Handles the OAuth callback by exchanging the authorization code for a session. This is the endpoint that the OAuth provider redirects to after the user has authenticated. It expects a 'code' parameter in the query string, which is the authorization code received from the OAuth provi
(request: Request, code: str)
| 323 | |
| 324 | @public_route |
| 325 | async def auth_code(request: Request, code: str) -> RedirectResponse: |
| 326 | """ |
| 327 | Handles the OAuth callback by exchanging the authorization code for a session. |
| 328 | This is the endpoint that the OAuth provider redirects to after the user has authenticated. |
| 329 | It expects a 'code' parameter in the query string, which is the authorization code |
| 330 | received from the OAuth provider. |
| 331 | """ |
| 332 | supabase_client = get_supabase() |
| 333 | |
| 334 | try: |
| 335 | auth_response = supabase_client.auth.exchange_code_for_session({'auth_code': code}) |
| 336 | except gotrue.errors.AuthApiError as e: |
| 337 | raise AuthException.from_gotrue_autherror(e) |
| 338 | |
| 339 | if hasattr(auth_response, 'error'): |
| 340 | raise AuthException("Failed to exchange code for session.") |
| 341 | |
| 342 | access_token = auth_response.session.access_token |
| 343 | |
| 344 | # TODO this often redirects back to the signin page, just send all users to the dashboard |
| 345 | # redirect_to = request.query_params.get('redirect_to') |
| 346 | # if redirect_to and redirect_to.startswith('/'): |
| 347 | # response = RedirectResponse(url=f"{APP_URL}{redirect_to}") |
| 348 | # else: |
| 349 | # response = RedirectResponse(url=DASHBOARD_URL) |
| 350 | |
| 351 | response = RedirectResponse(url=DASHBOARD_URL) |
| 352 | return _create_session_for_response(response, access_token) |
| 353 | |
| 354 | |
| 355 | # TODO annotate response type |
nothing calls this directly
no test coverage detected
searching dependent graphs…