mirror of
https://github.com/tiennm99/llmapikey.git
synced 2026-06-17 02:48:36 +00:00
tiennm99
559bac8104
Self-contained GitHub OAuth (Arctic) with a stateless HS256 signed-cookie session (jose); Supabase is downgraded to the Postgres host only. - Origin-derived callback (no redirect-uri env); read:user scope; access token read once at callback and discarded (no token storage). - CSRF via single-use state cookie; open-redirect guard on next. - getCurrentGithubIdentity() now reads the session cookie, preserving the numeric provider_id identity contract for admin/dashboard/mint. - Remove @supabase/ssr + @supabase/supabase-js, middleware, and the supabase-dependent rls test; delete lib/supabase clients.
18 lines
522 B
JavaScript
18 lines
522 B
JavaScript
import Link from "next/link";
|
|
|
|
/**
|
|
* GitHub sign-in button. A plain link to the server-side OAuth start route
|
|
* (`/auth/login`), which creates the CSRF state and redirects to GitHub. No
|
|
* client-side auth SDK needed.
|
|
*
|
|
* @param {{ next?: string, label?: string }} props
|
|
*/
|
|
export function SignInWithGithubButton({ next = "/dashboard", label = "Sign in with GitHub" }) {
|
|
const href = `/auth/login?next=${encodeURIComponent(next)}`;
|
|
return (
|
|
<Link className="btn" href={href}>
|
|
{label}
|
|
</Link>
|
|
);
|
|
}
|