refactor: Simplify SSO authentication route and OAuth parameter handling

2025-07-19 06:21:55 +08:00 · 2025-02-21 19:39:51 +08:00 · 2025-02-21 19:39:51 +08:00 · d83f60b0a9
commit d83f60b0a9
parent d99b9bcc77
2 changed files with 26 additions and 48 deletions
--- a/src/app/api/auth/q58/route.ts
+++ b/src/app/api/auth/q58/route.ts
@ -9,35 +9,14 @@ const hostUrl = process.env.NEXT_PUBLIC_HOST_URL as string;
 const discourseHost = process.env.DISCOURSE_HOST as string;
 const clientSecret = process.env.DISCOURSE_SECRET as string;
-export async function POST(req: Request) {
+export async function POST(_req: Request) {
-  try {
+  const nonce = WordArray.random(16).toString();
-    const nonce = WordArray.random(16).toString();
+  const return_url = `${hostUrl}/authorize`;
-    let return_url = `${hostUrl}/dashboard`; // 默认重定向到仪表板
+  const sso = btoa(`nonce=${nonce}&return_sso_url=${return_url}`);
  const sig = hmacSHA256(sso, clientSecret).toString(Hex);
-    try {
+  cookies().set(AUTH_NONCE, nonce, { maxAge: 60 * 10 });
-      const body = await req.json();
+  return Response.json({
-      if (body.oauth_params) {
+    sso_url: `${discourseHost}/session/sso_provider?sso=${sso}&sig=${sig}`,
-        return_url = `${hostUrl}/oauth/authorize?${body.oauth_params}`;
+  });
      }
    } catch (error) {
      console.error("Failed to parse request body:", error);
    }
    const sso = btoa(`nonce=${nonce}&return_sso_url=${return_url}`);
    const sig = hmacSHA256(sso, clientSecret).toString(Hex);
    cookies().set(AUTH_NONCE, nonce, {
      maxAge: 60 * 10,
      path: "/",
      httpOnly: true,
      secure: process.env.NODE_ENV === "production",
    });
    return Response.json({
      sso_url: `${discourseHost}/session/sso_provider?sso=${sso}&sig=${sig}`,
    });
  } catch (error) {
    console.error("SSO 处理错误:", error);
    return Response.json({ error: "处理登录请求时发生错误" }, { status: 500 });
  }
 }
--- a/src/components/auth/user-auth-form.tsx
+++ b/src/components/auth/user-auth-form.tsx
@ -24,27 +24,26 @@ export function UserAuthForm({
  const signIn = () => {
    React.startTransition(async () => {
      try {
        // 构建请求体，包含 OAuth 参数
        const body: Record<string, any> = {};
        const oauthParams = new URLSearchParams();
        // 收集 OAuth 相关参数
        [
          "client_id",
          "redirect_uri",
          "response_type",
          "state",
          "scope",
        ].forEach((param) => {
          const value = searchParams.get(param);
          if (value) {
            oauthParams.append(param, value);
          }
        });
        // 如果存在 OAuth 参数，添加到请求体
-        if (oauthParams.toString()) {
+        if (searchParams?.has("client_id")) {
-          body.oauth_params = oauthParams.toString();
+          const oauthParams = new URLSearchParams();
          [
            "client_id",
            "redirect_uri",
            "response_type",
            "state",
            "scope",
          ].forEach((param) => {
            const value = searchParams.get(param);
            if (value) {
              oauthParams.append(param, value);
            }
          });
          if (oauthParams.toString()) {
            body.oauth_params = oauthParams.toString();
          }
        }
        const response = await fetch("/api/auth/q58", {