Implemented authentication to strava. Implemented storage of token da…

…ta as encrypted session cookies.
RyanPark44 · Apr 14, 2024 · 08ca0b4 · 08ca0b4
1 parent 2008db9
commit 08ca0b4
Show file tree

Hide file tree

Showing 13 changed files with 219 additions and 121 deletions.
diff --git a/app/api/exchange_token/route.ts b/app/api/exchange_token/route.ts
@@ -0,0 +1,37 @@
+import { redirect } from 'next/navigation';
+import { login } from '@/lib';
+
+export const GET = async (req: Request) => {
+    // Get the auth code and scope from the query string
+    const url = new URL(req.url);
+    const params = new URLSearchParams(url.search);
+    const error = params.get("error");
+    const authCode = params.get("code");
+    const scope = params.get("scope");
+    if (error || !authCode) {
+        console.error("error", error);
+        redirect("/login/error");
+    }
+    if (scope !== "read,activity:read_all") {
+        console.error("scope", scope);
+        redirect("/login/error");
+    }
+
+    // Exchange the auth code for an access token
+    const token_response = await fetch("https://www.strava.com/oauth/token", {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+            client_id: process.env.CLIENT_ID,
+            client_secret: process.env.CLIENT_SECRET,
+            code: authCode,
+            grant_type: "authorization_code",
+        }),
+    });
+    const token_data = await token_response.json();
+    console.log("token_data", token_data);
+    await login(token_data);
+    redirect(`/user/${token_data.athlete.id}?first_name=${token_data.athlete.firstname}`);
+}
diff --git a/app/globals.css b/app/globals.css
@@ -17,13 +17,6 @@
 }
 
 body {
-  color: rgb(var(--foreground-rgb));
-  background: linear-gradient(
-      to bottom,
-      transparent,
-      rgb(var(--background-end-rgb))
-    )
-    rgb(var(--background-start-rgb));
 }
 
 @layer utilities {

diff --git a/app/layout.tsx b/app/layout.tsx
@@ -15,7 +15,7 @@ export default function RootLayout({
   children: React.ReactNode;
 }>) {
   return (
-    <html lang="en">
+    <html lang="en" data-theme="night">
       <body className={inter.className}>{children}</body>
     </html>
   );

diff --git a/app/login/error/page.tsx b/app/login/error/page.tsx
@@ -0,0 +1,9 @@
+import React from 'react'
+
+const page = () => {
+  return (
+    <h1>Login was unsuccessful.</h1>
+  )
+}
+
+export default page
diff --git a/app/login/page.tsx b/app/login/page.tsx
@@ -0,0 +1,18 @@
+import React from "react";
+import Link from "next/link";
+
+const redirectUri = "http://localhost:3000/api/exchange_token";
+const stravaUrl = `http://www.strava.com/oauth/authorize?client_id=${process.env.CLIENT_ID}&response_type=code&redirect_uri=${redirectUri}&approval_prompt=force&scope=activity:read_all`;
+
+const page = () => {
+  return (
+    <>
+      <h1>Welcome to VO2 Max Calculator</h1>
+      <Link className="btn btn-primary" href={stravaUrl}>
+        Login to Strava
+      </Link>
+    </>
+  );
+};
+
+export default page;
diff --git a/app/login/success/page.tsx b/app/login/success/page.tsx
@@ -0,0 +1,9 @@
+import React from 'react'
+
+const page = () => {
+  return (
+    <h1>Successfully logged in</h1>
+  )
+}
+
+export default page
diff --git a/app/page.tsx b/app/page.tsx
@@ -2,112 +2,8 @@ import Image from "next/image";
 
