chore: Add Discord OAuth2 authentication endpoint

chore: Update dependencies and clean up code chore: Update dependencies, add Discord OAuth2 authentication endpoint, and clean up code chore: Update dependencies, add Google OAuth2 authentication endpoint, and clean up code Code clean up uniqueness on external account id chore: Add Discord and Google OAuth2 authentication endpoints, and update dependencies code review fixes
2025-04-02 02:57:15 +08:00 · 2024-06-01 16:11:59 +01:00 · 2024-06-01 16:11:59 +01:00 · 262a04876b
commit 262a04876b
parent cb68bd1471
14 changed files with 428 additions and 168 deletions
--- a/1
+++ b/1
@ -23,6 +23,7 @@ FROM scratch
 WORKDIR /app

 COPY --from=builder /src/rogueserver .
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/

 EXPOSE 8001

--- a/api/account/discord.go
+++ b/api/account/discord.go
@ -0,0 +1,104 @@
+/*
+	Copyright (C) 2024  Pagefault Games
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package account
+
+import (
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/url"
+	"os"
+)
+
+func HandleDiscordCallback(w http.ResponseWriter, r *http.Request) (string, error) {
+	code := r.URL.Query().Get("code")
+	gameUrl := os.Getenv("GAME_URL")
+	if code == "" {
+		defer http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+		return "", errors.New("code is empty")
+	}
+
+	discordId, err := RetrieveDiscordId(code)
+	if err != nil {
+		defer http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+		return "", err
+	}
+
+	return discordId, nil
+}
+
+func RetrieveDiscordId(code string) (string, error) {
+	token, err := http.PostForm("https://discord.com/api/oauth2/token", url.Values{
+		"client_id":     {os.Getenv("DISCORD_CLIENT_ID")},
+		"client_secret": {os.Getenv("DISCORD_CLIENT_SECRET")},
+		"grant_type":    {"authorization_code"},
+		"code":          {code},
+		"redirect_uri":  {os.Getenv("DISCORD_CALLBACK_URI")},
+		"scope":         {"identify"},
+	})
+
+	if err != nil {
+		return "", err
+	}
+
+	// extract access_token from token
+	type TokenResponse struct {
+		AccessToken  string `json:"access_token"`
+		TokenType    string `json:"token_type"`
+		ExpiresIn    int    `json:"expires_in"`
+		Scope        string `json:"scope"`
+		RefreshToken string `json:"refresh_token"`
+	}
+
+	var tokenResponse TokenResponse
+	err = json.NewDecoder(token.Body).Decode(&tokenResponse)
+	if err != nil {
+		return "", err
+	}
+
+	access_token := tokenResponse.AccessToken
+	if access_token == "" {
+		return "", errors.New("access token is empty")
+	}
+
+	client := &http.Client{}
+	req, err := http.NewRequest("GET", "https://discord.com/api/users/@me", nil)
+	if err != nil {
+		return "", err
+	}
+
+	req.Header.Set("Authorization", "Bearer "+access_token)
+	resp, err := client.Do(req)
+	if err != nil {
+		return "", err
+	}
+
+	defer resp.Body.Close()
+
+	type User struct {
+		Id string `json:"id"`
+	}
+
+	var user User
+	err = json.NewDecoder(resp.Body).Decode(&user)
+	if err != nil {
+		return "", err
+	}
+
+	return user.Id, nil
+}
--- a/api/account/google.go
+++ b/api/account/google.go
@ -0,0 +1,97 @@
+/*
+	Copyright (C) 2024  Pagefault Games
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package account
+
+import (
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+func HandleGoogleCallback(w http.ResponseWriter, r *http.Request) (string, error) {
+	code := r.URL.Query().Get("code")
+	gameUrl := os.Getenv("GAME_URL")
+	if code == "" {
+		defer http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+		return "", errors.New("code is empty")
+	}
+
+	googleId, err := RetrieveGoogleId(code)
+	if err != nil {
+		defer http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+		return "", err
+	}
+
+	return googleId, nil
+}
+
+func RetrieveGoogleId(code string) (string, error) {
+	token, err := http.PostForm("https://oauth2.googleapis.com/token", url.Values{
+		"client_id":     {os.Getenv("GOOGLE_CLIENT_ID")},
+		"client_secret": {os.Getenv("GOOGLE_CLIENT_SECRET")},
+		"code":          {code},
+		"grant_type":    {"authorization_code"},
+		"redirect_uri":  {os.Getenv("GOOGLE_CALLBACK_URI")},
+	})
+
+	if err != nil {
+		return "", err
+	}
+	defer token.Body.Close()
+	type TokenResponse struct {
+		AccessToken  string `json:"access_token"`
+		TokenType    string `json:"token_type"`
+		ExpiresIn    int    `json:"expires_in"`
+		IdToken      string `json:"id_token"`
+		RefreshToken string `json:"refresh_token"`
+		Scope        string `json:"scope"`
+	}
+	var tokenResponse TokenResponse
+	err = json.NewDecoder(token.Body).Decode(&tokenResponse)
+	if err != nil {
+		return "", err
+	}
+
+	userId, err := parseJWTWithoutValidation(tokenResponse.IdToken)
+	if err != nil {
+		return "", err
+	}
+
+	return userId, nil
+}
+
+func parseJWTWithoutValidation(idToken string) (string, error) {
+	parser := jwt.NewParser()
+
+	// Use ParseUnverified to parse the token without validation
+	parsedJwt, _, err := parser.ParseUnverified(idToken, jwt.MapClaims{})
+	if err != nil {
+		return "", err
+	}
+
+	claims, ok := parsedJwt.Claims.(jwt.MapClaims)
+	if !ok {
+		return "", errors.New("invalid token claims")
+	}
+
+	return claims.GetSubject()
+}
--- a/api/account/info.go
+++ b/api/account/info.go
@ -23,12 +23,19 @@ import (

