From 093b7a8135efcfe4f1fe29359e38204b801e24a5 Mon Sep 17 00:00:00 2001
From: Chad Freeman <ceo@marinadev.xyz>
Date: Sun, 18 Aug 2024 19:36:08 -0400
Subject: [PATCH] almost done fixing up oauth

---
 .github/workflows/deploy.yml                  |   2 +-
 bun.lockb                                     | Bin 136404 -> 136740 bytes
 package.json                                  |  89 ++---
 postcss.config.js                             |   8 +-
 src/app.d.ts                                  |  12 +-
 src/app.pcss                                  |   2 +-
 src/hooks.server.ts                           |  52 +--
 src/lib/Tab.svelte                            |  39 ++-
 src/lib/apiclient.ts                          |  18 +-
 src/lib/server/auth.ts                        |  36 +-
 src/lib/server/db.ts                          |  73 ++--
 src/lib/server/hono.ts                        |  24 +-
 src/lib/server/oauth.ts                       | 322 +++++++++++-------
 src/routes/+layout.svelte                     |   6 +-
 src/routes/+page.ts                           |   6 +-
 src/routes/api/[...path]/+server.ts           |   6 +-
 src/routes/app/+layout.server.ts              |  16 +-
 src/routes/app/+layout.svelte                 | 153 +++++----
 src/routes/app/+page.svelte                   |  46 +--
 src/routes/app/:[roomID]/+page.svelte         |   4 +-
 src/routes/app/:[roomID]/+page.ts             |   4 +-
 src/routes/auth/+page.server.ts               | 137 ++++----
 src/routes/auth/+page.svelte                  |  77 +++--
 src/routes/auth/signout/+server.ts            |  20 +-
 src/routes/oauth/[provider]/+server.ts        |   4 +-
 .../oauth/[provider]/callback/+page.server.ts |   4 +
 .../oauth/[provider]/callback/+page.svelte    |   8 +
 .../oauth/[provider]/callback/+server.ts      |   0
 svelte.config.js                              |  10 +-
 tailwind.config.js                            |  13 +-
 vite.config.ts                                |   6 +-
 31 files changed, 677 insertions(+), 520 deletions(-)
 create mode 100644 src/routes/oauth/[provider]/callback/+page.server.ts
 create mode 100644 src/routes/oauth/[provider]/callback/+page.svelte
 delete mode 100644 src/routes/oauth/[provider]/callback/+server.ts

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index bba427d..0662f03 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -38,4 +38,4 @@ jobs:
         with:
           project: 'spiel-place'
           entrypoint: 'mod.ts'
-          root: 'build'
\ No newline at end of file
+          root: 'build'
diff --git a/bun.lockb b/bun.lockb
index 55fe5bbe22d9864eb8fca03a222e74d68bba4381..3dfa21c86aba6a90f8a8a5252bca64d2e68d286d 100755
GIT binary patch
delta 8483
zcmeI2dsJ0b9>@2-fO5f`5GaD7*+V4b@=&}Q=|%H}S1eSxK1LA%6?~wgX1*>ylTi}f
z=3$z_N0@1oE6bHcO{RmXlvX}!W$8?<X|<+i)v8wcDrvsob2oOI(6a2GS?uNKeE09S
zfBV5cXP>*zIiA`Xxb5k{a(nFCx8HO6%QcJpjeBhRGp%~Rv&CBXNSpItoyz&>!69?f
z7HyB+(8eN|@+;gOEg3n_&TkjgqOhnqUkLR`P?V=;iV$suD9J1k!U{cu&{oi>LLpj1
zTSJ4Peo*>9MI1G2s<&Q#ac<7EoV@%r*f#i+q2bV+*|~EHa)l@=o>s)}FHRF84E_bk
zvwX#LAwq=klpI3lCOG_On2wTxT5F;7Z-cgh8c=qSjpk6Xq#8<lHT)cC5E^C&sd@P`
zisGlvJ37-_Z!eU8U^SHGYoQU)Tf6%0yY;g@+k=CG0t@O6-CKSC&ZIrN+ib}Q2tZ3M
zRK}fM*GB}(`&HUxr}U`O$xiDr%vE<(^+Tb<DlroyVF^{?a#+X1x(Ak2p|K9RLzPZ(
zT4OP11I-BdtVOW;!17n2(GIywr4=~k*Q&I@X`O~SV@pyU@9ePF!|Dmkk1bi`G&Q8K
zkL<5X3!U;&RbS`~sK-<$sIps9tgSG2$!5jS7>DeuN~b!l8{kWVPpD7~@)WED)2gsL
ztl^j|Z&}4H4olVyH6*4_z+pHOl+BqEa2`2_vfYwmu@|W!)B6MzVUD}2^yw*<-KN9(
zAsmTjhZ!*r>&=+T!DizbXnYJTZ{x@NJFFkV8fuo&ikl_Guq)O=Sl)UllXa@JD8<tr
zlTMhZxW+^b4J7K#pcf6K-$6as-LM~O+-ufqT5*ku5xV^6)!YAdRPeU^^9}#PINg7f
z1HkGLxVlA4fU{~QU*${`0}1A6oeO1ZN?X9c&@A;T?@zYH+ClYGXJ<ut*xWMh^;L$i
z(0*TK{7OJwrOT;|U#)E_yMF|5*cE{B>j4v${zq|VqRot%s0`ew)iAw6P+8$I?f<j(
zQ|aHN?Q1FHw(2-42VAZDN5-3|4BW15U**7_1k@e6oXUot(zdVC|1|IiyLGv*vi!OJ
zy5Kn|1NQ=UPy?8*rEH*<L26fVL?~<hjTVxr>TGd@IlV8#!_s|#cilR`M5X^AU|WZ@
zeHh9_rN169?lr)4Ee%BZ3BdT1yjL@G3NTUG;5#&sd^HUACjdV(;sUU#U2`HLkr6G>
z1Y2o|18ZApsIzlAc48)&2dyl%!L~x%Lj6_r+?ZGfMC&LjqdIEaSN&Ak+<0@sZr7#P
zQij}t15a8P9e+K_QQW2LQJL*3%^R?pG0#*2y((^=_dF)*up}s}ch`0@qmZba|K8fZ
z5z0TWuhh!~8FO{?*Bwwfkb&C%HOl&fQ9lBjt=svj>Ko@z3sCEt6>m_v=c*(7p#$Ey
zCm}8bI#0(_nSD^(zRIaxsQtc5e`9}ChImSF<SliTuHdV5J&XgVvQ(G*D*bD;pUUi7
zt!3IzW!yS#Q)yQ~Z{lrwGcp`mH5C8EHmy(4K%z3cUF(xtchHIS+Z5;jmo$KpioNKN
z1AS3<d_$Di->+$i1KFnsLgke1*EW^c%wcUerL6xt%02v1dP4^`r7U_A2X=5=$N4H<
zC$yi+>`5H>d+@II`zl?haiG4}xc-qb6O|pEfpUZ&X#dremAKm^Ow{Y!dFu85J8VhK
z0X5YwXZ*^}Q}_Ra1BJX}-LRdZIgG2f=lMN5YKzW)X6HHVH*Y<gcb?`c-ijlaPV>%_
z_l$#jHkx;y%{xzA3P0Mp@`t5)=b7EO6U^4Xu}x|7&XbeVyz}(kp>p~BKkPhv;O{WE
zpjY%4?L7BfTzPcH&{LJ3hEV_gN75&JQ5PR@c<SVJV*(xzKRL4C?Mcf%5Oou+pB}kf
zc_#DY<HjBDJ(1Kewf@-!_EyQ2E0(|NSm(UF=yP0FQZ%$~fZnHSzjmuB-`G_2H!e9q
z6@24X?atZMF<66C<T<xG0&DR(mrPUju;!n)skrkl=~54!cdITJZ0anmbQOESt=@%I
zcEN?W-lt)$zGzduFS=xgD!u4dJulhRXRt=7UYFeJ->|AKxn!pL1Xks@HkJOZOS;vc
zzICg?-`Uh<Sff?icW!k7)~@eda;&-tYsY1q8h6<x$Elr{-D*^WP1zb;GFy#qaLWnm
zSsZhe^?SFRsB&=3Rkb+gJs&FHk5q594PPJOZ+sCc0|P3tEev_|fONtmKQ;PB$uOB!
zlNlwyA7GSQWMWWdj`z0ICD-_3iwrkrPmp(UuiWsxH}RzPF=x^HR>s%ndE~P)lT*iV
z(`~-=fu?F7ujC2dZuo<MGva-0c^}Hu4-U4)$Kz4J+^h4|1Os_%%mYjVw2$vd_z1$z
z2ExaUJYN}cpnM)0r+q=lFGike4wTtou!;_(xp1%zKFaVm&G`9zR$?GNnut=s3J<}-
z5%TeLjrQ@0pK*NORi=H5;9!HCmF37cHq5wC!1tzXw*(IQZU*ZB+gPf7VIo?Ha_wBE
zouhIYj+rQsMu%|AZARuqIkj^XJbZ*Z3;qHA3HVHS3cL;80VkyK@kD7K@HJxjYOOU0
z0ihra><0(H-$5NX2wnxe6}<#r27H%L4pNNKxw8Fj4IBwf2`s=L@K<dD;5Y|LV`HxD
zVfzSS9|J!6j5JQ?%9yNdWG4ci(R?roOa@Z`{%p|!@G15-&=GV3(Vzo}0!KhScn$0W
zuYldc$jXyF<nu;Zo^-@*f-4wU!B#ZKmz}SJW8f_?3I55T02CTu=E<?1@yI$sD(C?m
zpeN`B?g1&_UcmQu-9T4xH;4mv5D&V5Sa1ip6LbbKfbVQy0S5rz>b?N>0KQn>395PB
zZ$st@<9NP|kVVEP`O@jZmo4-0o$n6#LZk+~0BXS|l+}WhfbXMl$(mQ_JZN9g5AcoT
zL6pA=_JZwz9~tI>2f=*s5a4&lnE;=f#B5NFdM|Pb^77{8%=NPba6NMU9YN3`@FZ9T
z9tJDGa<C9A0>xk(Vqb#RgVo@VU@ce)_$avqaG{qVZYfv>R)Ce@FJh1oRVds5_{qQk
zOF;=(g8+VJSPk6><;xU4{_}=#6!eDO2kb|Fmoa^^94m*L;u;Q*2PIt9T*X|q%VBd>
zD!{KC{NlkC$pyFyW%M<cmGhE83Yldt!cK9#;IqLf;0BpsB;b&DfDy=NfWe@DP3;u<
zQVY*O<T;P+P|kUp0S3Vy3S3|aNCPbANoot|e*oMM(!nsma@H9RcwKUpWNCOkj|F4E
zXn=p>4>*jI;&ySLcH}|1S|@@WkU9$orpJx8Gi7HZb*AjvQjSlsC)tx~X3vzj%68uG
z;aEEQJ8&THiAXi&v*d!Vvc?Fml1pW#QC1}*do+FlFRFaA^^(;?4T~J#-JaCV-c2-q
zBk#68cfo<GEsHJkT!DFC#8-6VOqFbBi7GVCRmn-oSC4G`e*T}7oSgckVOF%BXiv6x
z$K)9mn`ETSGXA<rricCSC_?0ZBY3mSl!uI*%?R^K`zv3^U0;O_il6y_*<6A>5tp9v
z4C2~1eqPVI)P49<y=HIJ0ZCYi#=kbpZtWYtw`bh_#+ruD#y^DsOkJYGo=|NhZjtG7
zt>M`sBa<7yuYYdYHE78jEg$xm3HF}sNHl(dKQZpTc10aV_57jasBsKcgC2O?dxk=)
z`CFaZ!kl|yBy5%YgHpM0kw&zsxwKVIn9`c(Dn2fr5|?c6VH`LqJJpN{vea6G%JqMB
M*wDs^4!6|&7eZYa$p8QV

