update filemanager navigation

server/routers/auth.go

@@ -50,6 +50,7 @@ func (ar *AuthRouter) Route(r chi.Router) {
 			}
 
 			authURL := ar.oauth.AuthURL(state, stateMap)
+			ar.taoLogger.Log.Info("User Log-In", zap.String("authURL", authURL))
 			http.Redirect(w, r, authURL, http.StatusTemporaryRedirect)
 		})
 
@@ -129,12 +130,12 @@ func (ar *AuthRouter) Route(r chi.Router) {
 
 			ar.taoLogger.Log.Info("User Log-In Success", zap.String("userInfo", userInfo.Name), zap.String("email", userInfo.Email))
 
+			// if kind is electron then add kind to value
 			if kind == "electron" {
+				value.Add("kind", kind)
 				value.Add("access_token", token.AccessToken)
 				value.Add("max_age", "3600")
 				value.Add("refresh_token", token.RefreshToken)
-				http.Redirect(w, r, ar.cfg.ClientElectronRedirectURL+"login?"+value.Encode(), http.StatusTemporaryRedirect)
-				return
 			}
 			// redirect to frontend with token and refresh token
 			w.Header().Add("set-cookie", "access_token="+token.AccessToken+"; Path=/; HttpOnly; SameSite=None; Secure; Max-Age=3600")
@@ -143,15 +144,22 @@ func (ar *AuthRouter) Route(r chi.Router) {
 		})
 
 		r.Get("/me", func(w http.ResponseWriter, r *http.Request) {
-			// get access token from cookie
+			// get access token from token
+			var token string
 			cookie, err := r.Cookie("access_token")
 			if err != nil {
-				http.Error(w, "Access token not found", http.StatusBadRequest)
-				return
+				token = r.Header.Get("X-Access-Token")
+
+				if token == "" {
+					http.Error(w, "Access token not found", http.StatusUnauthorized)
+					return
+				}
+			} else {
+				token = cookie.Value
 			}
 
 			// get userInfo info
-			userInfo, err := ar.oauth.GetUserInfo(r.Context(), &oauth2.Token{AccessToken: cookie.Value})
+			userInfo, err := ar.oauth.GetUserInfo(r.Context(), &oauth2.Token{AccessToken: token})
 			if err != nil {
 				http.Error(w, "Error getting userInfo info", http.StatusBadRequest)
 				return
@@ -186,26 +194,10 @@ func (ar *AuthRouter) Route(r chi.Router) {
 		})
 
 		r.Post("/refresh", func(w http.ResponseWriter, r *http.Request) {
-			// get refresh token from query string
+			refreshToken := r.Header.Get("X-Refresh-Token")
 
-			// get refresh token from body and redirect_to from body and mashal it to struct
-			var refreshToken string
-			var redirectTo string
-
-			err := json.NewDecoder(r.Body).Decode(&struct {
-				RefreshToken string `json:"refresh_token"`
-				RedirectTo   string `json:"redirect_to"`
-			}{refreshToken, redirectTo})
-
-			if err != nil {
-				http.Error(w, "Error decoding body", http.StatusBadRequest)
-				return
-			}
-
-			// refreshToken := r.URL.Query().Get("refresh_token")
-			// redirectTo := r.URL.Query().Get("redirect_to")
 			if refreshToken == "" {
-				http.Error(w, "Refresh token not found", http.StatusBadRequest)
+				http.Error(w, "Refresh token not found", http.StatusUnauthorized)
 				return
 			}
 
@@ -216,8 +208,16 @@ func (ar *AuthRouter) Route(r chi.Router) {
 				return
 			}
 
-			// redirect to frontend with token and refresh token
-			http.Redirect(w, r, ar.cfg.ClientRedirectURL+"/?token="+token.AccessToken+"&redirect_to="+redirectTo, http.StatusTemporaryRedirect)
+			// get userInfo info
+			w.Header().Add("set-cookie", "access_token="+token.AccessToken+"; Path=/; HttpOnly; SameSite=None; Secure; Max-Age=3600")
+			w.Header().Add("set-cookie", "refresh_token="+token.RefreshToken+"; Path=/; HttpOnly; SameSite=None; Secure")
+			if err := json.NewEncoder(w).Encode(&struct {
+				AccessToken  string `json:"access_token"`
+				MaxAge       int    `json:"max_age"`
+				RefreshToken string `json:"refresh_token"`
+			}{AccessToken: token.AccessToken, MaxAge: 3600, RefreshToken: token.RefreshToken}); err != nil {
+				http.Error(w, "Error encoding response", http.StatusInternalServerError)
+			}
 		})
 
 		r.Get("/revoke", func(w http.ResponseWriter, r *http.Request) {