src/routes/api/exchange-code/+server.ts

import type { RequestHandler } from "@sveltejs/kit";

export const GET: RequestHandler = async ({ url }) => {
    const code = url.searchParams.get("code");
    if (!code) {
        return new Response(JSON.stringify({ error: "Code not provided" }), { status: 400 });
    }
    const clientId = import.meta.env.VITE_CLIENT_ID;
    const clientSecret = import.meta.env.VITE_CLIENT_SECRET;
    const redirectUri = import.meta.env.VITE_REDIRECT_URI;
    const tokenUrl = "https://huggingface.co/oauth/token";
    const body = new URLSearchParams({
        client_id: clientId,
        client_secret: clientSecret,
        redirect_uri: redirectUri,
        code: code,
        grant_type: "authorization_code",
    });

    try {
        const response = await fetch(tokenUrl, {
            method: "POST",
            headers: {
                "Content-Type": "application/x-www-form-urlencoded",
            },
            body,
        });

        if (!response.ok) {
            return new Response(JSON.stringify({ error: "Token exchange failed" }), { status: response.status });
        }
        const data = await response.json();
        const accessToken = data.access_token;

        return new Response(JSON.stringify({ access_token: accessToken }), {
            status: 200,
            headers: { "Content-Type": "application/json" },
        });
    } catch (error) {
        return new Response(JSON.stringify({ error: "Token exchange failed" }), { status: 500 });
    }
};