 export default function Home() {
   return (
-    <main className="flex min-h-screen flex-col items-center justify-between p-24">
-      <div className="z-10 w-full max-w-5xl items-center justify-between font-mono text-sm lg:flex">
-        <p className="fixed left-0 top-0 flex w-full justify-center border-b border-gray-300 bg-gradient-to-b from-zinc-200 pb-6 pt-8 backdrop-blur-2xl dark:border-neutral-800 dark:bg-zinc-800/30 dark:from-inherit lg:static lg:w-auto  lg:rounded-xl lg:border lg:bg-gray-200 lg:p-4 lg:dark:bg-zinc-800/30">
-          Get started by editing&nbsp;
-          <code className="font-mono font-bold">app/page.tsx</code>
-        </p>
-        <div className="fixed bottom-0 left-0 flex h-48 w-full items-end justify-center bg-gradient-to-t from-white via-white dark:from-black dark:via-black lg:static lg:size-auto lg:bg-none">
-          <a
-            className="pointer-events-none flex place-items-center gap-2 p-8 lg:pointer-events-auto lg:p-0"
-            href="https://vercel.com?utm_source=create-next-app&utm_medium=appdir-template&utm_campaign=create-next-app"
-            target="_blank"
-            rel="noopener noreferrer"
-          >
-            By{" "}
-            <Image
-              src="/vercel.svg"
-              alt="Vercel Logo"
-              className="dark:invert"
-              width={100}
-              height={24}
-              priority
-            />
-          </a>
-        </div>
-      </div>
-
-      <div className="relative z-[-1] flex place-items-center before:absolute before:h-[300px] before:w-full before:-translate-x-1/2 before:rounded-full before:bg-gradient-radial before:from-white before:to-transparent before:blur-2xl before:content-[''] after:absolute after:-z-20 after:h-[180px] after:w-full after:translate-x-1/3 after:bg-gradient-conic after:from-sky-200 after:via-blue-200 after:blur-2xl after:content-[''] before:dark:bg-gradient-to-br before:dark:from-transparent before:dark:to-blue-700 before:dark:opacity-10 after:dark:from-sky-900 after:dark:via-[#0141ff] after:dark:opacity-40 sm:before:w-[480px] sm:after:w-[240px] before:lg:h-[360px]">
-        <Image
-          className="relative dark:drop-shadow-[0_0_0.3rem_#ffffff70] dark:invert"
-          src="/next.svg"
-          alt="Next.js Logo"
-          width={180}
-          height={37}
-          priority
-        />
-      </div>
-
-      <div className="mb-32 grid text-center lg:mb-0 lg:w-full lg:max-w-5xl lg:grid-cols-4 lg:text-left">
-        <a
-          href="https://nextjs.org/docs?utm_source=create-next-app&utm_medium=appdir-template&utm_campaign=create-next-app"
-          className="group rounded-lg border border-transparent px-5 py-4 transition-colors hover:border-gray-300 hover:bg-gray-100 hover:dark:border-neutral-700 hover:dark:bg-neutral-800/30"
-          target="_blank"
-          rel="noopener noreferrer"
-        >
-          <h2 className="mb-3 text-2xl font-semibold">
-            Docs{" "}
-            <span className="inline-block transition-transform group-hover:translate-x-1 motion-reduce:transform-none">
-              -&gt;
-            </span>
-          </h2>
-          <p className="m-0 max-w-[30ch] text-sm opacity-50">
-            Find in-depth information about Next.js features and API.
-          </p>
-        </a>
-
-        <a
-          href="https://nextjs.org/learn?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
-          className="group rounded-lg border border-transparent px-5 py-4 transition-colors hover:border-gray-300 hover:bg-gray-100 hover:dark:border-neutral-700 hover:dark:bg-neutral-800/30"
-          target="_blank"
-          rel="noopener noreferrer"
-        >
-          <h2 className="mb-3 text-2xl font-semibold">
-            Learn{" "}
-            <span className="inline-block transition-transform group-hover:translate-x-1 motion-reduce:transform-none">
-              -&gt;
-            </span>
-          </h2>
-          <p className="m-0 max-w-[30ch] text-sm opacity-50">
-            Learn about Next.js in an interactive course with&nbsp;quizzes!
-          </p>
