diff --git a/es/aspects/oauth.js b/es/aspects/oauth.js index 30d637380..aece0fed8 100644 --- a/es/aspects/oauth.js +++ b/es/aspects/oauth.js @@ -32,7 +32,7 @@ export async function loginByOauth(params, context) { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { data: { @@ -96,7 +96,7 @@ export async function loginByOauth(params, context) { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId, } - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { // 检查当前用户是否已绑定此提供商 diff --git a/es/components/login/oauth/authorize/index.js b/es/components/login/oauth/authorize/index.js index 481f03371..0b10c79ac 100644 --- a/es/components/login/oauth/authorize/index.js +++ b/es/components/login/oauth/authorize/index.js @@ -33,36 +33,6 @@ export default OakComponent({ const redirectUri = searchParams.get('redirect_uri') || ''; const scope = searchParams.get('scope') || ''; const state = searchParams.get('state') || ''; - //判断是否允许oauth登录 - const application = this.features.application.getApplication(); - const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id }); - const oauthPassport = applicationPassports?.find((ele) => ele.passport?.type === 'oauth'); - const oauthIds = oauthPassport?.config?.oauthIds; - let allowOauth = false; - if (clientId) { - const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', { - data: { - id: 1, - clientId: 1, - systemId: 1, - }, - filter: { - clientId, - systemId: application.systemId, - } - }); - if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) { - allowOauth = true; - } - } - if (!allowOauth) { - this.setState({ - hasError: true, - errorMsg: 'oauth.login', - }); - this.setState({ loading: false }); - return; - } this.setState({ client_id: clientId, response_type: responseType, diff --git a/lib/aspects/oauth.js b/lib/aspects/oauth.js index cfde86094..992bcf483 100644 --- a/lib/aspects/oauth.js +++ b/lib/aspects/oauth.js @@ -39,7 +39,7 @@ async function loginByOauth(params, context) { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { data: { @@ -103,7 +103,7 @@ async function loginByOauth(params, context) { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId, } - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { // 检查当前用户是否已绑定此提供商 diff --git a/src/aspects/oauth.ts b/src/aspects/oauth.ts index d2c4200af..4e15a04a6 100644 --- a/src/aspects/oauth.ts +++ b/src/aspects/oauth.ts @@ -43,7 +43,7 @@ export async function loginByOauth(params: { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { @@ -115,7 +115,7 @@ export async function loginByOauth(params: { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId!, } - }, { dontCollect: true }) + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { diff --git a/src/components/login/oauth/authorize/index.ts b/src/components/login/oauth/authorize/index.ts index 79bc173be..678780b48 100644 --- a/src/components/login/oauth/authorize/index.ts +++ b/src/components/login/oauth/authorize/index.ts @@ -44,38 +44,6 @@ export default OakComponent({ const scope = searchParams.get('scope') || ''; const state = searchParams.get('state') || ''; - //判断是否允许oauth登录 - const application = this.features.application.getApplication(); - const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id }); - const oauthPassport = applicationPassports?.find((ele: EntityDict['applicationPassport']['Schema']) => ele.passport?.type === 'oauth'); - const oauthIds = oauthPassport?.config?.oauthIds; - let allowOauth = false; - if (clientId) { - const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', { - data: { - id: 1, - clientId: 1, - systemId: 1, - }, - filter: { - clientId, - systemId: application.systemId, - } - }); - if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) { - allowOauth = true; - } - } - if (!allowOauth) { - this.setState({ - hasError: true, - errorMsg: 'oauth.login', - }); - - this.setState({ loading: false }); - return; - } - this.setState({ client_id: clientId, response_type: responseType,