add get avatar to fall back on atproto.get. cleanup

fatfingers23 · fatfingers23 · commit 01503af5a050 · 2026-02-04T10:50:56.000-06:00
diff --git a/server/api/auth/atproto.get.ts b/server/api/auth/atproto.get.ts
@@ -10,6 +10,38 @@ import { handleResolver } from '#server/utils/atproto/oauth'
 import { type AtIdentifierString, Client } from '@atproto/lex'
 import * as app from '#shared/types/lexicons/app'
 
+/**
+ * Fetch the user's profile record to get their avatar blob reference
+ * @param did
+ * @param pds
+ * @returns
+ */
+async function getAvatar(did: string, pds: string) {
+  let avatar: string | undefined
+  try {
+    const pdsUrl = new URL(pds)
+    // Only fetch from HTTPS PDS endpoints to prevent SSRF
+    if (did && pdsUrl.protocol === 'https:') {
+      const client = new Client(pdsUrl)
+      const profileResponse = await client.get(app.bsky.actor.profile, {
+        // Hack for now need to find an example on how to use it properly
+        repo: did as AtIdentifierString,
+        rkey: 'self',
+      })
+
+      const validatedResponse = app.bsky.actor.profile.main.validate(profileResponse.value)
+
+      if (validatedResponse.avatar?.ref) {
+        // Use Bluesky CDN for faster image loading
+        avatar = `https://cdn.bsky.app/img/feed_thumbnail/plain/${did}/${validatedResponse.avatar?.ref}@jpeg`
+      }
+    }
+  } catch {
+    // Avatar fetch failed, continue without it
+  }
+  return avatar
+}
+
 export default defineEventHandler(async event => {
   const config = useRuntimeConfig(event)
   if (!config.sessionPassword) {
@@ -72,30 +104,7 @@ export default defineEventHandler(async event => {
   if (response.ok) {
     const miniDoc: PublicUserSession = await response.json()
 
-    // Fetch the user's profile record to get their avatar blob reference
-    let avatar: string | undefined
-    const did = agent.did
-    try {
-      const pdsUrl = new URL(miniDoc.pds)
-      // Only fetch from HTTPS PDS endpoints to prevent SSRF
-      if (did && pdsUrl.protocol === 'https:') {
-        const client = new Client(pdsUrl)
-        const profileResponse = await client.get(app.bsky.actor.profile, {
-          // Hack for now need to find an example on how to use it properly
-          repo: did as AtIdentifierString,
-          rkey: 'self',
-        })
-
-        const validatedResponse = app.bsky.actor.profile.main.validate(profileResponse.value)
-
-        if (validatedResponse.avatar?.ref) {
-          // Use Bluesky CDN for faster image loading
-          avatar = `https://cdn.bsky.app/img/feed_thumbnail/plain/${did}/${validatedResponse.avatar?.ref}@jpeg`
-        }
-      }
-    } catch {
-      // Avatar fetch failed, continue without it
-    }
+    let avatar: string | undefined = await getAvatar(authSession.did, miniDoc.pds)
 
     await session.update({
       public: {
@@ -106,14 +115,15 @@ export default defineEventHandler(async event => {
   } else {
     //If slingshot fails we still want to set some key info we need.
     const pdsBase = (await authSession.getTokenInfo()).aud
+    let avatar: string | undefined = await getAvatar(authSession.did, pdsBase)
     await session.update({
       public: {
         did: authSession.did,
         handle: 'Not available',
         pds: pdsBase,
+        avatar,
       },
     })
   }
-
   return sendRedirect(event, '/')
 })
diff --git a/server/utils/atproto/oauth-session-store.ts b/server/utils/atproto/oauth-session-store.ts
@@ -17,13 +17,16 @@ export class OAuthSessionStore implements NodeSavedSessionStore {
 
   async set(_key: string, val: NodeSavedSession) {
     // We are ignoring the key since the mapping is already done in the session
-    console.log('New set expires:', val.tokenSet.expires_at)
     try {
       await this.session.update({
         oauthSession: val,
       })
     } catch (error) {
-      console.error('Error setting OAuth session:', error)
+      // Not sure if this has been happening. But helps with debugging
+      console.error(
+        '[oauth session store] Failed to set session:',
+        error instanceof Error ? error.message : 'Unknown error',
+      )
     }
   }
 
diff --git a/server/utils/atproto/oauth.ts b/server/utils/atproto/oauth.ts
@@ -67,12 +67,8 @@ async function getOAuthSession(
     })
 
     const currentSession = serverSession.data
-    if (!currentSession) {
-      console.log('oauth session not found')
-      return { oauthSession: undefined, serverSession }
-    }
+    if (!currentSession) return { oauthSession: undefined, serverSession }
 
-    // restore using the subject
     const oauthSession = await client.restore(currentSession.public.did)
     return { oauthSession, serverSession }
   } catch (error) {
