session passthrough for the wasp-launcher

This is required to give wasp-launcher the ability to do sign-ins. Until now it only supported logging in, sign in was not possible because it requires admin database access which the wasp-launcher cannot have due to security reasons, so from now on the website will handle sign ins and log ins for the launcher and pass the session to it once it's done.
In a way similar to what the original wasp-launcher did before it has it's own embeded server.

Author: Torwent

src/app.d.ts

@@ -9,6 +9,7 @@ declare global {
 		// interface Error {}
 		interface Locals {
 			supabaseServer: SupabaseClient<Database>
+			launcherSupabase: SupabaseClient<Database>
 			safeGetSession: () => Promise<{ session: Session | null; user: User | null }>
 			session: Session | null
 			user: User | null

src/hooks.server.ts

@@ -37,6 +37,21 @@ const supabase: Handle = async ({ event, resolve }) => {
 		}
 	)
 
+	event.locals.launcherSupabase = createServerClient<Database>(
+		PUBLIC_SUPABASE_URL,
+		PUBLIC_SUPABASE_ANON_KEY,
+		{
+			cookies: {
+				getAll: () => event.cookies.getAll(),
+				setAll: (cookiesToSet) => {
+					cookiesToSet.forEach(({ name, value, options }) => {
+						event.cookies.set(name, value, { ...options, path: "/" })
+					})
+				}
+			}
+		}
+	)
+
 	event.locals.safeGetSession = async () => {
 		let start = performance.now()
 

src/routes/auth/launcher/+page.server.ts

@@ -0,0 +1,134 @@
+import { formatError } from "$lib/utils"
+import { createStripeCustomer } from "$lib/server/stripe.server"
+
+export const load = async ({ url: { searchParams }, locals: { launcherSupabase } }) => {
+	console.log("💻 Launcher login")
+
+	const err = searchParams.get("error")
+
+	if (err) {
+		let message = ""
+		message += "<h3>Authentication Error</h3>"
+		message += "<p>Error: " + decodeURI(err) + "</p>"
+
+		const description = searchParams.get("error_description")
+		if (description) {
+			message += "<p>Message: " + decodeURI(description) + "</p>"
+			if (description.includes("email"))
+				message += "<p>Make sure you have your email linked to discord!</p>"
+		}
+
+		return {
+			access_token: null,
+			refresh_token: null,
+			error: message
+		}
+	}
+
+	const code = searchParams.get("code")
+
+	if (code) {
+		const {
+			data: { user },
+			error: err
+		} = await launcherSupabase.auth.exchangeCodeForSession(code)
+
+		if (err) {
+			return {
+				access_token: null,
+				refresh_token: null,
+				error: formatError(err)
+			}
+		}
+
+		if (!user) {
+			return {
+				access_token: null,
+				refresh_token: null,
+				error: "Failed to get user!"
+			}
+		}
+
+		const {
+			data: { session },
+			error: errSession
+		} = await launcherSupabase.auth.getSession()
+
+		if (errSession) {
+			return {
+				access_token: null,
+				refresh_token: null,
+				error: formatError(errSession)
+			}
+		}
+
+		if (!session) {
+			return {
+				access_token: null,
+				refresh_token: null,
+				error: "Failed to create session"
+			}
+		}
+
+		const { count } = await launcherSupabase
+			.schema("profiles")
+			.from("profiles")
+			.select("*", { count: "exact", head: true })
+			.eq("id", user.id)
+			.single()
+
+		if (count) {
+			return {
+				access_token: session.access_token,
+				refresh_token: session.refresh_token,
+				error: null
+			}
+		}
+
+		if (user.email && user.app_metadata.provider == "discord") {
+			const discord = user.user_metadata["provider_id"]
+			const stripe = await createStripeCustomer(
+				user.id,
+				user.email,
+				discord,
+				user.user_metadata["custom_claims"]["global_name"]
+			)
+			if (!stripe) {
+				return {
+					access_token: null,
+					refresh_token: null,
+					error: "Failed to create stripe user for " + user.id
+				}
+			}
+
+			const { error: err } = await launcherSupabase.schema("profiles").from("profiles").insert({
+				id: user.id,
+				stripe,
+				discord,
+				username: "",
+				avatar: "",
+				role: null
+			})
+
+			if (err) {
+				return {
+					access_token: null,
+					refresh_token: null,
+					error: "Failed to INSERT profile: " + formatError(err)
+				}
+			}
+		}
+
+		return {
+			access_token: session.access_token,
+			refresh_token: session.refresh_token,
+			error: null
+		}
+	}
+
+	return {
+		access_token: null,
+		refresh_token: null,
+		error: "Failed to log you in."
+	}
+}

src/routes/auth/launcher/+page.svelte

@@ -0,0 +1,36 @@
+<script lang="ts">
+	import { onMount } from "svelte"
+
+	const { data } = $props()
+	const { access_token, refresh_token, error } = $derived(data)
+	let loading = $state(true)
+
+	onMount(async () => {
+		if (access_token && refresh_token) {
+			await fetch("http://localhost:5217/", {
+				method: "POST",
+				headers: { "Content-Type": "application/json" },
+				body: JSON.stringify({ access_token, refresh_token })
+			}).catch(() => "Failed to fetch with session")
+		} else if (data.error) {
+			await fetch("http://localhost:5217/", {
+				method: "POST",
+				headers: { "Content-Type": "application/json" },
+				body: JSON.stringify({ error })
+			}).catch(() => "Failed to fetch with error")
+		}
+
+		loading = false
+	})
+</script>
+
+<main class="my-32 h-screen text-center">
+	{#if loading}
+		<h1 class="text-xl font-bold">Loading...</h1>
+	{:else if access_token && refresh_token}
+		<h1 class="my-12 text-xl font-bold">You successfully logged in with WaspLauncher</h1>
+		<h2 class="font-semibold">You may now close this page.</h2>
+	{:else}
+		<h1 class="text-xl font-bold">Failed to login!</h1>
+	{/if}
+</main>

src/routes/auth/launcher/login/+server.ts

@@ -0,0 +1,17 @@
+import { formatError } from "$lib/utils"
+import { error, redirect } from "@sveltejs/kit"
+
+export const GET = async ({ url: { origin }, locals: { launcherSupabase } }) => {
+	console.log("💻 Starting launcher login!")
+	const { data, error: err } = await launcherSupabase.auth.signInWithOAuth({
+		provider: "discord",
+		options: {
+			redirectTo: origin + "/auth/launcher/",
+			scopes: "identify email guilds guilds.members.read"
+		}
+	})
+
+	if (err) error(400, formatError(err))
+
+	redirect(303, data.url)
+}

svelte.config.js

@@ -34,6 +34,7 @@ const config = {
 				"connect-src": [
 					"self",
 					"ws://localhost:*",
+					"http://localhost:*",
 					"https://db.waspscripts.dev",
 					"ws://db.waspscripts.dev",
 					"wss://db.waspscripts.dev"