delta 8218
zcmeI1X;f548isFyC=Ip}H-btcNdVUt6m1lx&A6b`l0-!t;}Q{2S_K5e1)_~BYBZuX
za>WS>XktwCIF84lMx(~vY~wZ)CT4OnCzE4xPG<SxE;8?XyD*&zVw~td>hRpRzOUA<
zd#k8hck2${i`#vRES;|Hjkk?kyJzO|gM*et^;+rQtf=%4ZF0It*Yud4@X?&y6@yxN
zX$&cA9Z!2DOxiv7Nk3;=W=5vrOLFGS%XMnWxid1eotjpdrfF?7tsoR}6ZA4NHHCf;
zyE*hLs6X@ql>P%s!=}5-rRF3j%}7c~4T5b(x{nn8fn(3i(6pAY@=#kVXhOQC1wf0T
z&7c>R-6q5BUje0m7PK{VDwMT#N1s_P2TD6pX88vOy)o0BYZ;V%&w;YF@q5bs1O4_K
zX<ar#mQ9ToFUqQ^Hd85nVH8rmWm2fsbPiSmEKQc%ttJb8O<!0-hIF!uxw0zFX1WRA
z5F-bCCfhVki-pxlh6G#1d|BeOiQ}@$X*2c1FJ?_bejR2tmB5OI<;|MB&P|sar^Sj^
zvTB-5q{^V_HlGp<NrWtIA7i?VSTCbsNVruzA*-g_Oeq+U9`I>01fARpE5fkKEmqSv
z_tMJSTfM?E<jdi)CLJThENH!p)#nr}s|;=*<8?PfZcLB$v0=cXWNCVgD3B%THq&m{
zkw*5UaI5L>u!b7-C!zk%7(RE~Uk|dHcEcKOq|vH|^};>No>f~8X+p}X%otZ&++xB&
zZ3@C@AW&NX42%&TgSsBNVsDg)ardWA4Mf^VmHuFLxBn0Y+%-SA;$N6gwO?lkFgG+j
z?phOoJ8lF|<w#@$0dkbif-=;ljp5HTQr*f`Ciqq5pt3@Ch!qw9O$KKN8a-SHgV`6;
zi{Pouy#!E~0tPDc7t%nWvia43trP*~Ukezh^#6_qf`__{jO*cKfnug2P+6b^(7zEd
zQ0XtFfl!|^Ul}tYlmT|Q0x<lj`2EcIrs4jnvf;M?b(>13vZC$E_Eh@c1&zQimF}rb
z->v*q=G)s37dG%7V5m=7!9F9GTZIgE1wKK?`^sym?B)uTU1#~aeBk|1rBK<<F~E9G
zDElOoflB{rz<g%_Lw)Lt^mBmu&nvwEWq|fID!k;jHBZIA1MLcE4z2?;XvA8S3i-pV
zz#w+VS9v`ZKRfs75T-UostMW}%FzshvOrs2<b>St=b7s%TK}WG=OM~pp9;A%H(Vaf
z^_6!Dd|hlKT$OqlWiL9Za#Th;E1Sw2)m_=1N>_yPLuLMKlZ$orgpckhl}6>w=%?&Q
zq5Q1_RDD#A*g#<{AV$Qvxr0@P|3~>l;!vI|`b1UFgH^4l56*~MAFASCnBP@LPn)1@
zD*OS^T$N5`bhffRl|!4S{GLkx0_CSN%J#UlE>(V4ZG=kSGF&*6%T)$XrGKUJQyG0t
z=_=)?GT-aUrqV8gHiK@0vSSrc{I$`xxFgzDC<7H!a-REN$u{MEoXT$PMLX=)e$^h-
z{b+bN*gMY*kKASl4yg_t5@??TcUU>7d@@cdyDnt~XOYgy^@++?mon*7Tv-2~R6b9o
z>zv%3*V0(?|DtkuDqWxBLakEip30iPfS*13N~PaVk;T|dazn{LRU1q9JqUxN1$YcQ
zO4M3ky=r-=t6`4uquW^;{rLI5PPPB@1b6<&?sswP+6JTnK7F1$N|=Vtk@&Sc%lm9B
z8*2q@rD11T!R3ep-LSL7AaHd#4Y;t>x1&U|k<QIb!_HDI!}aYnIj{{oOANwbHCR**
zO2f{wVP}cQ0O4VFq76Gsj#!;L%L#l*_1sZ1Cv8r=U%j*3Gj`d>8FKzryBH|XTy@CP
zSIx59HM<xr=UsEix!26{OIUHT({+dJc-<^lU$={4vI^Gcu=?My3%gu#!y%X7Fv}lc
z#mhc79Wwf+S(e_k<EZ&NSXW@h-?EDlvgDRSZn$NZ)v!j%VYeM}=xwvydD|{V%bT!n
zz?yK!E*x_E9fy4Tj#-+k?P9DPTkVjE)n<7J);MXp>yW;8%`*M2T}+VsVeNwzTw@on
zNN0^hOp-@&O<Er$9AfhNEL@ZKo)KRJ$$-E{`oXrs*C)-1mqz`lNepaVdvc#V!)cj@
z<36roVU;26M9pBo4U^o9TgS=zxFiwlx?AH8yaWB!9pEttL#@s7JYHdlRe87_dD8G`
znoaq*-+#qjz45xwDDU)NRleupU|oC%b+~;lo&y-Sog2(#w^JLWeEiqV7XmiM#h9=6
z>>NABipMLTAL6ef&X5CT)E_LR17Q{%tb;EWd>Ll`IYvHgtaxCw9I(J#IN3wa-IdD6
zwGV&B2&_`Rd^lJk-_jQ$URyEq@epk-V7)Fl=;I5_>wu$JpnN>ITBG|Ui{^fblbK1=
zCZ*{aPVtPMkSu0|@eS%S_!9gLoCg=cMQ{n616MTt+hk!G%)_f@pg9NtEx=)L1RMn)
zf@9z~;7jcRa1ihXeGTY~#;@yRQ$)LGYS<CD1n>qE0dFe1$b0Z-O)pLnz0LnXHohQ?
z0;Bb+6cIiq2~pm{6p#w0fT^H82nL+tJRo}tbO7x^FbD#tz-e#>90DJJT`03n=wnhv
zZ&9SLP8HT}esJ^rt_(@s{GA0KgU>)J{8K<0aDq7fKdEAzD;7~3=mmNMD~JYtKwl68
zB0&$(8FT?%K{sFl+%k0p&w}SbC<p_G(Buc;2;f<1CHN!YvF+QS0&L;Kz7-Lter}2g
z6dm>NrU;vhOB`R-dGPQas08}}kDz%ddmiwRhtDV<$y_i1Z~}3Mb`0sq!Cvqt;1PZ<
zm<{HDxnLg11o*6@Wq}Hm+YiO#?9%xBa>C39oPeBgr;vC8yakqmWneK_1oA*W$Oc=G
z_W<-XC<H6OYhVfBo7{Y`0Pxu_01Lrlumt=b{x`HZywoAW1NmZ50Qj!E5*c`!UkF_f
z<>3WizPSQ?1p2}54-O-~1H|a*X=0pk%a8>~;WXy7<uqLco6~R|;5P(*Pv8_>1C}C<
zzS^`RJ~9YRXBzXb8{>TDCjti;0}{X}un}pzy(1BS3B*+%a*FpGyEr#Ej9e74=4u&W
z2y8p}Ef@xd0;co+@Wq<`7r_f)IEV*KXPFUzk0d9^XvGBR%U~=>1o+d&;WA!m&uYI>
zj$|k&YZ90Q2F%0-;oCC3ZI%f0MpU<DiLOn!&>>W2XNeA?a!0n9+eH-Wp_|0QcA-x9
zH{w;jcV1dmviO9Tm>6k^wDiE8*N<)zLA`4~68Bt}oOiUeY`&K`i6U6??tMm%J2Fwv
zZ`~yuMWZY|EmlqY-l+#{7E{{YzpRhGcC!c)LHfItF#W`45#O@*zggyn&zdh-K3osL
zS`b<$MvG!SzYN)wB<j0h^{V}zTzq`pzfP1UZ$k4CmL8F4zV?grm|IaJ-|3TGZ2Tsq
z;R)8O%S2DnU5_kBeL1?lT*UVpkBJkA-xG5qHnH!N=$b|%!V+zX#DLX)g#M@3&bS4i
zHYxluWtsj7YIv^pt98WL7T@HLPVD+)hKO?az4&*z?pGlO=r2`>BYqt?H4(g9RkqzC
eCZ$!r<L|ZK<Uc@t+s8M4J<};d^fj%$*8dj-d)XcU

