优化登录逻辑的实现,将认证请求和token验证的处理分成两个逻辑文件。新增交叉评查任务列表的页面(尚未对接真实数据)。
This commit is contained in:
@@ -1,12 +1,13 @@
|
||||
import { type LoaderFunctionArgs, redirect } from "@remix-run/node";
|
||||
import { OAuthClient } from "~/utils/oauth-client";
|
||||
import { OAuthClient } from "~/api/login/oauth-client";
|
||||
import { OAUTH_CONFIG } from "~/config/api-config";
|
||||
import { sessionStorage } from "~/root";
|
||||
import { sessionStorage } from "~/api/login/auth.server";
|
||||
import { toastService } from "~/components/ui";
|
||||
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
const url = new URL(request.url);
|
||||
const code = url.searchParams.get("code");
|
||||
const state = url.searchParams.get("state");
|
||||
// const state = url.searchParams.get("state");
|
||||
const error = url.searchParams.get("error");
|
||||
const error_description = url.searchParams.get("error_description");
|
||||
|
||||
@@ -18,16 +19,17 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
|
||||
// 检查是否有授权码
|
||||
if (!code) {
|
||||
toastService.error("通过OAuth2.0登录回调缺少授权码");
|
||||
console.error("OAuth2.0回调缺少授权码");
|
||||
return redirect("/login?error=missing_code");
|
||||
}
|
||||
|
||||
// 验证状态值(可选,但建议实现)
|
||||
// 这里简单验证state是否以_idp结尾
|
||||
if (!state || !state.endsWith("_idp")) {
|
||||
console.error("OAuth2.0状态值验证失败");
|
||||
return redirect("/login?error=invalid_state");
|
||||
}
|
||||
// if (!state || !state.endsWith("_idp")) {
|
||||
// console.error("OAuth2.0状态值验证失败");
|
||||
// return redirect("/login?error=invalid_state");
|
||||
// }
|
||||
|
||||
try {
|
||||
// 创建OAuth客户端
|
||||
|
||||
Reference in New Issue
Block a user