2222. get ( "/auth" , async ( ctx , next ) => {
2323 // request Authentication
2424 const { callback} = ctx . query
25- ctx . assert ( callback , 400 , `Missing Parameter "callback"` )
25+ ctx . assert ( callback , 400 , null , { detail : `Missing Parameter "callback"` } )
2626 const token = crypto . randomBytes ( 32 ) . hexSlice ( )
2727 const expires = new Date ( Date . now ( ) + 300000 )
2828 ctx . cookies . set ( "callback" , callback , { expires} )
3434 // generate Authorization
3535 const { code, state} = ctx . query
3636 const token = ctx . cookies . get ( "token" )
37- ctx . assert ( code && state , 400 , `Missing Parameter "code" and/or "state"` )
38- ctx . assert ( ctx . cookies . get ( "callback" ) && token , 400 , `Missing Cookie "callback" and/or "token"` )
39- ctx . assert ( crypto . createHmac ( "sha256" , secretKey ) . update ( state ) . digest ( "hex" ) === token , 400 , `Invalid Token` )
37+ ctx . assert ( code && state , 400 , null , { detail : `Missing Parameter(s) "code" and/or "state"` } )
38+ ctx . assert ( ctx . cookies . get ( "callback" ) && token , 400 , null , { detail : `Missing Cookie(s) "callback" and/or "token"` } )
39+ ctx . assert ( crypto . createHmac ( "sha256" , secretKey ) . update ( state ) . digest ( "hex" ) === token , 400 , null , { detail : `Invalid token` } )
4040 ctx . cookies . set ( "token" )
4141 await new Promise ( resolve => setTimeout ( resolve , 500 ) )
4242 await rp ( {
4646 json : true
4747 } )
4848 . then ( auth => {
49- ctx . assert ( auth . client_id === client_id , 500 , "Internal OAuth Request Failed" )
49+ ctx . assert ( auth . client_id === client_id , 500 , null , { detail : "Internal OAuth Request Failed" } )
5050 return Promise . all ( [
5151 auth . token ,
5252 rp ( {
8080 . then ( ( [ token ] ) => {
8181 ctx . redirect ( `${ ctx . cookies . get ( "callback" ) } ${ token } )
8282 ctx . cookies . set ( "callback" )
83+ } ) . catch ( ( ) => {
84+ ctx . throw ( 500 , null , { detail : "Internal OAuth Request Failed" } )
8385 } )
8486 await next ( )
8587} )
8890 const { token} = ctx . params
8991 await knex ( "users" ) . first ( "id" , "revoked" ) . where ( "token" , token )
9092 . then ( user => {
91- ctx . assert ( user , 404 , "Not Found" )
92- ctx . assert ( ! user . revoked , 400 , "Already Revoked" )
93+ ctx . assert ( user , 404 , null , { detail : `A token " ${ token } " is not found in this service` } )
94+ ctx . assert ( ! user . revoked , 400 , null , { detail : `A token " ${ token } " is already revoked` } )
9395 return knex ( "users" ) . where ( { id : user . id } ) . update ( { revoked : true , updated_at : knex . fn . now ( ) } )
9496 } )
9597 . then ( ( ) => ctx . body = { complete : true } )
@@ -98,11 +100,11 @@ router
98100. use ( "/:username/items/:id" , async ( ctx , next ) => {
99101 // authentication
100102 const auth = ctx . header . authorization
101- ctx . assert ( auth , 401 , "Missing Authorization Header" )
103+ ctx . assert ( auth , 401 , null , { detail : "Missing Authorization Header" } )
102104 const token = auth . replace ( / ^ B e a r e r / , "" )
103105 await knex ( "users" ) . first ( "id" ) . where ( { token, revoked : false } )
104106 . then ( user => {
105- ctx . assert ( user , 403 , "Invalid Authorization Token" )
107+ ctx . assert ( user , 403 , null , { detail : "Invalid Authorization Token" } )
106108 ctx . user = user . id
107109 } )
108110 await next ( )
@@ -128,7 +130,7 @@ router
128130 } else if ( ! disliked . state ) {
129131 return knex ( "item_dislike" ) . where ( { id, by_whom : ctx . user } ) . update ( { state : true , updated_at : knex . fn . now ( ) } )
130132 } else {
131- ctx . throw ( 409 , "Already Disliked" )
133+ ctx . throw ( 409 , null , { detail : "Already Disliked" } )
132134 }
133135 } )
134136 . then ( ( ) => ctx . body = { complete : true } )
171173 } catch ( e ) {
172174 console . error ( e . message )
173175 ctx . status = e . status || 500
174- ctx . type = "json"
175- ctx . body = { code : e . status , message : e . message }
176+ ctx . body = { type : "about:blank" , status : ctx . status , title : e . status ? e . message : "Internal Server Error" , detail : e . detail }
177+ ctx . set ( "Content-Type" , "application/problem+json; charset=utf-8" )
176178 }
177179} )
178180. use ( ratelimit ( { duration : 60000 , rate : rate_limit || 30 , id : ctx => `${ ctx . method } ${ ctx . user } ${ ctx . ip } , throw : true } ) )
0 commit comments