Receives the auth payload from the callback, validates it, creates a session, and returns a response with a cookie referencing the session.
(request: Request)
| 355 | # TODO annotate response type |
| 356 | @public_route |
| 357 | async def auth_session(request: Request) -> JSONResponse: |
| 358 | """ |
| 359 | Receives the auth payload from the callback, validates it, creates a session, |
| 360 | and returns a response with a cookie referencing the session. |
| 361 | """ |
| 362 | print("auth_session: Processing request") |
| 363 | |
| 364 | # we just pass the hash params directly into the body of the request |
| 365 | # so these are URL-encoded |
| 366 | body = await request.body() |
| 367 | print(f"auth_session: Raw body length: {len(body)}") |
| 368 | |
| 369 | params = urllib.parse.parse_qs(body.decode('utf-8')) |
| 370 | print(f"auth_session: Parsed params keys: {list(params.keys())}") |
| 371 | |
| 372 | access_token = params.get('access_token', [None])[0] |
| 373 | |
| 374 | if not access_token: |
| 375 | print("auth_session: ERROR - No access_token in request body") |
| 376 | raise AuthException("Invalid parameters passed to callback URL.") |
| 377 | |
| 378 | print("auth_session: Found access_token, attempting to decode JWT") |
| 379 | |
| 380 | try: |
| 381 | # Decode the JWT to see what user info we have |
| 382 | user_data = _decode_supabase_jwt(access_token) |
| 383 | print(f"auth_session: Decoded JWT for user {user_data.sub} with email {user_data.email}") |
| 384 | |
| 385 | # Check if this is an invite acceptance (look for invited_to_org in metadata) |
| 386 | invited_to_org = None |
| 387 | if user_data.user_metadata and 'invited_to_org' in user_data.user_metadata: |
| 388 | invited_to_org = user_data.user_metadata.get('invited_to_org') |
| 389 | print(f"auth_session: User is accepting invite to org {invited_to_org}") |
| 390 | except Exception as e: |
| 391 | print(f"auth_session: ERROR - Failed to decode JWT: {str(e)}") |
| 392 | raise AuthException("Failed to decode access token") |
| 393 | |
| 394 | content = StatusResponse(message="User authenticated successfully.") |
| 395 | response = JSONResponse(content=content.model_dump()) |
| 396 | |
| 397 | print("auth_session: Creating session and setting cookie") |
| 398 | result = _create_session_for_response(response, access_token) |
| 399 | print("auth_session: Session created successfully, returning response") |
| 400 | |
| 401 | return result |
| 402 | |
| 403 | |
| 404 | # TODO annotate response type |
nothing calls this directly
no test coverage detected
searching dependent graphs…