Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-01-19 00:36:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

feat: Enhance OpenID flow with state parameter handling

Browse source
This commit is contained in:
Danny Avila 2025-05-25 16:33:34 -04:00
parent 45e4e70986
commit ac2e1b1586
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
2 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/server/routes/oauth.js
View file

@ -1,6 +1,7 @@
// file deepcode ignore NoRateLimitingForLogin: Rate limiting is handled by the `loginLimiter` middleware
const express = require('express');
const passport = require('passport');
const client = require('openid-client');
const {
checkBan,
logHeaders,
@ -107,6 +108,7 @@ router.get(
'/openid',
passport.authenticate('openid', {
session: false,
state: client.randomState(),
}),
);
@ -115,6 +117,7 @@ router.get(
passport.authenticate('openid', {
failureRedirect: `${domains.client}/oauth/error`,
failureMessage: true,
state: client.randomState(),
session: false,
}),
setBalanceConfig,