From d9c07c01159c4f955fa7a13078df8a4d91125aba Mon Sep 17 00:00:00 2001
From: Pablo Fernandez <p@f7z.io>
Date: Tue, 2 Jan 2024 13:54:56 +0000
Subject: [PATCH] redirect to callback on auth

---
 src/daemon/web/authorize.ts          | 10 ++++++++--
 templates/authorizeRequest.handlebar | 13 ++++++++++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/daemon/web/authorize.ts b/src/daemon/web/authorize.ts
index cc2639f..e54fa2a 100644
--- a/src/daemon/web/authorize.ts
+++ b/src/daemon/web/authorize.ts
@@ -53,6 +53,8 @@ export async function authorizeRequestWebHandler(request, reply) {
         const method = record.method;
         let nip05: string | undefined;
 
+        debug({callbackUrl})
+
         if (method === "create_account") {
             const [ username, domain, email ] = JSON.parse(record.params!);
             nip05 = `${username}@${domain}`;
@@ -102,6 +104,8 @@ export async function validateRequest(request, record) {
         debug("Provided password didn't match")
         throw new Error("Invalid password");
     }
+
+    return userRecord;
 }
 
 export async function processRequestWebHandler(request, reply) {
@@ -113,8 +117,10 @@ export async function processRequestWebHandler(request, reply) {
         return;
     }
 
+    let userRecord;
+
     try {
-        await validateRequest(request, record);
+        userRecord = await validateRequest(request, record);
     } catch (e: any) {
         reply.status(401);
         reply.type("application/json");
@@ -150,7 +156,7 @@ export async function processRequestWebHandler(request, reply) {
         );
     }
 
-    return { ok: true };
+    return { ok: true, pubkey: userRecord.pubkey };
 }
 
 export async function processRegistrationWebHandler(request, reply) {
diff --git a/templates/authorizeRequest.handlebar b/templates/authorizeRequest.handlebar
index 2058072..1b2f40e 100644
--- a/templates/authorizeRequest.handlebar
+++ b/templates/authorizeRequest.handlebar
@@ -13,9 +13,13 @@
         function sendPostRequest(permissions) {
         const url = '/requests/{{record.id}}';
         const password = document.getElementById('password').value;
+        let callbackUrl;
+        {{#if callbackUrl}}
+        callbackUrl = '{{callbackUrl}}';
+        {{/if}}
         const data = {
             permissions,
-            password
+            password,
         };
 
         fetch(url, {
@@ -38,6 +42,13 @@
             // hide main content and show close message
             document.getElementById('main').classList.add('hidden');
             document.getElementById('closeit').classList.remove('hidden');
+
+            // redirect to callback url
+            if (callbackUrl) {
+                const url = new URL(callbackUrl);
+                url.searchParams.append('pubkey', data.pubkey);
+                window.location.href = url.toString();
+            }
         })
         .catch((error) => {
             console.error('Error:', error);