From 0a60ea7ffbd2d18597bcdfb18b17c8871d3fc650 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Roman=20Kr=C4=8Dek?= <roman.krcek@tietoevry.com>
Date: Mon, 23 Jun 2025 14:28:44 +0200
Subject: [PATCH] Fix validation fo google tokens

---
 src/routes/private/api/gmail/+server.ts | 19 +++++++++++++++++++
 src/routes/private/creator/+page.svelte | 16 ++++++++++++++--
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/src/routes/private/api/gmail/+server.ts b/src/routes/private/api/gmail/+server.ts
index aa76b34..83bc247 100644
--- a/src/routes/private/api/gmail/+server.ts
+++ b/src/routes/private/api/gmail/+server.ts
@@ -60,5 +60,24 @@ export const POST: RequestHandler = async ({ request }) => {
 		}
 	}
 
+	/* validate token */
+	if (action === 'validate') {
+		if (!refreshToken) {
+			console.log('No refreshToken provided');
+			return json({ valid: false });
+		}
+		try {
+			console.log('Validating refreshToken:', refreshToken);
+			const oAuth2Client = getOAuthClient();
+			oAuth2Client.setCredentials({ refresh_token: refreshToken });
+			await oAuth2Client.getAccessToken(); // This will throw if invalid
+			console.log('Token is valid');
+			return json({ valid: true });
+		} catch (err) {
+			console.error('Token validation error:', err);
+			return json({ valid: false, error: (err as Error).message });
+		}
+	}
+
 	return new Response('Bad request', { status: 400 });
 };
diff --git a/src/routes/private/creator/+page.svelte b/src/routes/private/creator/+page.svelte
index 42a156a..0489a10 100644
--- a/src/routes/private/creator/+page.svelte
+++ b/src/routes/private/creator/+page.svelte
@@ -9,9 +9,21 @@
 	let subject = '';
 	let body = '';
 
-	onMount(() => {
+	async function validateToken(token: string): Promise<boolean> {
+		if (!token) return false;
+		const res = await fetch('/private/api/gmail', {
+			method: 'POST',
+			headers: { 'Content-Type': 'application/json' },
+			body: JSON.stringify({ action: 'validate', refreshToken: token })
+		});
+		if (!res.ok) return false;
+		const data = await res.json();
+		return !!data.valid;
+	}
+
+	onMount(async () => {
 		refreshToken = localStorage.getItem('gmail_refresh_token') ?? '';
-		authorized = !!refreshToken;
+		authorized = await validateToken(refreshToken);
 	});
 
 	/* ⇢ redirects straight to Google via server 302 */