-${accountName}`);
|
||||
if (saved) return new Set<number>(JSON.parse(saved));
|
||||
} catch {}
|
||||
} catch (_) { /* ignore corrupt localStorage */ }
|
||||
return new Set<number>();
|
||||
});
|
||||
|
||||
|
||||
@@ -19,7 +19,6 @@ export const LoginDialog = ({
|
||||
DEFAULT_SCOPES_TO_SELECT
|
||||
);
|
||||
const [ssoUrl, setSsoUrl] = useState<string | undefined>(undefined);
|
||||
const [loginUrl, setLoginUrl] = useState<string | undefined>(undefined);
|
||||
|
||||
const { EVE_SSO_CLIENT_ID, EVE_SSO_CALLBACK_URL } =
|
||||
useContext(SessionContext);
|
||||
@@ -30,15 +29,6 @@ export const LoginDialog = ({
|
||||
});
|
||||
}, []);
|
||||
|
||||
useEffect(() => {
|
||||
if (!ssoUrl || selectedScopes.length === 0) return;
|
||||
loginParameters(
|
||||
selectedScopes,
|
||||
EVE_SSO_CLIENT_ID,
|
||||
EVE_SSO_CALLBACK_URL
|
||||
).then((res) => setLoginUrl(ssoUrl + "?" + res));
|
||||
}, [selectedScopes, ssoUrl, EVE_SSO_CLIENT_ID, EVE_SSO_CALLBACK_URL]);
|
||||
|
||||
return (
|
||||
<Dialog open={open} onClose={closeDialog}>
|
||||
<DialogTitle>Select scopes to login with</DialogTitle>
|
||||
@@ -59,8 +49,11 @@ export const LoginDialog = ({
|
||||
<DialogActions>
|
||||
<Button
|
||||
variant="contained"
|
||||
disabled={!ssoUrl || selectedScopes.length === 0}
|
||||
onClick={() => {
|
||||
window.open(loginUrl, "_self");
|
||||
if (!ssoUrl) return;
|
||||
const params = loginParameters(selectedScopes, EVE_SSO_CLIENT_ID, EVE_SSO_CALLBACK_URL);
|
||||
window.open(ssoUrl + "?" + params, "_self");
|
||||
}}
|
||||
>
|
||||
Login
|
||||
|
||||
+12
-2
@@ -3,7 +3,7 @@ import "@fontsource/roboto/300.css";
|
||||
import "@fontsource/roboto/400.css";
|
||||
import "@fontsource/roboto/500.css";
|
||||
import "@fontsource/roboto/700.css";
|
||||
import { memo, useCallback, useEffect, useState, Suspense } from "react";
|
||||
import { memo, useCallback, useEffect, useRef, useState, Suspense } from "react";
|
||||
import { AccessToken, CharacterUpdate, Env, PlanetWithInfo } from "../types";
|
||||
import { MainGrid } from "./components/MainGrid";
|
||||
import { refreshToken } from "@/esi-sso";
|
||||
@@ -37,6 +37,7 @@ const processInBatches = async <T, R>(
|
||||
|
||||
const Home = () => {
|
||||
const searchParams = useSearchParams();
|
||||
const callbackHandled = useRef(false);
|
||||
const [characters, setCharacters] = useState<AccessToken[]>([]);
|
||||
const [sessionReady, setSessionReady] = useState(false);
|
||||
const [environment, setEnvironment] = useState<Env | undefined>(undefined);
|
||||
@@ -93,7 +94,16 @@ const Home = () => {
|
||||
characters: AccessToken[],
|
||||
): Promise<AccessToken[]> => {
|
||||
const code = searchParams?.get("code");
|
||||
if (code) {
|
||||
const returnedState = searchParams?.get("state");
|
||||
if (code && !callbackHandled.current) {
|
||||
callbackHandled.current = true;
|
||||
const expectedState = localStorage.getItem("oauth_state");
|
||||
localStorage.removeItem("oauth_state");
|
||||
if (!expectedState || returnedState !== expectedState) {
|
||||
console.error("OAuth state mismatch — possible CSRF attack");
|
||||
window.history.replaceState(null, "", "/");
|
||||
return Promise.resolve(characters);
