3 files changed, 20 insertions, 10 deletions

diff --git a/crates/api-auth/Cargo.toml b/crates/api-auth/Cargo.toml
index 7df9411..053bbb9 100644
--- a/crates/api-auth/Cargo.toml
+++ b/crates/api-auth/Cargo.toml
@@ -17,6 +17,7 @@ sqlx.workspace = true
 thiserror.workspace = true
 utoipa = { workspace = true, optional = true }
 url.workspace = true
+async-session = "3.0.0"
 
 [features]
 discord = []
diff --git a/crates/api-auth/src/discord/mod.rs b/crates/api-auth/src/discord/mod.rs
index a39722d..29b9bc2 100644
--- a/crates/api-auth/src/discord/mod.rs
+++ b/crates/api-auth/src/discord/mod.rs
@@ -1,8 +1,10 @@
 use api_core::models::user::User;
+use async_session::Session;
 use async_trait::async_trait;
+use oauth2::{CsrfToken, Scope};
 use sqlx::PgPool;
 
-use crate::{BasicClient, OauthDriver, error::AuthError};
+use crate::{BasicClient, CSRF_TOKEN, OauthDriver, error::AuthError};
 
 #[derive(Clone, Debug)]
 pub struct AuthServiceDiscord {
@@ -24,7 +26,19 @@ impl OauthDriver for AuthServiceDiscord {
     async fn get_user(&self) -> Result<User, AuthError> {
         todo!()
     }
-    async fn create_session(&self, _user: &User) {
+    async fn create_oauth_session(&self)->Result<String,AuthError> {
+        let (auth_url, csrf_token) = self
+            .client
+            .authorize_url(CsrfToken::new_random)
+            .add_scope(Scope::new("identify".to_string()))
+            .url();
+
+        let mut session = Session::new();
+        session.insert(CSRF_TOKEN, &csrf_token).unwrap();
+
+        Ok(String::default())
+    }
+    async fn save_session(&self, user: &User)->Result<(), AuthError>{
         todo!()
     }
 }
diff --git a/crates/api-auth/src/lib.rs b/crates/api-auth/src/lib.rs
index 284b772..95a04c4 100644
--- a/crates/api-auth/src/lib.rs
+++ b/crates/api-auth/src/lib.rs
@@ -3,7 +3,6 @@ pub mod discord;
 
 mod error;
 use api_core::auth::AuthClientConfig;
-use api_core::auth::provider::OauthProvider;
 use api_core::models::user::User;
 pub use error::AuthClientError;
 
@@ -24,20 +23,16 @@ pub struct BasicClient(C);
 pub trait OauthDriver: Send + Sync + std::fmt::Debug {
     async fn get_auth_token(&self) -> Result<String, AuthError>;
     async fn get_user(&self) -> Result<User, AuthError>;
-    async fn create_session(&self, user: &User);
+    async fn create_oauth_session(&self)->Result<String, AuthError>;
+    async fn save_session(&self, user: &User)->Result<(), AuthError>;
 }
 
 use oauth2::{AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
-use sqlx::PgPool;
-use std::collections::HashMap;
-use std::sync::Arc;
 use std::{convert::TryFrom, ops::Deref};
 
 use crate::error::AuthError;
 
-pub struct OauthService {
-    clients: HashMap<OauthProvider, Arc<dyn OauthDriver>>,
-}
+static CSRF_TOKEN: &str = "csrf_token";
 
 impl Deref for BasicClient {
     type Target = C;