Hugging Face's logo

Spaces:
drbh
/
hugex-gh
Running

App Files Community
hugex-gh / app /routes /auth.huggingface.tsx
drbh
feat: refactor for linking
dc06026
raw
history blame contribute delete
2.35 kB
 import { redirect } from "@remix-run/node";
import type { LoaderFunctionArgs } from "@remix-run/node";
import { huggingFaceOAuth } from "~/lib/huggingface-oauth.server";
import { generateRandomString, createCodeChallenge } from "~/lib/oauth-utils.server";
import { getUserSession } from "~/lib/session.server";
export async function loader({ request }: LoaderFunctionArgs) {
console.log('πŸ”₯ HuggingFace OAuth login route hit');
// Check if HuggingFace OAuth is configured
if (!huggingFaceOAuth.isConfigured()) {
console.error('❌ HuggingFace OAuth not configured');
return redirect('/?error=hf_oauth_not_configured');
}
const url = new URL(request.url);
const returnTo = url.searchParams.get('returnTo') || '/';
// Check for existing user session to see if account linking is in progress
const userSession = await getUserSession(request);
if (userSession?.huggingface) {
console.log('ℹ️ User already has HuggingFace auth in session');
// Check if this is an account linking flow
if (returnTo.includes('link=true')) {
console.log('πŸ”„ Re-authenticating for account linking purposes');
} else {
// Already authenticated with HF, redirect to return URL
console.log('βœ… Already authenticated with HuggingFace, redirecting');
return redirect(returnTo);
}
}
// Generate PKCE parameters for security
const state = generateRandomString(32);
const codeVerifier = generateRandomString(128);
const codeChallenge = await createCodeChallenge(codeVerifier);
// Get authorization URL
const authUrl = huggingFaceOAuth.getAuthorizationUrl(state, codeChallenge);
console.log('πŸ”„ Redirecting to HuggingFace OAuth authorization URL');
// Create response with redirect and secure cookies for PKCE
const response = redirect(authUrl);
// Store PKCE data and return URL in secure HttpOnly cookies
const cookieOptions = 'Path=/; HttpOnly; SameSite=Lax; Max-Age=600'; // 10 minutes
response.headers.append('Set-Cookie', `hf_oauth_state=${state}; ${cookieOptions}`);
response.headers.append('Set-Cookie', `hf_oauth_code_verifier=${codeVerifier}; ${cookieOptions}`);
response.headers.append('Set-Cookie', `hf_oauth_return_to=${encodeURIComponent(returnTo)}; ${cookieOptions}`);
console.log('βœ… HuggingFace OAuth cookies set');
return response;
}