auth.php 3.6 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
  1. <!DOCTYPE HTML>
  2. <html lang='en'>
  3. <head>
  4. <script>
  5. if(
  6. localStorage.getItem('current_id') |
  7. localStorage.getItem('current_instance') |
  8. localStorage.getItem('current_authtoken')
  9. ){
  10. location.href = '/logout';
  11. };
  12. </script>
  13. <script src="/assets/js/jquery/jquery.min.js"></script>
  14. <script src="/assets/js/mastodon.js/mastodon.js"></script>
  15. <script src="/assets/js/jquery-cookie/src/jquery.cookie.js"></script>
  16. <?php
  17. require_once('../authorize/mastodon.php');
  18. use HalcyonSuite\HalcyonForMastodon\Mastodon;
  19. $api = new Mastodon();
  20. if ($_GET['code']) {
  21. $domain = htmlspecialchars((string)filter_input(INPUT_GET, 'host'), ENT_QUOTES);
  22. if(in_array($domain,json_decode(base64_decode("WyJnYWIuY29tIiwiZ2FiLmFpIl0=")))) die();
  23. $URL= 'https://'.$domain;
  24. $api->selectInstance($URL);
  25. $response = $api->get_access_token($api->clientWebsite.'/auth?&host='.$domain, htmlspecialchars((string)filter_input(INPUT_GET, 'code'), ENT_QUOTES));
  26. if(isset($response) && is_array($response) && isset($response['html']) && is_array($response['html']) && isset($response['html']["access_token"])) {
  27. $access_token = $response['html']["access_token"];
  28. $profile = $api->accounts_verify_credentials()['html'];
  29. $account_id = $profile['id'];
  30. echo "
  31. <script>
  32. localStorage.setItem('current_id','$account_id');
  33. localStorage.setItem('current_instance','$domain');
  34. localStorage.setItem('current_authtoken', '$access_token');
  35. localStorage.setItem('current_search_history', '[]');
  36. localStorage.setItem('setting_post_stream', 'auto');
  37. localStorage.setItem('setting_post_privacy', 'public');
  38. localStorage.setItem('setting_local_instance', 'default');
  39. localStorage.setItem('setting_search_filter', 'all');
  40. localStorage.setItem('setting_link_previews', 'true');
  41. localStorage.setItem('setting_desktop_notifications', 'true');
  42. localStorage.setItem('setting_service_worker', 'false');
  43. localStorage.setItem('setting_who_to_follow', 'false');
  44. localStorage.setItem('setting_show_replies', 'true');
  45. localStorage.setItem('setting_show_bots', 'true');
  46. localStorage.setItem('setting_show_content_warning', 'false');
  47. localStorage.setItem('setting_show_nsfw', 'false');
  48. localStorage.setItem('setting_full_height', 'false');
  49. localStorage.setItem('setting_thread_view', 'true');
  50. localStorage.setItem('setting_show_admin','false');
  51. localStorage.setItem('setting_compose_autocomplete', 'true');
  52. localStorage.setItem('setting_play_gif','true');
  53. localStorage.setItem('setting_play_video','true');
  54. localStorage.setItem('setting_play_audio','true');
  55. localStorage.setItem('setting_play_peertube','true');
  56. localStorage.setItem('setting_play_youplay','false');
  57. localStorage.setItem('setting_play_invidious','false');
  58. localStorage.setItem('setting_play_vimeo','false');
  59. localStorage.setItem('setting_post_privacy','".$profile["source"]["privacy"]."');
  60. localStorage.setItem('setting_post_sensitive','".$profile["source"]["sensitive"]."');
  61. localStorage.setItem('setting_redirect_invidious','unset');
  62. localStorage.setItem('setting_redirect_nitter','unset');
  63. localStorage.setItem('setting_redirect_bibliogram','unset');
  64. localStorage.setItem('setting_redirect_nofb','unset');
  65. localStorage.setItem('setting_rewrite_invidious','unset');
  66. localStorage.setItem('setting_rewrite_nitter','unset');
  67. localStorage.setItem('setting_rewrite_bibliogram','unset');
  68. localStorage.setItem('setting_rewrite_nofb','unset');
  69. $.cookie('darktheme','unset',{path:'/',expires:3650});
  70. if(sessionStorage.return && sessionStorage.return == 'share') location.href = '/intent/toot?action=send';
  71. else location.href = '/';
  72. </script>
  73. ";
  74. }
  75. else echo "<h1>An error occured</h1><p>There was an error and Halcyon couldn't fetch or validate a access token for this instance</p>";
  76. }
  77. ?>
  78. </head>
  79. <body>
  80. </body>
  81. </html>