diff --git a/package.json b/package.json
index 05b61d6..e0ae052 100644
--- a/package.json
+++ b/package.json
@@ -1,46 +1,47 @@
 {
-  "name": "talkomatic",
-  "version": "0.0.1",
-  "devDependencies": {
-    "@deno/kv": "^0.8.1",
-    "@hono/zod-validator": "^0.2.2",
-    "@olli/kvdex": "npm:@jsr/olli__kvdex",
-    "@oxi/option": "npm:@jsr/oxi__option",
-    "@oxi/result": "npm:@jsr/oxi__result",
-    "@petamoriken/float16": "^3.8.7",
-    "@sveltejs/kit": "^2.0.0",
-    "@sveltejs/vite-plugin-svelte": "^3.0.0",
-    "@ts-rex/argon2": "npm:@jsr/ts-rex__argon2",
-    "arctic": "^1.9.2",
-    "autoprefixer": "^10.4.20",
-    "daisyui": "^4.12.10",
-    "hono": "^4.5.5",
-    "nanoid": "^5.0.7",
-    "oslo": "^1.2.1",
-    "postcss": "^8.4.41",
-    "prettier": "^3.3.2",
-    "prettier-plugin-svelte": "^3.2.5",
-    "svelte": "^5.0.0-next.1",
-    "svelte-check": "^3.6.0",
-    "sveltekit-adapter-deno": "^0.12.1",
-    "sveltekit-superforms": "^2.17.0",
-    "tailwindcss": "^3.4.10",
-    "typescript": "^5.0.0",
-    "vite": "^5.0.3",
-    "zod": "^3.23.8"
-  },
-  "private": true,
-  "scripts": {
-    "dev": "vite dev",
-    "build": "vite build",
-    "preview": "vite preview",
-    "check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
-    "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
-    "format": "prettier --write .",
-    "lint": "prettier --check ."
-  },
-  "trustedDependencies": [
-    "svelte-preprocess"
-  ],
-  "type": "module"
+	"name": "talkomatic",
+	"version": "0.0.1",
+	"devDependencies": {
+		"@deno/kv": "^0.8.1",
+		"@hono/zod-validator": "^0.2.2",
+		"@olli/kvdex": "npm:@jsr/olli__kvdex",
+		"@oxi/option": "npm:@jsr/oxi__option",
+		"@oxi/result": "npm:@jsr/oxi__result",
+		"@petamoriken/float16": "^3.8.7",
+		"@sveltejs/kit": "^2.0.0",
+		"@sveltejs/vite-plugin-svelte": "^3.0.0",
+		"@ts-rex/argon2": "npm:@jsr/ts-rex__argon2",
+		"arctic": "^1.9.2",
+		"autoprefixer": "^10.4.20",
+		"daisyui": "^4.12.10",
+		"hono": "^4.5.5",
+		"jose": "^5.6.3",
+		"nanoid": "^5.0.7",
+		"oslo": "^1.2.1",
+		"postcss": "^8.4.41",
+		"prettier": "^3.3.2",
+		"prettier-plugin-svelte": "^3.2.5",
+		"svelte": "^5.0.0-next.1",
+		"svelte-check": "^3.6.0",
+		"sveltekit-adapter-deno": "^0.12.1",
+		"sveltekit-superforms": "^2.17.0",
+		"tailwindcss": "^3.4.10",
+		"typescript": "^5.0.0",
+		"vite": "^5.0.3",
+		"zod": "^3.23.8"
+	},
+	"private": true,
+	"scripts": {
+		"dev": "vite dev",
+		"build": "vite build",
+		"preview": "vite preview",
+		"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
+		"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
+		"format": "prettier --write .",
+		"lint": "prettier --check ."
+	},
+	"trustedDependencies": [
+		"svelte-preprocess"
+	],
+	"type": "module"
 }
diff --git a/postcss.config.js b/postcss.config.js
index 2e7af2b..35237eb 100644
--- a/postcss.config.js
+++ b/postcss.config.js
@@ -1,6 +1,6 @@
 export default {
-  plugins: {
-    tailwindcss: {},
-    autoprefixer: {},
-  },
+	plugins: {
+		tailwindcss: {},
+		autoprefixer: {}
+	}
 }
diff --git a/src/app.d.ts b/src/app.d.ts
index 6b08e8e..39b88f3 100644
--- a/src/app.d.ts
+++ b/src/app.d.ts
@@ -1,9 +1,9 @@
 // See https://kit.svelte.dev/docs/types#app
 // for information about these interfaces
 
-import type { FlatDocumentData } from "@olli/kvdex"
-import { user, session } from "$lib/server/db"
-import z from "zod"
+import type { FlatDocumentData } from '@olli/kvdex'
+import { user, session } from '$lib/server/db'
+import z from 'zod'
 declare global {
 	namespace App {
 		// interface Error {}
@@ -12,10 +12,10 @@ declare global {
 		// interface PageState {}
 		// interface Platform {}
 		interface Locals {
-			user: FlatDocumentData<z.infer<typeof user>, string> | null;
-			session: FlatDocumentData<z.infer<typeof session>, string> | null;
+			user: FlatDocumentData<z.infer<typeof user>, string> | null
+			session: FlatDocumentData<z.infer<typeof session>, string> | null
 		}
 	}
 }
 
-export { };
+export {}
diff --git a/src/app.pcss b/src/app.pcss
index bd6213e..b5c61c9 100644
--- a/src/app.pcss
+++ b/src/app.pcss
@@ -1,3 +1,3 @@
 @tailwind base;
 @tailwind components;
-@tailwind utilities;
\ No newline at end of file
+@tailwind utilities;
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 9841ca8..b4473fd 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,33 +1,33 @@
-import { cookieController, cookieExpiration, getUserAndSession } from "$lib/server/auth";
-import type { Handle } from "@sveltejs/kit";
-import { createDate } from "oslo";
+import { cookieController, cookieExpiration, getUserAndSession } from '$lib/server/auth'
+import type { Handle } from '@sveltejs/kit'
+import { createDate } from 'oslo'
 
 export const handle: Handle = async ({ event, resolve }) => {
-	const sessionId = event.cookies.get("auth_session");
+	const sessionId = event.cookies.get('auth_session')
 	if (!sessionId) {
-		event.locals.user = null;
-		event.locals.session = null;
-		return resolve(event);
+		event.locals.user = null
+		event.locals.session = null
+		return resolve(event)
 	}
 
-	const res = await getUserAndSession(sessionId);
-    if(res.isNone()) {
-		const sessionCookie = cookieController.createBlankCookie();
+	const res = await getUserAndSession(sessionId)
+	if (res.isNone()) {
+		const sessionCookie = cookieController.createBlankCookie()
 		event.cookies.set(sessionCookie.name, sessionCookie.value, {
-			path: ".",
+			path: '.',
 			...sessionCookie.attributes
-		});
-        event.locals.user = null;
-		event.locals.session = null;
-		return resolve(event);
-    }
-    const { session, user } = res.unwrap()
-    const sessionCookie = cookieController.createCookie(session.id)
-    event.cookies.set(sessionCookie.name, sessionCookie.value, {
-        path: ".",
-        ...sessionCookie.attributes
-    })
-	event.locals.user = user;
-	event.locals.session = session;
-	return resolve(event);
-};
\ No newline at end of file
+		})
+		event.locals.user = null
+		event.locals.session = null
+		return resolve(event)
+	}
+	const { session, user } = res.unwrap()
+	const sessionCookie = cookieController.createCookie(session.id)
+	event.cookies.set(sessionCookie.name, sessionCookie.value, {
+		path: '.',
+		...sessionCookie.attributes
+	})
+	event.locals.user = user
+	event.locals.session = session
+	return resolve(event)
+}
diff --git a/src/lib/Tab.svelte b/src/lib/Tab.svelte
index 986f79b..c4a2585 100644
--- a/src/lib/Tab.svelte
+++ b/src/lib/Tab.svelte
@@ -1,14 +1,23 @@
 <script lang="ts">
-	import type { Snippet } from 'svelte';
+	import type { Snippet } from 'svelte'
 
-	let { tab = $bindable(), disabled = $bindable(false), map, ...props }: {
-        tab: string | undefined,
-		disabled?: boolean,
-		map?: Record<string, string>,
-		class?: string,
-        [x: `_${string}`]: Snippet<[]>;
-	} = $props();
-	const tabs = Object.fromEntries(Object.entries(props).filter((v) => v[0].startsWith('_')).map(([name, snippet]): [string, Snippet<[]>] => [name.replace('_', ''), snippet]));
+	let {
+		tab = $bindable(),
+		disabled = $bindable(false),
+		map,
+		...props
+	}: {
+		tab: string | undefined
+		disabled?: boolean
+		map?: Record<string, string>
+		class?: string
+		[x: `_${string}`]: Snippet<[]>
+	} = $props()
+	const tabs = Object.fromEntries(
+		Object.entries(props)
+			.filter((v) => v[0].startsWith('_'))
+			.map(([name, snippet]): [string, Snippet<[]>] => [name.replace('_', ''), snippet])
+	)
 </script>
 
