Introduction
This is a Cloudflare worker that serves two main purposes:
- Provide OAuth callbacks for GitHub authentication.
- Proxy authenticated requests for GitHub files.
If you're interested in a Vercel version, check out slimplate-next-template (opens in a new tab), which has this backend, as well as a frontend that uses it. You can also check out the files for this Cloudflare worker here (opens in a new tab).
Authentication
To set up authentication, follow these steps:
-
Add a GitHub OAuth app under "Developer Settings" and set the redirect URL to wherever this Cloudflare worker is deployed (
https://cfghserver.YOURNAME.workers.dev/api/github/callback). -
Edit
secrets.jsonto include the following details:{ "GITHUB_CLIENT": "YOUR_GITHUB_CLIENT", "GITHUB_SECRET": "YOUR_GITHUB_SECRET", "REDIRECT_URLS": "http://localhost:5173/" }
Note that REDIRECT_URLS is a comma-separated list of authorized URLs to redirect to with the OAuth token. It does not have to match GitHub's redirect URL.
- Run
npm run deployfor initial deployment. - Run
wrangler secret:bulk secrets.jsonto push your secrets to the Cloudflare worker. - In your app, hit
https://cfghserver.YOURNAME.workers.dev/api/github?code=XXXX&redir=http%3A%2F%2Flocalhost%3A5173%2F&scope=WHATEVERto get the OAuth token (in theghquery parameter). The code parameter comes from the OAuth flow for the user. You can read more about it here.
You can see an example of using this for GitHub login here (opens in a new tab).
Proxy
In your app, use URLs in the format https://cfghserver.YOURNAME.workers.dev/api/cors/github.com/USERNAME/REPO_NAME.git/PATH_TO_FILE to make authenticated requests for GitHub files.
For example, you could use the URL https://cfghserver.YOURNAME.workers.dev/api/cors/github.com/slimplate/private-tester.git/info/refs to proxy an authenticated request for the info/refs file in the slimplate/private-tester repository on GitHub.
Note that this Cloudflare worker uses ideas from here to implement the proxy functionality.