 type InfoResponse struct {
 	Username        string `json:"username"`
+	DiscordId       string `json:"discordId"`
+	GoogleId        string `json:"googleId"`
 	LastSessionSlot int    `json:"lastSessionSlot"`
 }

 // /account/info - get account info
-func Info(username string, uuid []byte) (InfoResponse, error) {
+func Info(username string, discordId string, googleId string, uuid []byte) (InfoResponse, error) {
 	slot, _ := db.GetLatestSessionSaveDataSlot(uuid)
-
-	return InfoResponse{Username: username, LastSessionSlot: slot}, nil
+	response := InfoResponse{
+		Username:        username,
+		LastSessionSlot: slot,
+		DiscordId:       discordId,
+		GoogleId:        googleId,
+	}
+	return response, nil
 }
--- a/api/account/login.go
+++ b/api/account/login.go
@ -55,18 +55,25 @@ func Login(username, password string) (LoginResponse, error) {
 		return response, fmt.Errorf("password doesn't match")
 	}

-	token := make([]byte, TokenSize)
-	_, err = rand.Read(token)
+	response.Token, err = GenerateTokenForUsername(username)
+
 	if err != nil {
 		return response, fmt.Errorf("failed to generate token: %s", err)
 	}

-	err = db.AddAccountSession(username, token)
-	if err != nil {
-		return response, fmt.Errorf("failed to add account session")
-	}
-
-	response.Token = base64.StdEncoding.EncodeToString(token)
-
 	return response, nil
 }
+
+func GenerateTokenForUsername(username string) (string, error) {
+	token := make([]byte, TokenSize)
+	_, err := rand.Read(token)
+	if err != nil {
+		return "", fmt.Errorf("failed to generate token: %s", err)
+	}
+
+	err = db.AddAccountSession(username, token)
+	if err != nil {
+		return "", fmt.Errorf("failed to add account session")
+	}
+	return base64.StdEncoding.EncodeToString(token), nil
+}
--- a/api/auth.go
+++ b/api/auth.go
@ -1,30 +0,0 @@
-package api
-
-import (
-	"github.com/gorilla/sessions"
-	"github.com/markbates/goth"
-	"github.com/markbates/goth/gothic"
-	"github.com/markbates/goth/providers/discord"
-)
-
-// TODO: actual randomized key for sessions
-const (
-	key    = "randomString"
-	MaxAge = 86400 * 30 // 30 days
-	IsProd = false
-)
-
-func InitAuth(discordClientId string, discordClientSecret string, discordCallbackURI string) {
-	store := sessions.NewCookieStore([]byte(key))
-	store.MaxAge(MaxAge)
-
-	store.Options.Path = "/"
-	store.Options.HttpOnly = true
-	store.Options.Secure = IsProd
-
-	gothic.Store = store
-
-	goth.UseProviders(
-		discord.New(discordClientId, discordClientSecret, discordCallbackURI, discord.ScopeIdentify),
-	)
-}
--- a/api/common.go
+++ b/api/common.go
@ -65,7 +65,6 @@ func Init(mux *http.ServeMux) error {

 	// auth