 <div role="tablist" class="tabs tabs-boxed {props.class}">
@@ -16,6 +25,14 @@
 		<!-- svelte-ignore a11y_interactive_supports_focus -->
 		<!-- svelte-ignore a11y_click_events_have_key_events -->
 		<!-- svelte-ignore a11y_missing_attribute -->
-		<a class:cursor-not-allowed={disabled} class:pointer-events-none={disabled} class:tab-disabled={disabled} role="tab" class="tab uppercase" onclick={() => tab = tabID} class:tab-active={tabID == tab}>{@render tabs[tabID]()}</a>
+		<a
+			class:cursor-not-allowed={disabled}
+			class:pointer-events-none={disabled}
+			class:tab-disabled={disabled}
+			role="tab"
+			class="tab uppercase"
+			onclick={() => (tab = tabID)}
+			class:tab-active={tabID == tab}>{@render tabs[tabID]()}</a
+		>
 	{/each}
-</div>
\ No newline at end of file
+</div>
diff --git a/src/lib/apiclient.ts b/src/lib/apiclient.ts
index 18748e9..b40c488 100644
--- a/src/lib/apiclient.ts
+++ b/src/lib/apiclient.ts
@@ -1,10 +1,10 @@
-import type { api as API } from "./server/hono"
-import { hc } from "hono/client"
+import type { api as API } from './server/hono'
+import { hc } from 'hono/client'
 export const api = hc<API>('/api', {
-    async fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response> {
-        return await fetch(input, {
-            ...init,
-            credentials: 'include',
-        })
-    }
-})
\ No newline at end of file
+	async fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response> {
+		return await fetch(input, {
+			...init,
+			credentials: 'include'
+		})
+	}
+})
diff --git a/src/lib/server/auth.ts b/src/lib/server/auth.ts
index 074566a..7a82808 100644
--- a/src/lib/server/auth.ts
+++ b/src/lib/server/auth.ts
@@ -1,12 +1,10 @@
 import type { z } from 'zod'
 import { db, session } from './db'
-import { Err, Ok, Result } from '@oxi/result'
 import { Option, None, Some } from '@oxi/option'
 import type { FlatDocumentData } from '@olli/kvdex'
-import { nanoid } from 'nanoid'
 import { TimeSpan, createDate } from 'oslo'
 import { alphabet, generateRandomString } from 'oslo/crypto'
-import { CookieController } from "oslo/cookie"
+import { CookieController } from 'oslo/cookie'
 
 const sessionTimeSpan = new TimeSpan(1, 'w')
 
@@ -32,9 +30,7 @@ async function deleteSession(sessionId: string): Promise<void> {
 	await db.session.delete(sessionId)
 }
 
-async function getUserAndSession(
-	sessionId: string
-): Promise<
+async function getUserAndSession(sessionId: string): Promise<
 	Option<{
 		user: FlatDocumentData<z.infer<(typeof import('$lib/server/db'))['user']>, string>
 		session: FlatDocumentData<z.infer<(typeof import('$lib/server/db'))['session']>, string>
@@ -44,17 +40,25 @@ async function getUserAndSession(
 	if (!session) return None
 	const user = (await db.user.find(session.userId))?.flat()
 	if (!user) return None
-    await db.session.update(sessionId, {
-        expiresAt: createDate(sessionTimeSpan)
-    }, { expireIn: sessionTimeSpan.milliseconds() })
-    return Some({ user, session })
+	await db.session.update(
+		sessionId,
+		{
+			expiresAt: createDate(sessionTimeSpan)
+		},
+		{ expireIn: sessionTimeSpan.milliseconds() }
+	)
+	return Some({ user, session })
 }
 
 export const cookieExpiration = new TimeSpan(365 * 2, 'd')
-export const cookieController = new CookieController('auth_session', {
-    httpOnly: true,
-    secure: true,
-    sameSite: "lax",
-    path: "/",
-}, { expiresIn: cookieExpiration })
+export const cookieController = new CookieController(
+	'auth_session',
+	{
+		httpOnly: true,
+		secure: true,
+		sameSite: 'lax',
+		path: '/'
+	},
+	{ expiresIn: cookieExpiration }
+)
 export { createSessionForUser, deleteSession, getUserAndSession }
diff --git a/src/lib/server/db.ts b/src/lib/server/db.ts
index 906790e..b971ef5 100644
--- a/src/lib/server/db.ts
+++ b/src/lib/server/db.ts
@@ -1,50 +1,51 @@
-import { kvdex as kvdex, collection, model } from "@olli/kvdex"
-import { openKv } from "@deno/kv"
-import { z } from "zod"
+import { kvdex as kvdex, collection, model } from '@olli/kvdex'
+import { openKv } from '@deno/kv'
+import { z } from 'zod'
 
 export const user = z.object({
-    displayName: z.string(),
-    username: z.string(),
-    id: z.string(),
-    password: z.optional(z.string()),
-    oauth_github_id: z.optional(z.string()),
-    oauth_google_id: z.optional(z.string()),
-    oauth_discord_id: z.optional(z.string())
+	displayName: z.string(),
+	username: z.string(),
+	id: z.string(),
+	password: z.optional(z.string()),
+	oauth_github_id: z.optional(z.string()),
+	oauth_google_id: z.optional(z.string()),
+	oauth_discord_id: z.optional(z.string())
 })
 
 export const publicUser = user.pick({ displayName: true, id: true })
 
 export const session = z.object({
-    expiresAt: z.date(),
-    userId: z.string(),
+	expiresAt: z.date(),
+	userId: z.string()
 })
 
 export const chat = z.object({
-    name: z.string(),
-    creator: z.string().describe('id'),
-    createdAt: z.date()
+	name: z.string(),
+	creator: z.string().describe('id'),
+	createdAt: z.date()
 })
 
 export const kv = await openKv('http://0.0.0.0:4512')
 export const db = kvdex(kv, {
-    user: collection(user, {
-        idGenerator: ({ id }) => id,
-        indices: {
-            username: 'primary',
-            oauth_github_id: 'primary',
-            oauth_google_id: 'primary',
-            oauth_discord_id: 'primary'
-        }
-    }),
-    session: collection(session, {
-        indices: {
-            userId: 'secondary'
-        }
-    }),
-    chat: {
-        boxes: collection(model<{ roomID: string, userID: string, text: string }>()),
-        users: collection(publicUser),
-        updatekey: collection(model<true>()),
-        data: collection(chat)
-    }
-})
\ No newline at end of file
+	user: collection(user, {
+		idGenerator: ({ id }) => id,
+		indices: {
+			username: 'primary',
+			oauth_github_id: 'primary',
+			oauth_google_id: 'primary',
+			oauth_discord_id: 'primary'
+		}
+	}),
+	session: collection(session, {
+		indices: {
+			userId: 'secondary'
+		}
+	}),
+	chat: {
+		boxes: collection(model<{ roomID: string; userID: string; text: string }>()),
+		users: collection(publicUser),
+		updatekey: collection(model<true>()),
+		data: collection(chat)
+	},
+	saved_oauth_data: collection(model<{ type: 'create' | 'link'; oauth_id: string }>())
+})
diff --git a/src/lib/server/hono.ts b/src/lib/server/hono.ts
index 5776f08..8e70ea5 100644
--- a/src/lib/server/hono.ts
+++ b/src/lib/server/hono.ts
@@ -40,18 +40,18 @@ const api = new Hono<{ Bindings: Bindings }>()
 			return text(roomId)
 		}
 	)
-    .get('/rooms/connect/:id', (c) => {
-        return streamSSE(c, async (stream) => {
-            while (true) {
-              const message = `It is ${new Date().toISOString()}`
-              await stream.writeSSE({
-                data: message,
-                event: 'time-update',
-              })
-              await stream.sleep(1000)
-            }
-          })
-    })
+	.get('/rooms/connect/:id', (c) => {
+		return streamSSE(c, async (stream) => {
+			while (true) {
+				const message = `It is ${new Date().toISOString()}`
+				await stream.writeSSE({
+					data: message,
+					event: 'time-update'
+				})
+				await stream.sleep(1000)
+			}
+		})
+	})
 
 export type api = typeof api
 
diff --git a/src/lib/server/oauth.ts b/src/lib/server/oauth.ts
index b9e2ae5..7d424aa 100644
--- a/src/lib/server/oauth.ts
+++ b/src/lib/server/oauth.ts
@@ -1,131 +1,211 @@
-import { Google, Discord, GitHub, type OAuth2Provider, type OAuth2ProviderWithPKCE, generateState, generateCodeVerifier } from "arctic"
-import { error, redirect, type Actions, type RequestHandler, type ServerLoad } from "@sveltejs/kit";
-import type { z } from "zod";
-import type { publicUser } from "./db";
+import { Google, Discord, GitHub, generateState, generateCodeVerifier } from 'arctic'
+import { error, redirect, type Actions, type RequestHandler, type ServerLoad } from '@sveltejs/kit'
+import { z } from 'zod'
+import { db, publicUser } from './db'
+import { env } from '$env/dynamic/private'
+import { dev } from '$app/environment'
+import { alphabet, generateRandomString } from 'oslo/crypto'
+import { decodeJwt } from 'jose'
+import { superForm, type SuperForm } from 'sveltekit-superforms'
+import { zod, type ValidationAdapter } from 'sveltekit-superforms/adapters'
+
+const {
+	DISCORD_CLIENT_ID,
+	DISCORD_CLIENT_SECRET,
+	GITHUB_CLIENT_ID,
+	GITHUB_CLIENT_SECRET,
+	GOOGLE_CLIENT_ID,
+	GOOGLE_CLIENT_SECRET
+} = env
 
