From 67dde954cc555fd5b24e7ead9737e0d592f30619 Mon Sep 17 00:00:00 2001
From: Fabian Stamm <dev@fabianstamm.de>
Date: Fri, 15 Mar 2019 13:43:10 +0000
Subject: [PATCH] Adding state perameter to /api/client/user endpoint

---
 src/api/client/index.ts | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/api/client/index.ts b/src/api/client/index.ts
index 3234975..feac0c9 100644
--- a/src/api/client/index.ts
+++ b/src/api/client/index.ts
@@ -8,20 +8,23 @@ import { createJWT } from "../../keys";
 const ClientRouter = Router();
 /**
  * @api {get} /client/user
- * @apiName ClientUser
- * 
- * @apiGroup client
- * @apiPermission user_client Requires ClientID and Authenticated User
- * 
  * @apiParam {String} redirect_uri URL to redirect to on success
+ * @apiParam {String} state A optional state, that will be included in the JWT and redirect_uri as parameter
+ *
+ * @apiName ClientUser 
+ * @apiGroup client
+ *
+ * @apiPermission user_client Requires ClientID and Authenticated User
  */
 ClientRouter.get("/user", Stacker(GetClientAuthMiddleware(false), GetUserMiddleware(true, false), async (req: Request, res: Response) => {
+   let { redirect_uri, state } = req.query;
    let jwt = await createJWT({
       client: req.client.client_id,
       uid: req.user.uid,
-      username: req.user.username
+      username: req.user.username,
+      state: state
    }, 30); //after 30 seconds this token is invalid
-   res.redirect(req.query.redirect_uri + "?jwt=" + jwt)
+   res.redirect(redirect_uri + "?jwt=" + jwt + (state ? `&state=${state}` : ""));
 }));
 
 export default ClientRouter;
\ No newline at end of file