 	mux.HandleFunc("/auth/{provider}/callback", handleProviderCallback)
-	mux.HandleFunc("/auth/{provider}/link", handleProviderLink)
 	mux.HandleFunc("/auth/{provider}/logout", handleProviderLogout)
 	return nil
 }
--- a/api/endpoints.go
+++ b/api/endpoints.go
@ -19,14 +19,15 @@ package api

 import (
 	"database/sql"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
-	"log"
 	"net/http"
+	"os"
 	"strconv"
+	"strings"

-	"github.com/markbates/goth/gothic"
 	"github.com/pagefaultgames/rogueserver/api/account"
 	"github.com/pagefaultgames/rogueserver/api/daily"
 	"github.com/pagefaultgames/rogueserver/api/savedata"
@ -39,11 +40,6 @@ import (
 	Handler functions are responsible for checking the validity of this data and returning a result or error.
 	Handlers should not return serialized JSON, instead return the struct itself.
 */
-
-var (
-	user = string("")
-)
-
 // account

 func handleAccountInfo(w http.ResponseWriter, r *http.Request) {
@ -58,13 +54,25 @@ func handleAccountInfo(w http.ResponseWriter, r *http.Request) {
 		httpError(w, r, err, http.StatusInternalServerError)
 		return
 	}
-
-	response, err := account.Info(username, uuid)
+	discordId, err := db.FetchDiscordIdByUsername(username)
+	if err != nil {
+		if !errors.Is(err, sql.ErrNoRows) {
+			httpError(w, r, err, http.StatusInternalServerError)
+			return
+		}
+	}
+	googleId, err := db.FetchGoogleIdByUsername(username)
+	if err != nil {
+		if !errors.Is(err, sql.ErrNoRows) {
+			httpError(w, r, err, http.StatusInternalServerError)
+			return
+		}
+	}
+	response, err := account.Info(username, discordId, googleId, uuid)
 	if err != nil {
 		httpError(w, r, err, http.StatusInternalServerError)
 		return
 	}
-
 	writeJSON(w, r, response)
 }

@ -552,51 +560,100 @@ func handleDailyRankingPageCount(w http.ResponseWriter, r *http.Request) {

 // redirect link after authorizing application link
 func handleProviderCallback(w http.ResponseWriter, r *http.Request) {
-	gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
-
-	// called again with code after authorization
-	code := r.URL.Query().Get("code")
-	if code != "" {
-		userId, err := db.FetchDiscordIdByUsername(user)
-		if err != nil {
-
-		}
-		defer http.Redirect(w, r, "http://localhost:8000", http.StatusSeeOther)
+	provider := r.PathValue("provider")
+	state := r.URL.Query().Get("state")
+	gameUrl := os.Getenv("GAME_URL")
+	var externalAuthId string
+	var err error
+	switch provider {
+	case "discord":
+		externalAuthId, err = account.HandleDiscordCallback(w, r)
+	case "google":
+		externalAuthId, err = account.HandleGoogleCallback(w, r)
+	default:
+		http.Error(w, "invalid provider", http.StatusBadRequest)
+		return
 	}