 //TODO: oauth
 
-export const google = new Google();
-export const discord = new Discord();
-export const github = new GitHub();
+const DEVURL = (prov: string) => `http://localhost:5173/oauth/${prov}/callback`
+const PRODURL = (prov: string) => `https://spiel.place/oauth/${prov}/callback`
+
+export const github = new GitHub(GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, {
+	redirectURI: dev ? DEVURL('github') : PRODURL('github')
+})
+export const discord = new Discord(
+	DISCORD_CLIENT_ID,
+	DISCORD_CLIENT_SECRET,
+	dev ? DEVURL('discord') : PRODURL('discord')
+)
+export const google = new Google(
+	GOOGLE_CLIENT_ID,
+	GOOGLE_CLIENT_SECRET,
+	dev ? DEVURL('google') : PRODURL('google')
+)
 
 export function oauth_handler(): RequestHandler<{ provider: string }> {
-    return async ({ cookies, params: { provider: providerID }, url }) => {
-        let provider: Google | Discord | GitHub;
-        let scopes: string[]
-        let noop = false;
-        switch(providerID) {
-            case "discord": {
-                provider = discord
-                scopes = ['identify']
-                break
-            }
-            case "google": {
-                provider = google
-                scopes = ['profile']
-                break
-            }
-            case "github": {
-                provider = github
-                scopes = []
-                break
-            }
-            default: {
-                noop = true
-                break
-            }
-        }
-        // @ts-expect-error: I know im using it before assignment that's the point
-        if(noop || !provider || !scopes) error(404, "provider not found")
-        let redir: URL;
-        const state = generateState();
-        let codeVerifier: string;
-        if(provider instanceof Google) {
-            codeVerifier = generateCodeVerifier()
-            redir = await provider.createAuthorizationURL(state, codeVerifier, {
-                scopes
-            })
-        } else {
-            redir = await provider.createAuthorizationURL(state, {
-                scopes
-            })
-        }
-        cookies.set("state", state, {
-            secure: true,
-            path: "/",
-            httpOnly: true,
-            maxAge: 60 * 10
-        });
-        // @ts-expect-error: I know im using it before assignment that's the point
-        if(codeVerifier) {
-            cookies.set("code_verifier", codeVerifier, {
-                secure: true,
-                path: "/",
-                httpOnly: true,
-                maxAge: 60 * 10
-            });
-        }
-        redirect(302, redir);
-    }
+	return async ({ cookies, params: { provider: providerID }, url }) => {
+		let provider: Google | Discord | GitHub
+		let scopes: string[]
+		let noop = false
+		switch (providerID) {
+			case 'discord': {
+				provider = discord
+				scopes = ['identify']
+				break
+			}
+			case 'google': {
+				provider = google
+				scopes = ['profile']
+				break
+			}
+			case 'github': {
+				provider = github
+				scopes = []
+				break
+			}
+			default: {
+				noop = true
+				break
+			}
+		}
+		// @ts-expect-error: I know im using it before assignment that's the point
+		if (noop || !provider || !scopes) error(404, 'provider not found')
+		let redir: URL
+		const state = generateState()
+		let codeVerifier: string
+		if (provider instanceof Google) {
+			codeVerifier = generateCodeVerifier()
+			redir = await provider.createAuthorizationURL(state, codeVerifier, {
+				scopes
+			})
+		} else {
+			redir = await provider.createAuthorizationURL(state, {
+				scopes
+			})
+		}
+		cookies.set('state', state, {
+			secure: true,
+			path: '/',
+			httpOnly: true,
+			maxAge: 60 * 10
+		})
+		// @ts-expect-error: I know im using it before assignment that's the point
+		if (codeVerifier) {
+			cookies.set('code_verifier', codeVerifier, {
+				secure: true,
+				path: '/',
+				httpOnly: true,
+				maxAge: 60 * 10
+			})
+		}
+		redirect(302, redir)
+	}
 }
 
-export function oauth_callback(): ServerLoad<{ provider: string }, any, { type: "create" | "link", name: string, user: z.infer<typeof publicUser> }> {
-    return async ({ cookies, params: { provider: providerID }, locals, url }) => {
-        let provider: Google | Discord | GitHub;
-        let scopes: string[]
-        let noop = false;
-        switch(providerID) {
-            case "discord": {
-                provider = discord
-                scopes = ['identify']
-                break
-            }
-            case "google": {
-                provider = google
-                scopes = ['profile']
-                break
-            }
-            case "github": {
-                provider = github
-                scopes = []
-                break
-            }
-            default: {
-                noop = true
-                break
-            }
-        }
-        // @ts-expect-error: I know im using it before assignment that's the point
-        if(noop || !provider || !scopes) error(404, "provider not found")
-        const code = url.searchParams.get("code");
-        const state = url.searchParams.get("state");
-        
-        const storedState = cookies.get("state");
-        const storedCodeVerifier = cookies.get("code_verifier");
-        if (!code || !storedState || state !== storedState || (provider instanceof Google && !storedCodeVerifier)) {
-            error(400, "Invalid request")
-        }
-        let tokens
-        if(provider instanceof Google) {
-            tokens = await provider.validateAuthorizationCode(code, storedCodeVerifier)
-        } else {
-            tokens = await provider.validateAuthorizationCode(code)
-        }
-        if(locals.user) {
-            // the user is already logged in, ask them if they want to link the account to their existing account, or log out and try again
-            return {
-                type: 'create',
+export function oauth_callback(): ServerLoad<
+	{ provider: string },
+	any,
+	{
+		type: 'create' | 'link'
+		name: string
+		user: z.infer<typeof publicUser>
+		form: SuperForm<
+			ValidationAdapter<
+				{
+					token: string
+				},
+				{
+					token: string
+				}
+			>,
+			any
+		>
+		prov: string
+	}
+> {
+	return async ({ cookies, params: { provider: providerID }, locals, url }) => {
+		let provider: Google | Discord | GitHub
+		let scopes: string[]
+		let noop = false
+		switch (providerID) {
+			case 'discord': {
+				provider = discord
+				scopes = ['identify']
+				break
+			}
+			case 'google': {
+				provider = google
+				scopes = ['profile']
+				break
+			}
+			case 'github': {
+				provider = github
+				scopes = []
+				break
+			}
+			default: {
+				noop = true
+				break
+			}
+		}
+		// @ts-expect-error: I know im using it before assignment that's the point
+		if (noop || !provider || !scopes) error(404, 'provider not found')
+		const code = url.searchParams.get('code')
+		const state = url.searchParams.get('state')
 
-            }
-        } else {
-            // the user is NOT logged in, log them in, if there is no account linked to that provided user, ask them if they want to create an account
-            
-        }
-    }
+		const storedState = cookies.get('state')
+		const storedCodeVerifier = cookies.get('code_verifier')
+		if (
+			!code ||
+			!storedState ||
+			state !== storedState ||
+			(provider instanceof Google && !storedCodeVerifier)
+		) {
+			error(400, 'Invalid request')
+		}
+		let tokens
+		let id
+		let name
+		if (provider instanceof Google) {
+			tokens = await provider.validateAuthorizationCode(code, storedCodeVerifier)
+			console.log(tokens.idToken)
+			const { sub, name: Uname } = decodeJwt(tokens.idToken)
+			id = sub
+			name = Uname
+		} else {
+			tokens = await provider.validateAuthorizationCode(code)
+		}
+		const formToken = generateRandomString(12, alphabet('0-9', 'a-z'))
+		const form = superForm(
+			zod(z.object({ token: z.string() }), {
+				defaults: { token: formToken }
+			})
+		)
+		if (locals.user) {
+			// the user is already logged in, ask them if they want to link the account to their existing account, or log out and try again
+			await db.saved_oauth_data.set(formToken, {
+				oauth_id: id,
+				type: 'link'
+			})
+			return {
+				type: 'link',
+				name,
+				prov: providerID,
+				user: publicUser.safeParse(locals.user).data!,
+				form
+			}
+		} else {
+			// the user is NOT logged in, log them in, if there is no account linked to that provided user, ask them if they want to create an account
+			await db.saved_oauth_data.set(formToken, {
+				oauth_id: id,
+				type: 'create'
+			})
+			return {
+				type: 'create',
+				name,
+				prov: providerID,
+				user: publicUser.safeParse(locals.user).data!,
+				form
+			}
+		}
+	}
 }
 
-export function callback_actions(): Actions<{ provider: string }> {
-    return {
-
-    }
-}
\ No newline at end of file
+export function oauth_callback_actions(): Actions<{ provider: string }> {
+	return {}
+}
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 1af3ad6..1161996 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -1,6 +1,6 @@
 <script>
-    import "../app.pcss"
-    const { children } = $props()
+	import '../app.pcss'
+	const { children } = $props()
 </script>
 
-{@render children()}
\ No newline at end of file
+{@render children()}
diff --git a/src/routes/+page.ts b/src/routes/+page.ts
index f7d2f63..cd00a67 100644
--- a/src/routes/+page.ts
+++ b/src/routes/+page.ts
@@ -1,5 +1,5 @@
-import { redirect } from "@sveltejs/kit";
+import { redirect } from '@sveltejs/kit'
 
 export async function load() {
-    return redirect(302, '/app')
-}
\ No newline at end of file
+	return redirect(302, '/app')
+}
diff --git a/src/routes/api/[...path]/+server.ts b/src/routes/api/[...path]/+server.ts
index 8a3a252..dd06038 100644
--- a/src/routes/api/[...path]/+server.ts
+++ b/src/routes/api/[...path]/+server.ts
@@ -1,5 +1,5 @@
-import { hono } from '$lib/server/hono.js';
+import { hono } from '$lib/server/hono'
 
 export async function fallback({ request, locals }) {
-    return hono.fetch(request, { locals })
-}
\ No newline at end of file
+	return hono.fetch(request, { locals })
+}
diff --git a/src/routes/app/+layout.server.ts b/src/routes/app/+layout.server.ts
index dd65cc0..faeee3b 100644
--- a/src/routes/app/+layout.server.ts
+++ b/src/routes/app/+layout.server.ts
@@ -1,12 +1,12 @@
-import { publicUser } from '$lib/server/db.js';
-import { redirect } from '@sveltejs/kit';
+import { publicUser } from '$lib/server/db'
+import { redirect } from '@sveltejs/kit'
 
 export async function load({ locals }) {
-    if(!locals.session) {
-        return redirect(302, "/auth")
-    }
-    return publicUser.safeParse(locals.user).data!
+	if (!locals.session) {
+		return redirect(302, '/auth')
+	}
+	return publicUser.safeParse(locals.user).data!
 }
 
-export const csr = true;
-export const ssr = false;
\ No newline at end of file
+export const csr = true
+export const ssr = false
diff --git a/src/routes/app/+layout.svelte b/src/routes/app/+layout.svelte
index d05b9aa..d74b2b8 100644
--- a/src/routes/app/+layout.svelte
+++ b/src/routes/app/+layout.svelte
@@ -5,73 +5,92 @@
 </script>
 
