c3d978a7eb
SvelteKit 2 + Svelte 5 + TypeScript site. SQLite via Drizzle. Gitea OAuth for authoring (RnD org-gated). Pure SVG + CSS DNA helix on landing. What lands - Landing hero with animated two-strand SVG helix + tagline - /projects + /projects/[slug] (markdown body, dashboard embed allowlist) - /posts + /posts/[slug] - Auth-gated /projects/new + /posts/new forms - Gitea OAuth flow (state, code exchange, org-membership check, sessions) - Sliding-window cookie sessions (SHA-256 hashed token storage) - Dockerfile + docker-compose with named-volume SQLite - Idempotent seed (EVOLV + HELIX projects, welcome post) Stack notes - Tailwind v3 (Node 18 compat; v4 needs Node 20+) - drizzle-orm 0.45+ (patched, no SQL-identifier escape vuln) - marked for markdown; iframe embeds gated by DASHBOARD_ALLOWED_HOSTS Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
20 lines
503 B
TypeScript
20 lines
503 B
TypeScript
import { redirect } from '@sveltejs/kit';
|
|
import { dev } from '$app/environment';
|
|
import { buildAuthorizationURL, generateState } from '$lib/server/gitea';
|
|
import { OAUTH_STATE_COOKIE } from '$lib/server/auth';
|
|
|
|
export const GET = async ({ cookies }) => {
|
|
const state = generateState();
|
|
const url = buildAuthorizationURL(state);
|
|
|
|
cookies.set(OAUTH_STATE_COOKIE, state, {
|
|
path: '/',
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
secure: !dev,
|
|
maxAge: 60 * 10
|
|
});
|
|
|
|
redirect(302, url);
|
|
};
|