|
||||
}
|
||||
window.history.replaceState(null, "", "/");
|
||||
const res = await fetch(`api/token?code=${code}`);
|
||||
const newCharacter: AccessToken = await res.json();
|
||||
|
||||
+4
-2
@@ -37,17 +37,19 @@ export const revokeToken = async (
|
||||
});
|
||||
};
|
||||
|
||||
export const loginParameters = async (
|
||||
export const loginParameters = (
|
||||
selectedScopes: string[],
|
||||
EVE_SSO_CLIENT_ID: string,
|
||||
EVE_SSO_CALLBACK_URL: string,
|
||||
) => {
|
||||
const state = crypto.randomUUID();
|
||||
localStorage.setItem("oauth_state", state);
|
||||
return new URLSearchParams({
|
||||
response_type: "code",
|
||||
redirect_uri: EVE_SSO_CALLBACK_URL,
|
||||
client_id: EVE_SSO_CLIENT_ID,
|
||||
scope: selectedScopes.join(" "),
|
||||
state: "asfe",
|
||||
state,
|
||||
}).toString();
|
||||
};
|
||||
|
||||
|
||||
@@ -9,8 +9,22 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
|
||||
});
|
||||
|
||||
try {
|
||||
const praisalRequest: { quantity: number; type_id: number }[] = JSON.parse(
|
||||
req.body
|
||||
const parsed = JSON.parse(req.body);
|
||||
|
||||
if (!Array.isArray(parsed)) {
|
||||
return res.status(400).json({ error: 'Invalid input' });
|
||||
}
|
||||
|
||||
const praisalRequest: { quantity: number; type_id: number }[] = parsed.filter(
|
||||
(item): item is { quantity: number; type_id: number } =>
|
||||
item !== null &&
|
||||
typeof item === 'object' &&
|
||||
typeof item.quantity === 'number' &&
|
||||
Number.isFinite(item.quantity) &&
|
||||
item.quantity >= 0 &&
|
||||
typeof item.type_id === 'number' &&
|
||||
Number.isInteger(item.type_id) &&
|
||||
item.type_id > 0
|
||||
);
|
||||
|
||||
logger.info({
|
||||
@@ -30,7 +44,6 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
|
||||
logger.error({
|
||||
event: 'praisal_request_failed',
|
||||
error: e,
|
||||
body: req.body
|
||||
});
|
||||
return res.status(500).json({ error: 'Failed to get praisal' });
|
||||
}
|
||||
|
||||
@@ -22,7 +22,6 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
|
||||
|
||||
logger.info({
|
||||
event: 'token_request_start',
|
||||
code: code
|
||||
});
|
||||
|
||||
const params = new URLSearchParams({
|
||||
@@ -92,7 +91,6 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
|
||||
event: 'token_request_failed',
|
||||
reason: 'api_error',
|
||||
error: e,
|
||||
code: code
|
||||
});
|
||||
return res.status(500).end();
|
||||
}
|
||||
|
||||
@@ -31,6 +31,7 @@ const CACHE_DURATION_MS = 60_000; // 1 minute
|
||||
const CACHE_STORAGE_KEY = "planet_cache";
|
||||
|
||||
const loadCacheFromStorage = (): Map<string, CachedPlanetData> => {
|
||||
if (typeof window === "undefined") return new Map();
|
||||
try {
|
||||
const stored = localStorage.getItem(CACHE_STORAGE_KEY);
|
||||
if (stored) {
|
||||
@@ -44,6 +45,7 @@ const loadCacheFromStorage = (): Map<string, CachedPlanetData> => {
|
||||
};
|
||||
|
||||
const saveCacheToStorage = (cache: Map<string, CachedPlanetData>) => {
|
||||
if (typeof window === "undefined") return;
|
||||
try {
|
||||
const obj = Object.fromEntries(cache);
|
||||
localStorage.setItem(CACHE_STORAGE_KEY, JSON.stringify(obj));
|
||||
|
||||
Reference in New Issue
Block a user