-        </a>
-
-        <a
-          href="https://vercel.com/templates?framework=next.js&utm_source=create-next-app&utm_medium=appdir-template&utm_campaign=create-next-app"
-          className="group rounded-lg border border-transparent px-5 py-4 transition-colors hover:border-gray-300 hover:bg-gray-100 hover:dark:border-neutral-700 hover:dark:bg-neutral-800/30"
-          target="_blank"
-          rel="noopener noreferrer"
-        >
-          <h2 className="mb-3 text-2xl font-semibold">
-            Templates{" "}
-            <span className="inline-block transition-transform group-hover:translate-x-1 motion-reduce:transform-none">
-              -&gt;
-            </span>
-          </h2>
-          <p className="m-0 max-w-[30ch] text-sm opacity-50">
-            Explore starter templates for Next.js.
-          </p>
-        </a>
-
-        <a
-          href="https://vercel.com/new?utm_source=create-next-app&utm_medium=appdir-template&utm_campaign=create-next-app"
-          className="group rounded-lg border border-transparent px-5 py-4 transition-colors hover:border-gray-300 hover:bg-gray-100 hover:dark:border-neutral-700 hover:dark:bg-neutral-800/30"
-          target="_blank"
-          rel="noopener noreferrer"
-        >
-          <h2 className="mb-3 text-2xl font-semibold">
-            Deploy{" "}
-            <span className="inline-block transition-transform group-hover:translate-x-1 motion-reduce:transform-none">
-              -&gt;
-            </span>
-          </h2>
-          <p className="m-0 max-w-[30ch] text-balance text-sm opacity-50">
-            Instantly deploy your Next.js site to a shareable URL with Vercel.
-          </p>
-        </a>
-      </div>
-    </main>
+    <>
+      <h1>You are now on the home page</h1>
+    </>
   );
 }
diff --git a/app/user/[id]/page.tsx b/app/user/[id]/page.tsx
@@ -0,0 +1,18 @@
+import React from "react";
+import { getSession } from "@/lib";
+
+const Greeting = () => {
+    return <h1>Welcome</h1>;
+};
+
+const page = async () => {
+    const session = await getSession();
+    return(
+    <>
+        {Greeting()}
+        <pre>{JSON.stringify(session, null, 2)}</pre>
+    </>
+    ) 
+};
+
+export default page;
diff --git a/lib.ts b/lib.ts
@@ -0,0 +1,53 @@
+import { SignJWT, jwtVerify } from "jose";
+import { cookies } from "next/headers";
+import { NextRequest, NextResponse } from "next/server";
+
+const secretKey = "secret";
+const key = new TextEncoder().encode(secretKey);
+
+export async function encrypt(payload: any) {
+  return await new SignJWT(payload)
+    .setProtectedHeader({ alg: "HS256" })
+    .setIssuedAt()
+    .setExpirationTime("15 minutes from now")
+    .sign(key);
+}
+
+export async function decrypt(input: string): Promise<any> {
+  const { payload } = await jwtVerify(input, key, {
+    algorithms: ["HS256"],
+  });
+  return payload;
+}
+
+export async function login(userData: any) {
+  const expires = new Date(Date.now() + 20 * 60 * 1000);
+  const session = await encrypt({ userData, expires });
+  cookies().set("session", session, { expires, httpOnly: true });
+}
+
+export async function logout() {
+  cookies().set("session", "", { expires: new Date(0) });
+}
+
+export async function getSession() {
+  const session = cookies().get("session")?.value;
+  if (!session) return null;
+  return await decrypt(session);
+}
+
+export async function updateSession(request: NextRequest) {
+  const session = request.cookies.get("session")?.value;
+  if (!session) return null;
+
+  const parsed = await decrypt(session);
+  parsed.expires = new Date(Date.now() + 20 * 60 * 1000);
+  const res = NextResponse.next();
+  res.cookies.set({
+    name: "session",
+    value: await encrypt(parsed),
+    expires: parsed.expires,
+    httpOnly: true,
+  });
+  return res;
+}
diff --git a/middleware.ts b/middleware.ts
@@ -0,0 +1,6 @@
+import { NextRequest } from 'next/server';
+import { updateSession } from './lib';
+
+export async function middleware(request: NextRequest) {
+  return await updateSession(request);
+}
diff --git a/package-lock.json b/package-lock.json