Refactor code for improved readability and consistency

- Updated CSRF middleware to enhance cookie value decoding. - Reformatted OAuth proxy token store initialization for better clarity. - Adjusted Challonge proxy router for consistent line breaks and readability. - Enhanced OAuth router error handling and response formatting. - Improved session router for better readability and consistency in fetching provider records. - Refactored OAuth token store to improve key derivation logging. - Cleaned up cookie options utility for better readability. - Enhanced Challonge client credentials composable for consistent API calls. - Streamlined OAuth composable for improved logging. - Refactored main.js for better readability in session initialization. - Improved Challonge v2.1 service error handling for better clarity. - Cleaned up API client utility for improved readability. - Enhanced ApiKeyManager.vue for better text formatting. - Refactored ChallongeTest.vue for improved readability in composable usage.
2026-02-03 12:50:25 -05:00
parent 700c1cbbbe
commit 8775f8b1fe
15 changed files with 182 additions and 76 deletions
--- a/code/websites/pokedex.online/server/routes/oauth.js
+++ b/code/websites/pokedex.online/server/routes/oauth.js
@@ -119,13 +119,18 @@ export function createOAuthRouter({ config, tokenStore }) {
    }

    if (!code) {
-      return res.status(400).json({ error: 'Authorization code is required', code: 'MISSING_CODE' });
+      return res.status(400).json({
+        error: 'Authorization code is required',
+        code: 'MISSING_CODE'
+      });
    }

    if (provider === 'discord') {
      const clientId = process.env.VITE_DISCORD_CLIENT_ID;
      const clientSecret = process.env.DISCORD_CLIENT_SECRET;
-      const redirectUri = process.env.DISCORD_REDIRECT_URI || process.env.VITE_DISCORD_REDIRECT_URI;
+      const redirectUri =
+        process.env.DISCORD_REDIRECT_URI ||
+        process.env.VITE_DISCORD_REDIRECT_URI;

      if (!clientId || !clientSecret || !redirectUri) {
        return res.status(503).json({
@@ -155,7 +160,10 @@ export function createOAuthRouter({ config, tokenStore }) {
      }

      if (!response.ok) {
-        logger.warn('Discord token exchange failed', { status: response.status, payload });
+        logger.warn('Discord token exchange failed', {
+          status: response.status,
+          payload
+        });
        return res.status(response.status).json({
          error: 'Discord token exchange failed',
          code: 'DISCORD_TOKEN_EXCHANGE_FAILED',
@@ -197,7 +205,10 @@ export function createOAuthRouter({ config, tokenStore }) {

      const payload = await response.json().catch(() => ({}));
      if (!response.ok) {
-        logger.warn('Challonge token exchange failed', { status: response.status, payload });
+        logger.warn('Challonge token exchange failed', {
+          status: response.status,
+          payload
+        });
        return res.status(response.status).json({
          error: 'Challonge token exchange failed',
          code: 'CHALLONGE_TOKEN_EXCHANGE_FAILED',
@@ -205,7 +216,8 @@ export function createOAuthRouter({ config, tokenStore }) {
        });
      }

-      const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+      const existing =
+        (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
      const user_oauth = {
        access_token: payload.access_token,
        refresh_token: payload.refresh_token,
@@ -223,7 +235,10 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.json(redactProviderRecord('challonge', record));
    }

-    return res.status(400).json({ error: `Unknown provider: ${provider}`, code: 'UNKNOWN_PROVIDER' });
+    return res.status(400).json({
+      error: `Unknown provider: ${provider}`,
+      code: 'UNKNOWN_PROVIDER'
+    });
  });

  // Store Challonge API key (v1 compatibility) per session
@@ -233,7 +248,9 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.status(500).json({ error: 'SID middleware not configured' });
    }
    if (!apiKey) {
-      return res.status(400).json({ error: 'apiKey is required', code: 'MISSING_API_KEY' });
+      return res
+        .status(400)
+        .json({ error: 'apiKey is required', code: 'MISSING_API_KEY' });
    }

    apiKey = String(apiKey).trim();
@@ -241,10 +258,13 @@ export function createOAuthRouter({ config, tokenStore }) {
      apiKey = apiKey.slice('bearer '.length).trim();
    }
    if (!apiKey) {
-      return res.status(400).json({ error: 'apiKey is required', code: 'MISSING_API_KEY' });
+      return res
+        .status(400)
+        .json({ error: 'apiKey is required', code: 'MISSING_API_KEY' });
    }