-	gothUser, err := gothic.CompleteUserAuth(w, r)
 	if err != nil {
-		log.Println("callback err", w, r)
+		httpError(w, r, err, http.StatusInternalServerError)
 		return
-	} else {
-		err := db.AddDiscordAuthByUsername(gothUser.UserID, user)
+	}
+
+	if state != "" {
+		state = strings.Replace(state, " ", "+", -1)
+		stateByte, err := base64.StdEncoding.DecodeString(state)
 		if err != nil {
-			log.Println("error adding Discord Auth to database")
+			http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+			return
+		}
+
+		userName, err := db.FetchUsernameBySessionToken(stateByte)
+		if err != nil {
+			http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+			return
+		}
+
+		switch provider {
+		case "discord":
+			err = db.AddDiscordIdByUsername(externalAuthId, userName)
+		case "google":
+			err = db.AddGoogleIdByUsername(externalAuthId, userName)
+		}
+
+		if err != nil {
+			http.Redirect(w, r, gameUrl, http.StatusSeeOther)
 			return
 		}
-	}
-	log.Println("user", gothUser.UserID)
-}

-func handleProviderLink(w http.ResponseWriter, r *http.Request) {
-	gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
-	username := r.URL.Query().Get("username")
-	// username recorded prior to authorization
-	if username != "" {
-		user = username
-	}
-	// try to get the user without re-authenticating
-	if gothUser, err := gothic.CompleteUserAuth(w, r); err == nil {
-		log.Print("gothUser:", gothUser.Name)
 	} else {
-		gothic.BeginAuthHandler(w, r)
+		var userName string
+		switch provider {
+		case "discord":
+			userName, err = db.FetchUsernameByDiscordId(externalAuthId)
+		case "google":
+			userName, err = db.FetchUsernameByGoogleId(externalAuthId)
+		}
+		if err != nil {
+			http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+			return
+		}
+
+		sessionToken, err := account.GenerateTokenForUsername(userName)
+		if err != nil {
+			http.Redirect(w, r, gameUrl, http.StatusSeeOther)
+			return
+		}
+
+		http.SetCookie(w, &http.Cookie{
+			Name:  "pokerogue_sessionId",
+			Value: sessionToken,
+			Path:  "/",
+		})
 	}

+	defer http.Redirect(w, r, gameUrl, http.StatusSeeOther)
 }

 func handleProviderLogout(w http.ResponseWriter, r *http.Request) {
-	gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil }
-	gothic.Logout(w, r)
-	w.Header().Set("Location", "/")
-	w.WriteHeader(http.StatusTemporaryRedirect)
+	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusBadRequest)
+		return
+	}
+
+	switch r.PathValue("provider") {
+	case "discord":
+		err = db.RemoveDiscordIdByUUID(uuid)
+	case "google":
+		err = db.RemoveGoogleIdByUUID(uuid)
+	default:
+		http.Error(w, "invalid provider", http.StatusBadRequest)
+		return
+	}
+	if err != nil {
+		httpError(w, r, err, http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
 }
--- a/db/account.go
+++ b/db/account.go
@ -50,7 +50,7 @@ func AddAccountSession(username string, token []byte) error {
 	return nil
 }

-func AddDiscordAuthByUsername(discordId []byte, username string) error {
+func AddDiscordIdByUsername(discordId string, username string) error {
 	_, err := handle.Exec("UPDATE accounts SET discordId = ? WHERE username = ?", discordId, username)
 	if err != nil {
 		return err
@ -59,16 +59,65 @@ func AddDiscordAuthByUsername(discordId []byte, username string) error {
 	return nil
 }