 <div class="h-[100vh] w-[100vw] flex flex-col">
-    <div class="px-4">
-        <div class="navbar bg-base-200 rounded-b-xl">
-            <div class="flex-1">
-                <button class="btn btn-ghost text-xl">spiel.place</button>
-            </div>
-            <div class="flex-none">
-                <details
-                    class="dropdown dropdown-end"
-                    ontoggle={({ newState }) => (dropdownOpen = newState === 'open')}>
-                    <summary class="btn btn-circle btn-ghost m-1 swap swap-rotate">
-                        <input type="checkbox" bind:checked={dropdownOpen} />
-                        <svg
-                            xmlns="http://www.w3.org/2000/svg"
-                            viewBox="0 0 20 20"
-                            fill="currentColor"
-                            class="size-5 swap-off">
-                            <path
-                                fill-rule="evenodd"
-                                d="M2 4.75A.75.75 0 0 1 2.75 4h14.5a.75.75 0 0 1 0 1.5H2.75A.75.75 0 0 1 2 4.75ZM2 10a.75.75 0 0 1 .75-.75h14.5a.75.75 0 0 1 0 1.5H2.75A.75.75 0 0 1 2 10Zm0 5.25a.75.75 0 0 1 .75-.75h14.5a.75.75 0 0 1 0 1.5H2.75a.75.75 0 0 1-.75-.75Z"
-                                clip-rule="evenodd"></path>
-                        </svg>
-                        <svg
-                            xmlns="http://www.w3.org/2000/svg"
-                            fill="none"
-                            viewBox="0 0 24 24"
-                            stroke-width="1.5"
-                            stroke="currentColor"
-                            class="size-5 swap-on stroke-2">
-                            <path stroke-linecap="round" stroke-linejoin="round" d="M6 18 18 6M6 6l12 12"></path>
-                        </svg>
-                    </summary>
-                    <ul class="menu dropdown-content bg-base-100 rounded-box z-[1] w-52 p-2 shadow">
-                        <li><a href="/app/settings">
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-6">
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M17.982 18.725A7.488 7.488 0 0 0 12 15.75a7.488 7.488 0 0 0-5.982 2.975m11.963 0a9 9 0 1 0-11.963 0m11.963 0A8.966 8.966 0 0 1 12 21a8.966 8.966 0 0 1-5.982-2.275M15 9.75a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" />
-                            </svg>
-                            {data.displayName}
-                        </a></li>
-                        <li>
-                            <a href="/auth/signout">
-                                <svg
-                                    xmlns="http://www.w3.org/2000/svg"
-                                    fill="none"
-                                    viewBox="0 0 24 24"
-                                    stroke-width="1.5"
-                                    stroke="currentColor"
-                                    class="size-6">
-                                    <path
-                                        stroke-linecap="round"
-                                        stroke-linejoin="round"
-                                        d="M15.75 9V5.25A2.25 2.25 0 0 0 13.5 3h-6a2.25 2.25 0 0 0-2.25 2.25v13.5A2.25 2.25 0 0 0 7.5 21h6a2.25 2.25 0 0 0 2.25-2.25V15m3 0 3-3m0 0-3-3m3 3H9"
-                                    ></path>
-                                </svg>
-                                sign out</a>
-                        </li>
-                    </ul>
-                </details>
-            </div>
-        </div>
-    </div>
-    <div class="flex-grow flex flex-row">
-        {@render children()}
-    </div>
+	<div class="px-4">
+		<div class="navbar bg-base-200 rounded-b-xl">
+			<div class="flex-1">
+				<button class="btn btn-ghost text-xl">spiel.place</button>
+			</div>
+			<div class="flex-none">
+				<details
+					class="dropdown dropdown-end"
+					ontoggle={({ newState }) => (dropdownOpen = newState === 'open')}
+				>
+					<summary class="btn btn-circle btn-ghost m-1 swap swap-rotate">
+						<input type="checkbox" bind:checked={dropdownOpen} />
+						<svg
+							xmlns="http://www.w3.org/2000/svg"
+							viewBox="0 0 20 20"
+							fill="currentColor"
+							class="size-5 swap-off"
+						>
+							<path
+								fill-rule="evenodd"
+								d="M2 4.75A.75.75 0 0 1 2.75 4h14.5a.75.75 0 0 1 0 1.5H2.75A.75.75 0 0 1 2 4.75ZM2 10a.75.75 0 0 1 .75-.75h14.5a.75.75 0 0 1 0 1.5H2.75A.75.75 0 0 1 2 10Zm0 5.25a.75.75 0 0 1 .75-.75h14.5a.75.75 0 0 1 0 1.5H2.75a.75.75 0 0 1-.75-.75Z"
+								clip-rule="evenodd"
+							></path>
+						</svg>
+						<svg
+							xmlns="http://www.w3.org/2000/svg"
+							fill="none"
+							viewBox="0 0 24 24"
+							stroke-width="1.5"
+							stroke="currentColor"
+							class="size-5 swap-on stroke-2"
+						>
+							<path stroke-linecap="round" stroke-linejoin="round" d="M6 18 18 6M6 6l12 12"></path>
+						</svg>
+					</summary>
+					<ul class="menu dropdown-content bg-base-100 rounded-box z-[1] w-52 p-2 shadow">
+						<li>
+							<a href="/app/settings">
+								<svg
+									xmlns="http://www.w3.org/2000/svg"
+									fill="none"
+									viewBox="0 0 24 24"
+									stroke-width="1.5"
+									stroke="currentColor"
+									class="size-6"
+								>
+									<path
+										stroke-linecap="round"
+										stroke-linejoin="round"
+										d="M17.982 18.725A7.488 7.488 0 0 0 12 15.75a7.488 7.488 0 0 0-5.982 2.975m11.963 0a9 9 0 1 0-11.963 0m11.963 0A8.966 8.966 0 0 1 12 21a8.966 8.966 0 0 1-5.982-2.275M15 9.75a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z"
+									></path>
+								</svg>
+								{data.displayName}
+							</a>
+						</li>
+						<li>
+							<a href="/auth/signout">
+								<svg
+									xmlns="http://www.w3.org/2000/svg"
+									fill="none"
+									viewBox="0 0 24 24"
+									stroke-width="1.5"
+									stroke="currentColor"
+									class="size-6"
+								>
+									<path
+										stroke-linecap="round"
+										stroke-linejoin="round"
+										d="M15.75 9V5.25A2.25 2.25 0 0 0 13.5 3h-6a2.25 2.25 0 0 0-2.25 2.25v13.5A2.25 2.25 0 0 0 7.5 21h6a2.25 2.25 0 0 0 2.25-2.25V15m3 0 3-3m0 0-3-3m3 3H9"
+									></path>
+								</svg>
+								sign out</a
+							>
+						</li>
+					</ul>
+				</details>
+			</div>
+		</div>
+	</div>
+	<div class="flex-grow flex flex-row">
+		{@render children()}
+	</div>
 </div>
 
 <div class="toast">
-    <div class="alert alert-info">
-      <span>New message arrived.</span>
-    </div>
-  </div>
\ No newline at end of file
+	<div class="alert alert-info">
+		<span>New message arrived.</span>
+	</div>
+</div>
diff --git a/src/routes/app/+page.svelte b/src/routes/app/+page.svelte
index caf23ce..bb70fc6 100644
--- a/src/routes/app/+page.svelte
+++ b/src/routes/app/+page.svelte
@@ -1,29 +1,33 @@
 <script>
 	import { api } from '$lib/apiclient'
-    import { goto } from "$app/navigation"
+	import { goto } from '$app/navigation'
 
-    const { data } = $props()
-    let roomname = $state('')
+	const { data } = $props()
+	let roomname = $state('')
 
-    async function createRoom() {
-        const res = await api.rooms.create.$post({
-            json: {
-                name: roomname
-            }
-        })
-        if(!res.ok) return
-        const id = await res.text()
-        goto(`/app/:${id}`)
-    }
+	async function createRoom() {
+		const res = await api.rooms.create.$post({
+			json: {
+				name: roomname
+			}
+		})
+		if (!res.ok) return
+		const id = await res.text()
+		goto(`/app/:${id}`)
+	}
 </script>
 
 <div class="w-56 flex flex-col justify-center">
-    <div class="my-10 px-2 py-2 rounded-r-lg bg-base-200">
-        <span class="text-md font-bold mb-2">new room</span>
-        <input bind:value={roomname} minlength=4 class="input input-bordered w-full placeholder:text-base-content/50 mb-2" type="text" placeholder="name">
-        <button on:click={createRoom} class="btn btn-secondary w-full">create</button>
-    </div>
+	<div class="my-10 px-2 py-2 rounded-r-lg bg-base-200">
+		<span class="text-md font-bold mb-2">new room</span>
+		<input
+			bind:value={roomname}
+			minlength="4"
+			class="input input-bordered w-full placeholder:text-base-content/50 mb-2"
+			type="text"
+			placeholder="name"
+		/>
+		<button on:click={createRoom} class="btn btn-secondary w-full">create</button>
+	</div>
 </div>
-<main class="flex-grow">
-    list
-</main>
\ No newline at end of file
+<main class="flex-grow">list</main>
diff --git a/src/routes/app/:[roomID]/+page.svelte b/src/routes/app/:[roomID]/+page.svelte
index 775080e..649e0e3 100644
--- a/src/routes/app/:[roomID]/+page.svelte
+++ b/src/routes/app/:[roomID]/+page.svelte
@@ -1,5 +1,5 @@
 <script>
-    const { data } = $props()
+	const { data } = $props()
 </script>
 
