image / auth /README.md
radithgo's picture
Initial MangaDex auth and image proxies
3be8994
|
Raw
History Blame Contribute Delete
1.38 kB
# MangaDex Auth Proxy
Cloudflare Worker CORS proxy for MangaDex OAuth/API setup flows.
This exists for plain HTML tools that need to call MangaDex OAuth from a browser. Browsers block direct cross-origin token responses, so this worker forwards the request and adds CORS headers to the response.
## Deploy
```bash
npm install
npm run deploy
```
## Local Development
```bash
npm install
npm run dev
```
## Usage
```text
https://your-worker.example/https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token
```
Example with placeholder values:
```bash
curl "https://your-worker.example/https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token" \
-H "content-type: application/x-www-form-urlencoded" \
--data "grant_type=refresh_token&refresh_token=YOUR_REFRESH_TOKEN&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"
```
## Allowed Targets
This worker only proxies:
- `https://auth.mangadex.org/*`
- `https://api.mangadex.org/*`
It rejects other hosts so the deployed worker is not a fully open public proxy.
## Security
The worker can read whatever you send through it. That includes usernames, passwords, client secrets, access tokens, and refresh tokens.
Deploy your own worker and use it only for setup/testing. For scheduled GitHub Actions, store tokens in GitHub Secrets and call MangaDex directly from the action.