auth.php 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. <!DOCTYPE HTML>
  2. <html lang='en'>
  3. <head>
  4. <script>
  5. if(
  6. localStorage.getItem('current_id') |
  7. localStorage.getItem('current_instance') |
  8. localStorage.getItem('current_authtoken')
  9. ){
  10. location.href = '/logout';
  11. };
  12. </script>
  13. <script src="/assets/js/jquery/jquery.min.js"></script>
  14. <script src="/assets/js/mastodon.js/mastodon.js"></script>
  15. <script src="/assets/js/jquery-cookie/src/jquery.cookie.js"></script>
  16. <?php
  17. require_once('../authorize/mastodon.php');
  18. use HalcyonSuite\HalcyonForMastodon\Mastodon;
  19. $api = new Mastodon();
  20. if ($_GET['code']) {
  21. $domain = htmlspecialchars((string)filter_input(INPUT_GET, 'host'), ENT_QUOTES);
  22. if(in_array($domain,json_decode(base64_decode("WyJnYWIuY29tIiwiZ2FiLmFpIl0=")))) die();
  23. $URL= 'https://'.$domain;
  24. $api->selectInstance($URL);
  25. $response = $api->get_access_token($api->clientWebsite.'/auth?&host='.$domain, htmlspecialchars((string)filter_input(INPUT_GET, 'code'), ENT_QUOTES));
  26. if ($response['html']["access_token"]) {
  27. $access_token = $response['html']["access_token"];
  28. $profile = $api->accounts_verify_credentials()['html'];
  29. $account_id = $profile['id'];
  30. echo "
  31. <script>
  32. localStorage.setItem('current_id','$account_id');
  33. localStorage.setItem('current_instance','$domain');
  34. localStorage.setItem('current_authtoken', '$access_token');
  35. localStorage.setItem('current_search_history', '[]');
  36. localStorage.setItem('setting_post_stream', 'auto');
  37. localStorage.setItem('setting_post_privacy', 'public');
  38. localStorage.setItem('setting_local_instance', 'default');
  39. localStorage.setItem('setting_search_filter', 'all');
  40. localStorage.setItem('setting_link_previews', 'true');
  41. localStorage.setItem('setting_desktop_notifications', 'true');
  42. localStorage.setItem('setting_service_worker', 'false');
  43. localStorage.setItem('setting_who_to_follow', 'false');
  44. localStorage.setItem('setting_show_replies', 'true');
  45. localStorage.setItem('setting_show_bots', 'true');
  46. localStorage.setItem('setting_show_content_warning', 'false');
  47. localStorage.setItem('setting_show_nsfw', 'false');
  48. localStorage.setItem('setting_full_height', 'false');
  49. localStorage.setItem('setting_thread_view', 'true');
  50. localStorage.setItem('setting_compose_autocomplete', 'true');
  51. localStorage.setItem('setting_play_gif','true');
  52. localStorage.setItem('setting_play_video','true');
  53. localStorage.setItem('setting_play_audio','true');
  54. localStorage.setItem('setting_play_peertube','true');
  55. localStorage.setItem('setting_play_youplay','false');
  56. localStorage.setItem('setting_play_invidious','false');
  57. localStorage.setItem('setting_play_vimeo','false');
  58. localStorage.setItem('setting_post_privacy','".$profile["source"]["privacy"]."');
  59. localStorage.setItem('setting_post_sensitive','".$profile["source"]["sensitive"]."');
  60. $.cookie('darktheme','unset',{path:'/',expires:3650});
  61. if(sessionStorage.return && sessionStorage.return == 'share') location.href = '/intent/toot?action=send';
  62. else location.href = '/';
  63. </script>
  64. ";
  65. }
  66. }
  67. ?>
  68. </head>
  69. <body>
  70. </body>
  71. </html>