-{data.roomID}
\ No newline at end of file
+{data.roomID}
diff --git a/src/routes/app/:[roomID]/+page.ts b/src/routes/app/:[roomID]/+page.ts
index 2328ef5..2afb1b9 100644
--- a/src/routes/app/:[roomID]/+page.ts
+++ b/src/routes/app/:[roomID]/+page.ts
@@ -1,3 +1,3 @@
 export async function load({ params: { roomID } }) {
-    return { roomID }
-}
\ No newline at end of file
+	return { roomID }
+}
diff --git a/src/routes/auth/+page.server.ts b/src/routes/auth/+page.server.ts
index e072409..60d0780 100644
--- a/src/routes/auth/+page.server.ts
+++ b/src/routes/auth/+page.server.ts
@@ -1,75 +1,80 @@
-import { alphabet, generateRandomString } from 'oslo/crypto';
-import { fail, message, setError, superValidate } from 'sveltekit-superforms';
-import { zod } from 'sveltekit-superforms/adapters';
-import { z } from 'zod';
-import { hash, verify } from "@ts-rex/argon2"
-import { db } from '$lib/server/db.js';
-import { cookieController, cookieExpiration, createSessionForUser } from '$lib/server/auth.js';
-import { createDate } from 'oslo';
-import { redirect } from '@sveltejs/kit';
+import { alphabet, generateRandomString } from 'oslo/crypto'
+import { fail, message, setError, superValidate } from 'sveltekit-superforms'
+import { zod } from 'sveltekit-superforms/adapters'
+import { z } from 'zod'
+import { hash, verify } from '@ts-rex/argon2'
+import { db } from '$lib/server/db'
+import { cookieController, cookieExpiration, createSessionForUser } from '$lib/server/auth'
+import { createDate } from 'oslo'
+import { redirect } from '@sveltejs/kit'
 
 const schema = z.object({
-    username: z.string().min(4, "must be atleast 4 characters").max(32, "must be less than 32 characters").regex(/^[a-z0-9_\-]+$/i, `must be alphanumeric, with the exception of "_" and "-"`),
-    password: z.string().min(8, "must be atleast 8 characters").max(255)
-});
+	username: z
+		.string()
+		.min(4, 'must be atleast 4 characters')
+		.max(32, 'must be less than 32 characters')
+		.regex(/^[a-z0-9_\-]+$/i, `must be alphanumeric, with the exception of "_" and "-"`),
+	password: z.string().min(8, 'must be atleast 8 characters').max(255)
+})
 
 export async function load({ locals }) {
-    if(locals.session) {
-        return redirect(302, '/app')
-    }
-    const form = await superValidate(zod(schema));
-    return { form };
-};
+	if (locals.session) {
+		return redirect(302, '/app')
+	}
+	const form = await superValidate(zod(schema))
+	return { form }
+}
 
 export const actions = {
-    login: async ({ request, cookies }) => {
-        const form = await superValidate(request, zod(schema));
+	login: async ({ request, cookies }) => {
+		const form = await superValidate(request, zod(schema))
 
-        if (!form.valid) return fail(400, { form });
-        const { username, password } = form.data
-        const user = (await db.user.findByPrimaryIndex('username', username))?.flat();
-        if (!user) return setError(form, "user does not exist")
-        if (!user.password) return setError(form, "this account does not have a password, maybe try a different method?")
-        const isvalid = verify(password, user.password);
-        if (!isvalid) return setError(form, "incorrect password")
-        const session = (await createSessionForUser(user.id))
-        if (session.isSome()) {
-            const sessionCookie = cookieController.createCookie(session.unwrap().id)
-            cookies.set(sessionCookie.name, sessionCookie.value, {
-                path: ".",
-                ...sessionCookie.attributes
-            })
-            return redirect(302, '/app')
-        } else {
-            return fail(500, { form })
-        }
-    },
-    signup: async ({ request, cookies }) => {
-        const form = await superValidate(request, zod(schema));
-        if (!form.valid) return fail(400, { form });
-        const { username, password } = form.data
+		if (!form.valid) return fail(400, { form })
+		const { username, password } = form.data
+		const user = (await db.user.findByPrimaryIndex('username', username))?.flat()
+		if (!user) return setError(form, 'user does not exist')
+		if (!user.password)
+			return setError(form, 'this account does not have a password, maybe try a different method?')
+		const isvalid = verify(password, user.password)
+		if (!isvalid) return setError(form, 'incorrect password')
+		const session = await createSessionForUser(user.id)
+		if (session.isSome()) {
+			const sessionCookie = cookieController.createCookie(session.unwrap().id)
+			cookies.set(sessionCookie.name, sessionCookie.value, {
+				path: '.',
+				...sessionCookie.attributes
+			})
+			return redirect(302, '/app')
+		} else {
+			return fail(500, { form })
+		}
+	},
+	signup: async ({ request, cookies }) => {
+		const form = await superValidate(request, zod(schema))
+		if (!form.valid) return fail(400, { form })
+		const { username, password } = form.data
 
-        const userId = generateRandomString(10, alphabet("0-9", "a-z"))
-        const passwordHash = hash(password)
+		const userId = generateRandomString(10, alphabet('0-9', 'a-z'))
+		const passwordHash = hash(password)
 
-        const user = (await db.user.findByPrimaryIndex('username', username))?.flat()
-        if (user) return setError(form, "username", 'username already exists')
-        await db.user.set(userId, {
-            displayName: username,
-            username,
-            id: userId,
-            password: passwordHash
-        })
-        const session = (await createSessionForUser(userId))
-        if (session.isSome()) {
-            const sessionCookie = cookieController.createCookie(session.unwrap().id)
-            cookies.set(sessionCookie.name, sessionCookie.value, {
-                path: ".",
-                ...sessionCookie.attributes
-            })
-            return redirect(302, '/app')
-        } else {
-            return fail(500, { form })
-        }
-    }
-}
\ No newline at end of file
+		const user = (await db.user.findByPrimaryIndex('username', username))?.flat()
+		if (user) return setError(form, 'username', 'username already exists')
+		await db.user.set(userId, {
+			displayName: username,
+			username,
+			id: userId,
+			password: passwordHash
+		})
+		const session = await createSessionForUser(userId)
+		if (session.isSome()) {
+			const sessionCookie = cookieController.createCookie(session.unwrap().id)
+			cookies.set(sessionCookie.name, sessionCookie.value, {
+				path: '.',
+				...sessionCookie.attributes
+			})
+			return redirect(302, '/app')
+		} else {
+			return fail(500, { form })
+		}
+	}
+}
diff --git a/src/routes/auth/+page.svelte b/src/routes/auth/+page.svelte
index 2a8aaaa..1805fdd 100644
--- a/src/routes/auth/+page.svelte
+++ b/src/routes/auth/+page.svelte
@@ -18,9 +18,9 @@
 	<div class="card bg-base-200 w-96 shadow-xl p-4">
 		<h1 class="text-xl mb-2 font-bold">sign up/in</h1>
 		<div class="join">
-			<a href="{$page.url.pathname}/oauth/google" class="btn-disabled btn grow btn-outline join-item">
+			<a href="/oauth/google" class="btn grow btn-outline join-item">
 				<svg
-					class="size-4 brightness-50"
+					class="size-4"
 					viewBox="-3 0 262 262"
 					xmlns="http://www.w3.org/2000/svg"
 					preserveAspectRatio="xMidYMid"
@@ -28,32 +28,36 @@
 					><g id="SVGRepo_bgCarrier" stroke-width="0"></g><g
 						id="SVGRepo_tracerCarrier"
 						stroke-linecap="round"
-						stroke-linejoin="round"></g
-					><g id="SVGRepo_iconCarrier"
+						stroke-linejoin="round"
+					></g><g id="SVGRepo_iconCarrier"
 						><path
 							d="M255.878 133.451c0-10.734-.871-18.567-2.756-26.69H130.55v48.448h71.947c-1.45 12.04-9.283 30.172-26.69 42.356l-.244 1.622 38.755 30.023 2.685.268c24.659-22.774 38.875-56.282 38.875-96.027"
-							fill="#4285F4"></path
-						><path
+							fill="#4285F4"
+						></path><path
 							d="M130.55 261.1c35.248 0 64.839-11.605 86.453-31.622l-41.196-31.913c-11.024 7.688-25.82 13.055-45.257 13.055-34.523 0-63.824-22.773-74.269-54.25l-1.531.13-40.298 31.187-.527 1.465C35.393 231.798 79.49 261.1 130.55 261.1"
-							fill="#34A853"></path
-						><path
+							fill="#34A853"
+						></path><path
 							d="M56.281 156.37c-2.756-8.123-4.351-16.827-4.351-25.82 0-8.994 1.595-17.697 4.206-25.82l-.073-1.73L15.26 71.312l-1.335.635C5.077 89.644 0 109.517 0 130.55s5.077 40.905 13.925 58.602l42.356-32.782"
-							fill="#FBBC05"></path
-						><path
+							fill="#FBBC05"
+						></path><path
 							d="M130.55 50.479c24.514 0 41.05 10.589 50.479 19.438l36.844-35.974C195.245 12.91 165.798 0 130.55 0 79.49 0 35.393 29.301 13.925 71.947l42.211 32.783c10.59-31.477 39.891-54.251 74.414-54.251"
-							fill="#EB4335"></path
-						></g
-					></svg>
+							fill="#EB4335"
+						></path></g
+					></svg
+				>
 			</a>
-			<a href="{$page.url.pathname}/oauth/discord" class="btn-disabled btn grow btn-outline join-item">
-				<svg class="size-4 brightness-50" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 127.14 96.36"
+			<a href="/oauth/discord" class="btn-disabled btn grow btn-outline join-item">
+				<svg
+					class="size-4 brightness-50"
+					xmlns="http://www.w3.org/2000/svg"
+					viewBox="0 0 127.14 96.36"
 					><path
 						fill="#5865f2"
 						d="M107.7,8.07A105.15,105.15,0,0,0,81.47,0a72.06,72.06,0,0,0-3.36,6.83A97.68,97.68,0,0,0,49,6.83,72.37,72.37,0,0,0,45.64,0,105.89,105.89,0,0,0,19.39,8.09C2.79,32.65-1.71,56.6.54,80.21h0A105.73,105.73,0,0,0,32.71,96.36,77.7,77.7,0,0,0,39.6,85.25a68.42,68.42,0,0,1-10.85-5.18c.91-.66,1.8-1.34,2.66-2a75.57,75.57,0,0,0,64.32,0c.87.71,1.76,1.39,2.66,2a68.68,68.68,0,0,1-10.87,5.19,77,77,0,0,0,6.89,11.1A105.25,105.25,0,0,0,126.6,80.22h0C129.24,52.84,122.09,29.11,107.7,8.07ZM42.45,65.69C36.18,65.69,31,60,31,53s5-12.74,11.43-12.74S54,46,53.89,53,48.84,65.69,42.45,65.69Zm42.24,0C78.41,65.69,73.25,60,73.25,53s5-12.74,11.44-12.74S96.23,46,96.12,53,91.08,65.69,84.69,65.69Z"
-					></path
-					></svg>
+					></path></svg
+				>
 			</a>
-			<a href="{$page.url.pathname}/oauth/github" class="btn-disabled btn grow btn-outline join-item group">
+			<a href="/oauth/github" class="btn-disabled btn grow btn-outline join-item group">
 				<svg
 					class="size-5 brightness-50 text-[#24292f] dark:text-[#fff] group-hover:text-[#fff] dark:group-hover:text-[#24292f] transition-colors"
 					viewBox="0 0 98 96"
@@ -62,24 +66,28 @@
 						fill-rule="evenodd"
 						clip-rule="evenodd"
 						d="M48.854 0C21.839 0 0 22 0 49.217c0 21.756 13.993 40.172 33.405 46.69 2.427.49 3.316-1.059 3.316-2.362 0-1.141-.08-5.052-.08-9.127-13.59 2.934-16.42-5.867-16.42-5.867-2.184-5.704-5.42-7.17-5.42-7.17-4.448-3.015.324-3.015.324-3.015 4.934.326 7.523 5.052 7.523 5.052 4.367 7.496 11.404 5.378 14.235 4.074.404-3.178 1.699-5.378 3.074-6.6-10.839-1.141-22.243-5.378-22.243-24.283 0-5.378 1.94-9.778 5.014-13.2-.485-1.222-2.184-6.275.486-13.038 0 0 4.125-1.304 13.426 5.052a46.97 46.97 0 0 1 12.214-1.63c4.125 0 8.33.571 12.213 1.63 9.302-6.356 13.427-5.052 13.427-5.052 2.67 6.763.97 11.816.485 13.038 3.155 3.422 5.015 7.822 5.015 13.2 0 18.905-11.404 23.06-22.324 24.283 1.78 1.548 3.316 4.481 3.316 9.126 0 6.6-.08 11.897-.08 13.526 0 1.304.89 2.853 3.316 2.364 19.412-6.52 33.405-24.935 33.405-46.691C97.707 22 75.788 0 48.854 0z"
-						fill="currentColor"></path
-					></svg>
+						fill="currentColor"
+					></path></svg
+				>
 			</a>
 		</div>
 		<span class="divider">or</span>
 		<form class="flex-col flex gap-y-4" method="post" use:enhance>
 			<label
 				class="input input-bordered flex items-center gap-2"
-				class:input-error={!!$errors.username}>
+				class:input-error={!!$errors.username}
+			>
 				<svg
 					xmlns="http://www.w3.org/2000/svg"
 					viewBox="0 0 16 16"
 					fill="currentColor"
-					class="size-4">
+					class="size-4"
+				>
 					<path
 						fill-rule="evenodd"
 						d="M11.89 4.111a5.5 5.5 0 1 0 0 7.778.75.75 0 1 1 1.06 1.061A7 7 0 1 1 15 8a2.5 2.5 0 0 1-4.083 1.935A3.5 3.5 0 1 1 11.5 8a1 1 0 0 0 2 0 5.48 5.48 0 0 0-1.61-3.889ZM10 8a2 2 0 1 0-4 0 2 2 0 0 0 4 0Z"
-						clip-rule="evenodd"></path>
+						clip-rule="evenodd"
+					></path>
 				</svg>
 
