member/member-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use stable callback redirect_uri for oidc login

Browse Source
This commit is contained in:
Chris
2026-03-30 01:08:08 +08:00
parent eebb4beca6
commit 2f064af689
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/pages/AuthCallbackPage.vue
View File

@@ -29,17 +29,18 @@ const error = ref('')
onMounted(async () => { onMounted(async () => {
const code = route.query.code const code = route.query.code
const redirect = route.query.redirect || '/me' const redirect = sessionStorage.getItem('post_login_redirect') || '/me'
if (!code || typeof code !== 'string') { if (!code || typeof code !== 'string') {
error.value = '缺少授權碼,請重新登入' error.value = '缺少授權碼,請重新登入'
return return
} }
try { try {
const callbackUrl = `${window.location.origin}/auth/callback?redirect=${encodeURIComponent(redirect)}` const callbackUrl = `${window.location.origin}/auth/callback`
const res = await exchangeOidcCode(code, callbackUrl) const res = await exchangeOidcCode(code, callbackUrl)
authStore.setToken(res.data.access_token) authStore.setToken(res.data.access_token)
await authStore.fetchMe() await authStore.fetchMe()
sessionStorage.removeItem('post_login_redirect')
router.replace(typeof redirect === 'string' ? redirect : '/me') router.replace(typeof redirect === 'string' ? redirect : '/me')
} catch (err) { } catch (err) {
authStore.logout() authStore.logout()

3
src/pages/LoginPage.vue
View File

@@ -48,7 +48,8 @@ async function handleOidcLogin() {
error.value = '' error.value = ''
try { try {
const redirect = route.query.redirect || '/me' const redirect = route.query.redirect || '/me'
const callbackUrl = `${window.location.origin}/auth/callback?redirect=${encodeURIComponent(redirect)}` sessionStorage.setItem('post_login_redirect', typeof redirect === 'string' ? redirect : '/me')
const callbackUrl = `${window.location.origin}/auth/callback`
const res = await getOidcAuthorizeUrl(callbackUrl) const res = await getOidcAuthorizeUrl(callbackUrl)
window.location.href = res.data.authorize_url window.location.href = res.data.authorize_url
} catch (err) { } catch (err) {