wood/Q58Connect
1
0
Fork 0
mirror of https://github.com/woodchen-ink/Q58Connect.git synced 2025-07-18 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor: 简化 SSO 登录流程,移除 OAuth 参数存储和复杂重定向逻辑

Browse Source
This commit is contained in:
wood chen 2025-02-21 18:11:50 +08:00
parent 99e833c84e
commit 8bcaf1fd89
3 changed files with 23 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/actions/user-authorize.ts
View File

@ -1,45 +1,27 @@
"use server"; "use server";
import { cookies } from "next/headers";
import { redirect } from "next/navigation"; import { redirect } from "next/navigation";
import { signIn as nextSignIn } from "@/auth"; import { signIn as nextSignIn } from "@/auth";
export async function signIn(data: Record<string, any>) { export async function signIn(data: Record<string, any>) {
const { sso, sig } = data; const { sso, sig } = data;
// 先进行 SSO 登录
await nextSignIn("credentials", { sso, sig });
// 从 sso 参数中获取 return_sso_url
const params = new URLSearchParams(atob(sso));
const returnSsoUrl = params.get("return_sso_url");
if (!returnSsoUrl) {
redirect("/dashboard");
}
// 检查是否有保存的 OAuth 参数
const cookieStore = cookies();
const savedOAuthParams = cookieStore.get("oauth_params");
if (savedOAuthParams) {
// 清除保存的参数
cookieStore.delete("oauth_params");
// 重定向到 OAuth 授权页面
redirect(`/oauth/authorize?${savedOAuthParams.value}`);
}
// 如果没有 OAuth 参数,尝试解析 return_sso_url
try { try {
const returnUrl = new URL(returnSsoUrl); // 进行 SSO 登录
if (returnUrl.pathname === "/authorize") { await nextSignIn("credentials", { sso, sig });
// 如果是授权页面,直接重定向
redirect(returnSsoUrl);
}
} catch (error) {
console.error("Invalid return URL:", error);
}
// 默认重定向到仪表板 // 从 sso 参数中获取 return_sso_url
redirect("/dashboard"); const params = new URLSearchParams(atob(sso));
const returnSsoUrl = params.get("return_sso_url");
if (!returnSsoUrl) {
redirect("/dashboard");
}
// 重定向到 return_sso_url
redirect(returnSsoUrl);
} catch (error) {
console.error("登录失败:", error);
redirect("/sign-in?error=AuthenticationError");
}
} }

22
src/app/api/auth/q58/route.ts
View File

@ -1,4 +1,4 @@
import { cookies, headers } from "next/headers"; import { cookies } from "next/headers";
import Hex from "crypto-js/enc-hex"; import Hex from "crypto-js/enc-hex";
import hmacSHA256 from "crypto-js/hmac-sha256"; import hmacSHA256 from "crypto-js/hmac-sha256";
import WordArray from "crypto-js/lib-typedarrays"; import WordArray from "crypto-js/lib-typedarrays";
@ -13,24 +13,8 @@ export async function POST(req: Request) {
try { try {
const nonce = WordArray.random(16).toString(); const nonce = WordArray.random(16).toString();
// 尝试从请求体中获取 OAuth 参数 // 设置基本的回调地址
let oauthParams = ""; const return_url = `${hostUrl}/authorize`;
const body = await req.json();
if (body.oauth_params) {
oauthParams = body.oauth_params;
// 保存 OAuth 参数到 cookie
cookies().set("oauth_params", oauthParams, {
maxAge: 60 * 10, // 10分钟过期
path: "/",
httpOnly: true,
secure: process.env.NODE_ENV === "production",
});
}
// 设置回调地址
const return_url = oauthParams
? `${hostUrl}/authorize?${oauthParams}` // OAuth流程回到授权页面
: `${hostUrl}/dashboard`; // 普通登录:直接到仪表板
// 构建 SSO 参数 // 构建 SSO 参数
const ssoParams = new URLSearchParams(); const ssoParams = new URLSearchParams();

27
src/components/auth/user-auth-form.tsx
View File

@ -1,7 +1,7 @@
"use client"; "use client";
import * as React from "react"; import * as React from "react";
import { useRouter, useSearchParams } from "next/navigation"; import { useRouter } from "next/navigation";
import { Loader2, MessageCircleCode } from "lucide-react"; import { Loader2, MessageCircleCode } from "lucide-react";
import { cn } from "@/lib/utils"; import { cn } from "@/lib/utils";
@ -17,44 +17,26 @@ export function UserAuthForm({
...props ...props
}: React.HTMLAttributes<HTMLDivElement>) { }: React.HTMLAttributes<HTMLDivElement>) {
const [isLoading, setIsLoading] = React.useState<boolean>(false); const [isLoading, setIsLoading] = React.useState<boolean>(false);
const router = useRouter();
const { toast } = useToast(); const { toast } = useToast();
const searchParams = useSearchParams();
const signIn = async () => { const signIn = async () => {
if (isLoading) return; if (isLoading) return;
setIsLoading(true); setIsLoading(true);
try { try {
// 构建请求体,包含 OAuth 参数
const body: Record<string, any> = {};
const currentParams = searchParams?.toString();
if (currentParams) {
body.oauth_params = currentParams;
}
const response = await fetch("/api/auth/q58", { const response = await fetch("/api/auth/q58", {
method: "POST", method: "POST",
headers: { headers: {
"Content-Type": "application/json", "Content-Type": "application/json",
}, },
body: JSON.stringify(body),
}); });
if (!response.ok) { if (!response.ok) {
const errorText = await response.text(); throw new Error("登录请求失败");
throw new Error(errorText || response.statusText);
} }
const data: DiscourseData = await response.json(); const data: DiscourseData = await response.json();
// 直接跳转到 SSO 登录页面
// 在跳转之前确保保存当前的 OAuth 参数
if (currentParams) {
localStorage.setItem("oauth_params", currentParams);
}
// 跳转到 SSO 登录页面
window.location.href = data.sso_url; window.location.href = data.sso_url;
} catch (error) { } catch (error) {
console.error("登录失败:", error); console.error("登录失败:", error);
@ -62,8 +44,7 @@ export function UserAuthForm({
toast({ toast({
variant: "destructive", variant: "destructive",
title: "登录失败", title: "登录失败",
description: description: "请求失败,请稍后重试",
error instanceof Error ? error.message : "请求失败,请稍后重试",
}); });
} }
}; };