ekzyis
/
stacker.news
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

limit oauth scope to minimum possible: public github info for user

This commit is contained in:
mvpratt 2023-03-13 11:40:25 -06:00 committed by keyan
parent d08d593f69
commit 48b08d2aff
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pages/api/auth/[...nextauth].js
View File

@ -142,7 +142,8 @@ export default (req, res) => NextAuth(req, res, {
Providers.GitHub({
clientId: process.env.GITHUB_ID,
clientSecret: process.env.GITHUB_SECRET,
authorization: 'https://github.com/login/oauth/authorize?scope=read:user',
authorization: 'https://github.com/login/oauth/authorize',
scope: '', // read-only acces to public information
profile: profile => {
return {
...profile,