-func FetchDiscordIdByUsername(username string) ([]byte, error) {
-	var discordId []byte
+func AddGoogleIdByUsername(googleId string, username string) error {
+	_, err := handle.Exec("UPDATE accounts SET googleId = ? WHERE username = ?", googleId, username)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func FetchUsernameByDiscordId(discordId string) (string, error) {
+	var username string
+	err := handle.QueryRow("SELECT username FROM accounts WHERE discordId = ?", discordId).Scan(&username)
+	if err != nil {
+		return "", err
+	}
+
+	return username, nil
+}
+
+func FetchUsernameByGoogleId(googleId string) (string, error) {
+	var username string
+	err := handle.QueryRow("SELECT username FROM accounts WHERE googleId = ?", googleId).Scan(&username)
+	if err != nil {
+		return "", err
+	}
+
+	return username, nil
+}
+
+func FetchDiscordIdByUsername(username string) (string, error) {
+	var discordId string
 	err := handle.QueryRow("SELECT discordId FROM accounts WHERE username = ?", username).Scan(&discordId)
 	if err != nil {
-		return nil, err
+		return "", err
 	}

 	return discordId, nil
 }

+func FetchGoogleIdByUsername(username string) (string, error) {
+	var googleId string
+	err := handle.QueryRow("SELECT googleId FROM accounts WHERE username = ?", username).Scan(&googleId)
+	if err != nil {
+		return "", err
+	}
+
+	return googleId, nil
+}
+
+func FetchUsernameBySessionToken(token []byte) (string, error) {
+	var username string
+	err := handle.QueryRow("SELECT a.username FROM accounts a JOIN sessions s ON a.uuid = s.uuid WHERE s.token = ?", token).Scan(&username)
+	if err != nil {
+		return "", err
+	}
+
+	return username, nil
+}
+
 func UpdateAccountPassword(uuid, key, salt []byte) error {
 	_, err := handle.Exec("UPDATE accounts SET (hash, salt) VALUES (?, ?) WHERE uuid = ?", key, salt, uuid)
 	if err != nil {
@ -257,3 +306,21 @@ func FetchUsernameFromUUID(uuid []byte) (string, error) {

 	return username, nil
 }
+
+func RemoveDiscordIdByUUID(uuid []byte) error {
+	_, err := handle.Exec("UPDATE accounts SET discordId = NULL WHERE uuid = ?", uuid)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func RemoveGoogleIdByUUID(uuid []byte) error {
+	_, err := handle.Exec("UPDATE accounts SET googleId = NULL WHERE uuid = ?", uuid)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/db/db.go
+++ b/db/db.go
@ -97,6 +97,12 @@ func setupDb(tx *sql.Tx) error {
 		// MIGRATION 002

 		`DROP TABLE accountCompensations`,
+
+		// ----------------------------------
+		// MIGRATION 003
+
+		`ALTER TABLE accounts ADD COLUMN IF NOT EXISTS discordId VARCHAR(32) UNIQUE DEFAULT NULL`,
+		`ALTER TABLE accounts ADD COLUMN IF NOT EXISTS googleId VARCHAR(32) UNIQUE DEFAULT NULL`,
 	}

 	for _, q := range queries {
--- a/docker-compose.Example.yml
+++ b/docker-compose.Example.yml
@ -1,6 +1,6 @@
 services:
  server:
-    command: --debug --dbaddr db --dbuser pokerogue --dbpass pokerogue --dbname pokeroguedb
+    command: --debug --dbaddr db --dbuser pokerogue --dbpass pokerogue --dbname pokeroguedb --gameurl http://localhost:8000 --callbackuri http://localhost:8001 
    image: ghcr.io/pagefaultgames/rogueserver:master
    restart: unless-stopped
    depends_on:
--- a/go.mod
+++ b/go.mod
@ -8,19 +8,6 @@ require (
 	golang.org/x/crypto v0.22.0
 )

