From 7158526469c2c8491e698545fdd3d6dfc2c62fb8 Mon Sep 17 00:00:00 2001
From: mat <github@matdoes.dev>
Date: Thu, 17 Mar 2022 13:14:19 -0500
Subject: allow passing redirect uri as a parameter

i sure hope this doesn't result in any security vulnerabilities!
---
 src/index.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/index.ts b/src/index.ts
index 3e73ad3..6608188 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -156,7 +156,9 @@ app.get('/election', async (req, res) => {
 app.post('/accounts/createsession', async (req, res) => {
 	try {
 		const { code } = req.body
-		const codeExchange = await discord.exchangeCode(`${mainSiteUrl}/loggedin`, code)
+		const redirectUri = req.body.redirectUri ?? `${mainSiteUrl}/loggedin`
+
+		const codeExchange = await discord.exchangeCode(redirectUri, code)
 		if (!codeExchange) {
 			res.json({ ok: false, error: 'discord_client_secret isn\'t in env' })
 			return
-- 
cgit