fix: bootstrap session after password login

This commit is contained in:
wren
2026-04-29 15:58:59 +08:00
parent 0369de68cc
commit 7dbeaac5f8
3 changed files with 502 additions and 520 deletions
+4 -29
View File
@@ -152,38 +152,13 @@ export async function action({ request }: ActionFunctionArgs) {
console.log("👤 [Login Action] 用户角色:", user_info.user_role); // 应该是 "admin"
console.log("⏰ [Login Action] Token 有效期:", expires_in, "秒 (", expires_in / 3600, "小时)");
// 获取当前 URL 用于构建 callback URL
const url = new URL(request.url);
// 🔑 重要:将 token 和用户信息作为 URL 参数传递给客户端
// 复用 OAuth 登录的 callback 页面逻辑
const callbackUrl = new URL('/callback', url.origin);
callbackUrl.searchParams.set('token', access_token);
callbackUrl.searchParams.set('userInfo', encodeURIComponent(JSON.stringify({
user_id: user_info.user_id,
username: user_info.username,
nick_name: user_info.nick_name,
email: user_info.email,
phone_number: user_info.phone_number,
ou_id: user_info.ou_id,
ou_name: user_info.ou_name,
is_leader: user_info.is_leader,
user_role: user_info.user_role,
area: user_info.area,
sub: user_info.sub,
// 🔑 包含后端返回的组织信息字段(可能为null)
tenant_name: user_info.tenant_name,
dep_name: user_info.dep_name,
dep_short_name: user_info.dep_short_name,
})));
callbackUrl.searchParams.set('redirectTo', redirectTo);
// ✅ 使用统一的 session 创建函数(和 OAuth 登录一样)
// ✅ 账密登录直接写入 Cookie Session 并跳首页
// localStorage 由 root 中的客户端会话引导逻辑补写,避免 callback 跳转链路卡住
return createUserSession({
isAuthenticated: true,
userRole: user_info.user_role,
redirectTo: callbackUrl.toString(), // 先跳转到 callback 页面保存 token
frontendJWT: access_token, // 保存到 Cookie Session
redirectTo,
frontendJWT: access_token,
tokenExpiresIn: expires_in,
tokenIssuedAt: tokenIssuedAt, // 🔑 传递后端返回的签发时间
userInfo: {