diff --git a/knockoutwhistfrontend b/knockoutwhistfrontend index c2dfa0e..cd950e9 160000 --- a/knockoutwhistfrontend +++ b/knockoutwhistfrontend @@ -1 +1 @@ -Subproject commit c2dfa0e701db7c7471392a6ddd4e90503ecb2de2 +Subproject commit cd950e952117cebe0ec46a18fc5b2cf90b247766 diff --git a/knockoutwhistweb/app/controllers/OpenIDController.scala b/knockoutwhistweb/app/controllers/OpenIDController.scala index 589d0d9..463fb82 100644 --- a/knockoutwhistweb/app/controllers/OpenIDController.scala +++ b/knockoutwhistweb/app/controllers/OpenIDController.scala @@ -58,17 +58,33 @@ class OpenIDController @Inject()( } yield { openIDService.exchangeCodeForTokens(provider, authCode, sessionState.get).flatMap { case Some(tokenResponse) => - openIDService.getUserInfo(provider, tokenResponse.accessToken).map { + openIDService.getUserInfo(provider, tokenResponse.accessToken).flatMap { case Some(userInfo) => - // Store user info in session for username selection - Redirect(config.get[String]("openid.selectUserRoute")) - .withSession( - "oauth_user_info" -> Json.toJson(userInfo).toString(), - "oauth_provider" -> provider, - "oauth_access_token" -> tokenResponse.accessToken - ) + // Check if user already exists + userManager.authenticateOpenID(provider, userInfo.id) match { + case Some(user) => + // User already exists, log them in + val sessionToken = sessionManager.createSession(user) + Future.successful(Redirect(config.getOptional[String]("openid.mainRoute").getOrElse("/")) + .withCookies(Cookie( + name = "accessToken", + value = sessionToken, + httpOnly = true, + secure = false, + sameSite = Some(Lax) + )) + .removingFromSession("oauth_state", "oauth_nonce", "oauth_provider", "oauth_access_token")) + case None => + // New user, redirect to username selection + Future.successful(Redirect(config.get[String]("openid.selectUserRoute")) + .withSession( + "oauth_user_info" -> Json.toJson(userInfo).toString(), + "oauth_provider" -> provider, + "oauth_access_token" -> tokenResponse.accessToken + )) + } case None => - Redirect("/login").flashing("error" -> "Failed to retrieve user information") + Future.successful(Redirect("/login").flashing("error" -> "Failed to retrieve user information")) } case None => Future.successful(Redirect("/login").flashing("error" -> "Failed to exchange authorization code")) diff --git a/knockoutwhistweb/conf/META-INF/persistence.xml b/knockoutwhistweb/conf/META-INF/persistence.xml index 6cea33f..19cd2cf 100644 --- a/knockoutwhistweb/conf/META-INF/persistence.xml +++ b/knockoutwhistweb/conf/META-INF/persistence.xml @@ -12,7 +12,6 @@ - diff --git a/knockoutwhistweb/conf/application.conf b/knockoutwhistweb/conf/application.conf index 6f59db2..6ab3ea6 100644 --- a/knockoutwhistweb/conf/application.conf +++ b/knockoutwhistweb/conf/application.conf @@ -29,6 +29,7 @@ play.filters.cors { # Local Development OpenID Connect Configuration openid { selectUserRoute="http://localhost:5173/select-username" + mainRoute="http://localhost:5173/" discord { clientId = ${?DISCORD_CLIENT_ID} diff --git a/knockoutwhistweb/conf/prod.conf b/knockoutwhistweb/conf/prod.conf index 43afc89..9a2a50f 100644 --- a/knockoutwhistweb/conf/prod.conf +++ b/knockoutwhistweb/conf/prod.conf @@ -18,6 +18,7 @@ play.filters.cors { openid { selectUserRoute="https://knockout.janis-eccarius.de/select-username" + mainRoute="https://knockout.janis-eccarius.de/" discord { clientId = ${?DISCORD_CLIENT_ID} diff --git a/knockoutwhistweb/conf/staging.conf b/knockoutwhistweb/conf/staging.conf index ca35c7b..b241619 100644 --- a/knockoutwhistweb/conf/staging.conf +++ b/knockoutwhistweb/conf/staging.conf @@ -15,6 +15,7 @@ play.filters.cors { openid { selectUserRoute="https://st.knockout.janis-eccarius.de/select-username" + mainRoute="https://st.knockout.janis-eccarius.de/" discord { clientId = ${?DISCORD_CLIENT_ID}