-    const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+    const existing =
+      (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
    const record = {
      ...existing,
      api_key: {
@@ -260,7 +280,8 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.status(500).json({ error: 'SID middleware not configured' });
    }

-    const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+    const existing =
+      (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
    const record = { ...existing };
    if (record.api_key) delete record.api_key;
    await tokenStore.setProviderRecord(req.sid, 'challonge', record);
@@ -278,7 +299,8 @@ export function createOAuthRouter({ config, tokenStore }) {
    if (typeof clientSecret === 'string') clientSecret = clientSecret.trim();
    if (typeof scope === 'string') scope = scope.trim();

-    const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+    const existing =
+      (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
    const prev = existing.client_credentials || {};
    const effectiveClientId = clientId || prev.client_id;
    const effectiveClientSecret = clientSecret || prev.client_secret;
@@ -286,7 +308,8 @@ export function createOAuthRouter({ config, tokenStore }) {

    if (!effectiveClientId || !effectiveClientSecret) {
      return res.status(400).json({
-        error: 'clientId and clientSecret are required (or must already be stored for this session)',
+        error:
+          'clientId and clientSecret are required (or must already be stored for this session)',
        code: 'MISSING_CLIENT_CREDENTIALS'
      });
    }
@@ -304,7 +327,10 @@ export function createOAuthRouter({ config, tokenStore }) {

    const payload = await response.json().catch(() => ({}));
    if (!response.ok) {
-      logger.warn('Challonge client_credentials token exchange failed', { status: response.status, payload });
+      logger.warn('Challonge client_credentials token exchange failed', {
+        status: response.status,
+        payload
+      });
      return res.status(response.status).json({
        error: 'Challonge client credentials exchange failed',
        code: 'CHALLONGE_CLIENT_CREDENTIALS_FAILED',
@@ -333,7 +359,8 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.status(500).json({ error: 'SID middleware not configured' });
    }

-    const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+    const existing =
+      (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
    const record = { ...existing };
    if (record.client_credentials) delete record.client_credentials;
    await tokenStore.setProviderRecord(req.sid, 'challonge', record);
@@ -346,7 +373,8 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.status(500).json({ error: 'SID middleware not configured' });
    }

-    const existing = (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
+    const existing =
+      (await tokenStore.getProviderRecord(req.sid, 'challonge')) || {};
    const creds = existing.client_credentials;
    if (!creds) {
      return res.json(redactProviderRecord('challonge', existing));
@@ -373,19 +401,27 @@ export function createOAuthRouter({ config, tokenStore }) {

    const record = await tokenStore.getProviderRecord(req.sid, provider);
    if (!record) {
-      return res.status(400).json({ error: 'No stored tokens', code: 'NO_TOKENS' });
+      return res
+        .status(400)
+        .json({ error: 'No stored tokens', code: 'NO_TOKENS' });
    }

    if (provider === 'discord') {
      const refreshToken = record.refresh_token;
      if (!refreshToken) {
-        return res.status(400).json({ error: 'No refresh token available', code: 'NO_REFRESH_TOKEN' });
+        return res.status(400).json({
+          error: 'No refresh token available',
+          code: 'NO_REFRESH_TOKEN'
+        });
      }

      const clientId = process.env.VITE_DISCORD_CLIENT_ID;
      const clientSecret = process.env.DISCORD_CLIENT_SECRET;
      if (!clientId || !clientSecret) {
-        return res.status(503).json({ error: 'Discord OAuth not configured', code: 'DISCORD_NOT_CONFIGURED' });
+        return res.status(503).json({
+          error: 'Discord OAuth not configured',
+          code: 'DISCORD_NOT_CONFIGURED'
+        });
      }

      const response = await fetch('https://discord.com/api/oauth2/token', {
@@ -473,7 +509,10 @@ export function createOAuthRouter({ config, tokenStore }) {
      return res.json(redactProviderRecord('challonge', updatedRecord));
    }

-    return res.status(400).json({ error: `Unknown provider: ${provider}`, code: 'UNKNOWN_PROVIDER' });
+    return res.status(400).json({
+      error: `Unknown provider: ${provider}`,
+      code: 'UNKNOWN_PROVIDER'
+    });
  });

  return router;