From 64dc17005f2240cf8ce9574ed5291d0ebe0ccb24 Mon Sep 17 00:00:00 2001 From: wood chen Date: Sun, 23 Feb 2025 05:46:13 +0800 Subject: [PATCH] refactor: Streamline Discourse OAuth authentication and authorization flow --- src/app/(oauth)/q58/callback/page.tsx | 19 +++--- src/auth.config.ts | 41 ++----------- src/components/auth/callback-handler.tsx | 76 ------------------------ 3 files changed, 13 insertions(+), 123 deletions(-) delete mode 100644 src/components/auth/callback-handler.tsx diff --git a/src/app/(oauth)/q58/callback/page.tsx b/src/app/(oauth)/q58/callback/page.tsx index ee7f54a..bfef6a0 100644 --- a/src/app/(oauth)/q58/callback/page.tsx +++ b/src/app/(oauth)/q58/callback/page.tsx @@ -1,10 +1,11 @@ import { Suspense } from "react"; +import { redirect } from "next/navigation"; import { discourseCallbackVerify } from "@/lib/discourse/verify"; import { findAuthorization } from "@/lib/dto/authorization"; import { getClientByClientId } from "@/lib/dto/client"; import { getAuthorizeUrl } from "@/lib/oauth/authorize-url"; -import { CallbackHandler } from "@/components/auth/callback-handler"; +import { AuthorizationCard } from "@/components/auth/authorization-card"; export interface DiscourseCallbackParams extends Record { sig: string; @@ -26,7 +27,7 @@ export default async function DiscourseCallbackPage({ throw new Error("Client Id invalid (code: -1004)."); } - // verify discourse callback + // verify discourse callback and create/update user const user = await discourseCallbackVerify( searchParams.sso, searchParams.sig, @@ -34,23 +35,19 @@ export default async function DiscourseCallbackPage({ // check authorization const authorization = await findAuthorization(user.id, client.id); - let redirectUrl: string | undefined; if (authorization) { - redirectUrl = await getAuthorizeUrl(oauthParams); + // 如果已经授权,直接重定向到应用 + const redirectUrl = await getAuthorizeUrl(oauthParams); + redirect(redirectUrl); } + // 如果未授权,显示授权页面 return (
- +
diff --git a/src/auth.config.ts b/src/auth.config.ts index f4cdaa0..76531f3 100644 --- a/src/auth.config.ts +++ b/src/auth.config.ts @@ -9,47 +9,16 @@ export default { providers: [ Credentials({ credentials: { - id: { type: "text" }, - username: { type: "text" }, - email: { type: "text" }, - name: { type: "text" }, - avatarUrl: { type: "text" }, - role: { type: "text" }, - moderator: { type: "text" }, - groups: { type: "text" }, sso: { type: "text" }, sig: { type: "text" }, }, async authorize(credentials) { - if (!credentials) return null; + if (!credentials?.sso || !credentials?.sig) return null; - // 如果是 SSO 登录 - if (credentials.sso && credentials.sig) { - return await discourseCallbackVerify( - credentials.sso as string, - credentials.sig as string, - ); - } - - // 如果是直接传入用户数据 - if (credentials.id && credentials.username && credentials.email) { - return { - id: credentials.id as string, - username: credentials.username as string, - email: credentials.email as string, - name: (credentials.name as string) || null, - avatarUrl: (credentials.avatarUrl as string) || null, - role: ((credentials.role as string) || "USER") as UserRole, - moderator: credentials.moderator === "true", - groups: credentials.groups - ? JSON.parse(credentials.groups as string) - : [], - createdAt: new Date(), - updatedAt: new Date(), - }; - } - - return null; + return await discourseCallbackVerify( + credentials.sso as string, + credentials.sig as string, + ); }, }), ], diff --git a/src/components/auth/callback-handler.tsx b/src/components/auth/callback-handler.tsx deleted file mode 100644 index d512a7a..0000000 --- a/src/components/auth/callback-handler.tsx +++ /dev/null @@ -1,76 +0,0 @@ -"use client"; - -import { useEffect, useState } from "react"; -import { useRouter } from "next/navigation"; -import { signIn } from "@/auth"; -import { Client } from "@prisma/client"; - -import { AuthorizationCard } from "./authorization-card"; - -interface CallbackHandlerProps { - client: Client; - user: any; - oauthParams: string; - hasAuthorization: boolean; - redirectUrl?: string; -} - -export function CallbackHandler({ - client, - user, - oauthParams, - hasAuthorization, - redirectUrl, -}: CallbackHandlerProps) { - const router = useRouter(); - const [error, setError] = useState(null); - const [isProcessing, setIsProcessing] = useState(true); - - useEffect(() => { - async function handleAuth() { - try { - // 设置用户会话 - await signIn("credentials", { - id: user.id, - username: user.username, - email: user.email, - name: user.name, - avatarUrl: user.avatarUrl, - role: user.role, - moderator: user.moderator, - groups: JSON.stringify(user.groups), - redirect: false, - }); - - // 如果已经授权过,直接重定向 - if (hasAuthorization && redirectUrl) { - router.push(redirectUrl); - return; - } - - setIsProcessing(false); - } catch (error) { - console.error("Auth error:", error); - setError("认证过程中发生错误"); - setIsProcessing(false); - } - } - - handleAuth(); - }, []); - - if (error) { - return
{error}
; - } - - if (isProcessing) { - return ( -
-
- 处理中... -
- ); - } - - return ; -}