From 4733c76ae75d916efaccfbce8a50c83e746c5c9a Mon Sep 17 00:00:00 2001 From: Pauline Date: Thu, 12 Sep 2024 23:03:47 +0100 Subject: [PATCH] Fix consent: allow skippable consent --- pages/consent.tsx | 126 ++++++++++++++++++++++++++++------------------ 1 file changed, 77 insertions(+), 49 deletions(-) diff --git a/pages/consent.tsx b/pages/consent.tsx index 56fd2b5..d40aa6e 100644 --- a/pages/consent.tsx +++ b/pages/consent.tsx @@ -13,73 +13,101 @@ const Consent = () => { useEffect(() => { const { consent_challenge } = router.query - ory - .toSession() - .then(({ data }) => { - setIdentity(data.identity) - }) - .catch((e) => console.log(e)) + const fetchSessionAndConsent = async () => { + try { + const sessionResponse = await ory.toSession() + const sessionData = sessionResponse.data + setIdentity(sessionData.identity) - if (!consent_challenge) { - // router.push("/404") - return - } + if (!consent_challenge) { + console.error("Consent challenge is missing.") + return + } + + const consentResponse = await fetch(`/api/consent?consent_challenge=${consent_challenge}`) + const consentData = await consentResponse.json() - fetch(`/api/consent?consent_challenge=${consent_challenge}`) - .then((response) => response.json()) - .then((data) => { - if (data.error) { - throw new Error(data.error) + if (consentData.error) { + throw new Error(consentData.error) } - setConsent(data) - }) - .catch((err) => { - console.error(err) - }) - }, [router]) - const handleSubmit = (event: React.FormEvent) => { + setConsent(consentData) + + // Automatically handle skipping consent if enabled + if (consentData.client?.skip_consent) { + console.log("Skipping consent, automatically submitting.") + const skipResponse = await fetch("/api/consent", { + method: "POST", + headers: { + "Content-Type": "application/json", + }, + body: JSON.stringify({ + consentChallenge: consent_challenge, + consentAction: "accept", + grantScope: [], + remember: false, + identity: sessionData.identity, + }), + }) + const skipData = await skipResponse.json() + + if (skipData.error) { + throw new Error(skipData.error) + } + + router.push(skipData.redirect_to) + } + } catch (error) { + console.error("Error fetching session or consent:", error) + } + } + + if (router.query.consent_challenge) { + fetchSessionAndConsent() + } + }, [router.query]) + + const handleSubmit = async (event: React.FormEvent) => { event.preventDefault() const form = event.target as HTMLFormElement const formData = new FormData(form) - const submitter = (event.nativeEvent as SubmitEvent) - .submitter as HTMLButtonElement + const submitter = (event.nativeEvent as SubmitEvent).submitter as HTMLButtonElement const consentAction = submitter.value - const consentChallenge = formData.get("consent_challenge") as string const remember = !!formData.get("remember") const grantScope = formData.getAll("grant_scope") as string[] if (!consentChallenge || !consentAction) { - console.error("consentChallenge or consentAction is missing") + console.error("Consent challenge or action is missing.") return } - fetch("/api/consent", { - method: "POST", - headers: { - "Content-Type": "application/json", - }, - body: JSON.stringify({ - consentChallenge, - consentAction, - grantScope, - remember, - identity, // Include any additional identity data if needed - }), - }) - .then((response) => response.json()) - .then((data) => { - if (data.error) { - console.error(data.error) - return - } - router.push(data.redirect_to) - }) - .catch((err) => { - console.error(err) + try { + const response = await fetch("/api/consent", { + method: "POST", + headers: { + "Content-Type": "application/json", + }, + body: JSON.stringify({ + consentChallenge, + consentAction, + grantScope, + remember, + identity, + }), }) + const data = await response.json() + + if (data.error) { + console.error("Error submitting consent:", data.error) + return + } + + router.push(data.redirect_to) + } catch (error) { + console.error("Error during consent submission:", error) + } } if (!consent) {