 				<input
@@ -88,23 +96,28 @@
 					name="username"
 					type="text"
 					class="grow placeholder:text-base-content/20"
-					placeholder="kaii" />
+					placeholder="kaii"
+				/>
 			</label>
 			<span
 				class="opacity-0 hidden transition-opacity duration-1000 text-error"
-				class:showerror={$errors.username}>{$errors.username?.join(' & ')}</span>
+				class:showerror={$errors.username}>{$errors.username?.join(' & ')}</span
+			>
 			<label
 				class="input input-bordered flex items-center gap-2"
-				class:input-error={!!$errors.password}>
+				class:input-error={!!$errors.password}
+			>
 				<svg
 					xmlns="http://www.w3.org/2000/svg"
 					viewBox="0 0 16 16"
 					fill="currentColor"
-					class="size-4">
+					class="size-4"
+				>
 					<path
 						fill-rule="evenodd"
 						d="M8 1a3.5 3.5 0 0 0-3.5 3.5V7A1.5 1.5 0 0 0 3 8.5v5A1.5 1.5 0 0 0 4.5 15h7a1.5 1.5 0 0 0 1.5-1.5v-5A1.5 1.5 0 0 0 11.5 7V4.5A3.5 3.5 0 0 0 8 1Zm2 6V4.5a2 2 0 1 0-4 0V7h4Z"
-						clip-rule="evenodd"></path>
+						clip-rule="evenodd"
+					></path>
 				</svg>
 				<input
 					bind:value={password}
@@ -112,11 +125,13 @@
 					name="password"
 					type="password"
 					class="grow placeholder:text-base-content/20"
-					placeholder="verygoodpassword" />
+					placeholder="verygoodpassword"
+				/>
 			</label>
 			<span
 				class="opacity-0 hidden transition-opacity duration-1000 text-error"
-				class:showerror={$errors.password}>{$errors.password}</span>
+				class:showerror={$errors.password}>{$errors.password}</span
+			>
 			<div class="flex flex-row gap-x-4">
 				<button formaction="?/signup" type="submit" class="btn btn-secondary flex-grow">
 					sign up
@@ -134,4 +149,4 @@
 	.showerror {
 		@apply block opacity-100;
 	}
-</style>
\ No newline at end of file
+</style>
diff --git a/src/routes/auth/signout/+server.ts b/src/routes/auth/signout/+server.ts
index 7d0223e..682d318 100644
--- a/src/routes/auth/signout/+server.ts
+++ b/src/routes/auth/signout/+server.ts
@@ -1,14 +1,14 @@
-import { cookieController, deleteSession } from '$lib/server/auth';
-import { redirect } from '@sveltejs/kit';
+import { cookieController, deleteSession } from '$lib/server/auth'
+import { redirect } from '@sveltejs/kit'
 
 export async function GET({ locals, cookies }) {
-    if(locals.session) {
-        await deleteSession(locals.session.id)
-        const sessionCookie = cookieController.createBlankCookie();
+	if (locals.session) {
+		await deleteSession(locals.session.id)
+		const sessionCookie = cookieController.createBlankCookie()
 		cookies.set(sessionCookie.name, sessionCookie.value, {
-			path: ".",
+			path: '.',
 			...sessionCookie.attributes
-		});
-    }
-    return redirect(302, '/')
-}
\ No newline at end of file
+		})
+	}
+	return redirect(302, '/')
+}
diff --git a/src/routes/oauth/[provider]/+server.ts b/src/routes/oauth/[provider]/+server.ts
index 306e1b5..712c415 100644
--- a/src/routes/oauth/[provider]/+server.ts
+++ b/src/routes/oauth/[provider]/+server.ts
@@ -1,3 +1,3 @@
-import { oauth_handler } from "$lib/server/oauth";
+import { oauth_handler } from '$lib/server/oauth'
 
-export const GET = oauth_handler();
\ No newline at end of file
+export const GET = oauth_handler()
diff --git a/src/routes/oauth/[provider]/callback/+page.server.ts b/src/routes/oauth/[provider]/callback/+page.server.ts
new file mode 100644
index 0000000..ab0c781
--- /dev/null
+++ b/src/routes/oauth/[provider]/callback/+page.server.ts
@@ -0,0 +1,4 @@
+import { oauth_callback, oauth_callback_actions } from '$lib/server/oauth'
+
+export const load = oauth_callback()
+export const actions = oauth_callback_actions()
diff --git a/src/routes/oauth/[provider]/callback/+page.svelte b/src/routes/oauth/[provider]/callback/+page.svelte
new file mode 100644
index 0000000..9eb807b
--- /dev/null
+++ b/src/routes/oauth/[provider]/callback/+page.svelte
@@ -0,0 +1,8 @@
+<script>
+	const { data } = $props()
+</script>
+
+{#if data.type === 'create'}
+	do you want to create a new account using <code class="font-bold">{data.name}</code> from {data.prov}?
+	<button>yes</button> <button>no</button>
+{:else if data.type === 'link'}{/if}
diff --git a/src/routes/oauth/[provider]/callback/+server.ts b/src/routes/oauth/[provider]/callback/+server.ts
deleted file mode 100644
index e69de29..0000000
diff --git a/svelte.config.js b/svelte.config.js
index d6f38cf..0118511 100644
--- a/svelte.config.js
+++ b/svelte.config.js
@@ -1,7 +1,7 @@
-import adapter from 'sveltekit-adapter-deno';
-import { vitePreprocess } from '@sveltejs/vite-plugin-svelte';
+import adapter from 'sveltekit-adapter-deno'
+import { vitePreprocess } from '@sveltejs/vite-plugin-svelte'
 
-import { Float16Array } from "@petamoriken/float16"
+import { Float16Array } from '@petamoriken/float16'
 // kvdex uses float16array under the hood (doesn't exist in node), filling that in here so it works during dev
 globalThis.Float16Array = Float16Array
 
@@ -23,6 +23,6 @@ const config = {
 			}
 		})
 	}
-};
+}
 
-export default config;
+export default config
diff --git a/tailwind.config.js b/tailwind.config.js
index 08be3d2..042ca31 100644
--- a/tailwind.config.js
+++ b/tailwind.config.js
@@ -1,11 +1,10 @@
-import daisyui from "daisyui"
+import daisyui from 'daisyui'
 
 /** @type {import('tailwindcss').Config} */
 export default {
-  content: ['./src/**/*.{html,js,svelte,ts}'],
-  theme: {
-    extend: {},
-  },
-  plugins: [daisyui],
+	content: ['./src/**/*.{html,js,svelte,ts}'],
+	theme: {
+		extend: {}
+	},
+	plugins: [daisyui]
 }
-
diff --git a/vite.config.ts b/vite.config.ts
index 5cf7a7b..2ae69f3 100644
--- a/vite.config.ts
+++ b/vite.config.ts
@@ -1,5 +1,5 @@
-import { sveltekit } from '@sveltejs/kit/vite';
-import { defineConfig } from 'vite';
+import { sveltekit } from '@sveltejs/kit/vite'
+import { defineConfig } from 'vite'
 
 export default defineConfig({
 	plugins: [sveltekit()],
@@ -11,4 +11,4 @@ export default defineConfig({
 			target: ['deno1.45.5']
 		}
 	}
-});
+})