image / auth /README.md
radithgo's picture
Initial MangaDex auth and image proxies
3be8994
|
Raw
History Blame Contribute Delete
1.38 kB

MangaDex Auth Proxy

Cloudflare Worker CORS proxy for MangaDex OAuth/API setup flows.

This exists for plain HTML tools that need to call MangaDex OAuth from a browser. Browsers block direct cross-origin token responses, so this worker forwards the request and adds CORS headers to the response.

Deploy

npm install
npm run deploy

Local Development

npm install
npm run dev

Usage

https://your-worker.example/https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token

Example with placeholder values:

curl "https://your-worker.example/https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token" \
  -H "content-type: application/x-www-form-urlencoded" \
  --data "grant_type=refresh_token&refresh_token=YOUR_REFRESH_TOKEN&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"

Allowed Targets

This worker only proxies:

  • https://auth.mangadex.org/*
  • https://api.mangadex.org/*

It rejects other hosts so the deployed worker is not a fully open public proxy.

Security

The worker can read whatever you send through it. That includes usernames, passwords, client secrets, access tokens, and refresh tokens.

Deploy your own worker and use it only for setup/testing. For scheduled GitHub Actions, store tokens in GitHub Secrets and call MangaDex directly from the action.