-require (
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/gorilla/context v1.1.1 // indirect
-	github.com/gorilla/mux v1.6.2 // indirect
-	github.com/gorilla/securecookie v1.1.2 // indirect
-	golang.org/x/oauth2 v0.17.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/protobuf v1.32.0 // indirect
-)
+require github.com/golang-jwt/jwt/v5 v5.2.1

-require (
-	github.com/gorilla/sessions v1.2.2
-	github.com/joho/godotenv v1.5.1
-	github.com/markbates/goth v1.79.0
-	golang.org/x/sys v0.19.0 // indirect
-)
+require golang.org/x/sys v0.19.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,66 +1,10 @@
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
-github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
-github.com/gorilla/mux v1.6.2 h1:Pgr17XVTNXAk3q/r4CpKzC5xBM/qW1uVLV+IhRZpIIk=
-github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
-github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
-github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
-github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
-github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
-github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
-github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
-github.com/markbates/goth v1.79.0 h1:fUYi9R6VubVEK2bpmXvIUp7xRcxA68i8ovfUQx/i5Qc=
-github.com/markbates/goth v1.79.0/go.mod h1:RBD+tcFnXul2NnYuODhnIweOcuVPkBohLfEvutPekcU=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
-golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
-golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ=
-golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
 golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
-google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
--- a/rogueserver.go
+++ b/rogueserver.go
@ -44,12 +44,27 @@ func main() {
 	dbaddr := flag.String("dbaddr", "localhost", "database address")
 	dbname := flag.String("dbname", "pokeroguedb", "database name")

-	discordclientid := flag.String("discordclientid", "1225433195617718315", "Discord Oauth2 Client ID")
-	discordsecretid := flag.String("discordsecretid", "LxtTMCEeRagl7Rve0goZzUnv4mnT5Xzm", "Discord Oauth2 Client ID")
-	discordcallbackuri := flag.String("discordcallbackuri", "http://localhost:8001/auth/discord/callback", "Discord Oauth2 Client ID")
+	discordclientid := flag.String("discordclientid", "dcid", "Discord Oauth2 Client ID")
+	discordsecretid := flag.String("discordsecretid", "dsid", "Discord Oauth2 Secret ID")
+
+	googleclientid := flag.String("googleclientid", "gcid", "Google Oauth2 Client ID")
+	googlesecretid := flag.String("googlesecretid", "gsid", "Google Oauth2 Secret ID")
+	callbackuri := flag.String("callbackuri", "http://localhost:8001/", "Callback URI for Oauth2 Client")
+
+	gameurl := flag.String("gameurl", "https://pokerogue.net", "URL for game server")

 	flag.Parse()

+	// set discord client id as env variable
+	os.Setenv("DISCORD_CLIENT_ID", *discordclientid)
+	os.Setenv("DISCORD_CLIENT_SECRET", *discordsecretid)
+	os.Setenv("DISCORD_CALLBACK_URI", *callbackuri+"/auth/discord/callback")
+
+	os.Setenv("GOOGLE_CLIENT_ID", *googleclientid)
+	os.Setenv("GOOGLE_CLIENT_SECRET", *googlesecretid)
+	os.Setenv("GOOGLE_CALLBACK_URI", *callbackuri+"/auth/google/callback")
+	os.Setenv("GAME_URL", *gameurl)
+
 	// register gob types
 	gob.Register([]interface{}{})
 	gob.Register(map[string]interface{}{})
@ -72,7 +87,6 @@ func main() {
 	if err := api.Init(mux); err != nil {
 		log.Fatal(err)
 	}
-	api.InitAuth(*discordclientid, *discordsecretid, *discordcallbackuri)

 	// start web server
 	handler := prodHandler(mux)