Hugging Face's logo

Spaces:
securemy
/
deepsite
Sleeping

App Files Community
deepsite / app /api /auth /route.ts
enzostvs's picture
enzostvs HF Staff
try login diff
4c9abd6
raw
history blame contribute delete
2.03 kB
 import { NextRequest, NextResponse } from "next/server";
export async function POST(req: NextRequest) {
const body = await req.json();
const { code } = body;
if (!code) {
return NextResponse.json(
{ error: "Code is required" },
{
status: 400,
headers: {
"Content-Type": "application/json",
},
}
);
}
const Authorization = `Basic ${Buffer.from(
`${process.env.OAUTH_CLIENT_ID}:${process.env.OAUTH_CLIENT_SECRET}`
).toString("base64")}`;
const host =
req.headers.get("host") ?? req.headers.get("origin") ?? "localhost:3000";
const url = host.includes("/spaces/enzostvs")
? "enzostvs-deepsite.hf.space"
: host;
const redirect_uri =
`${host.includes("localhost") ? "http://" : "https://"}` +
url +
"/auth/callback";
const request_auth = await fetch("https://huggingface.co/oauth/token", {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
Authorization,
},
body: new URLSearchParams({
grant_type: "authorization_code",
code,
redirect_uri,
}),
});
const response = await request_auth.json();
if (!response.access_token) {
return NextResponse.json(
{ error: "Failed to retrieve access token" },
{
status: 400,
headers: {
"Content-Type": "application/json",
},
}
);
}
const userResponse = await fetch("https://huggingface.co/api/whoami-v2", {
headers: {
Authorization: `Bearer ${response.access_token}`,
},
});
if (!userResponse.ok) {
return NextResponse.json(
{ user: null, errCode: userResponse.status },
{ status: userResponse.status }
);
}
const user = await userResponse.json();
return NextResponse.json(
{
access_token: response.access_token,
expires_in: response.expires_in,
user,
},
{
status: 200,
headers: {
"Content-Type": "application/json",
},
}
);
}