From 11f978b24c2564d3173476508c99b5cff4c89baa Mon Sep 17 00:00:00 2001 From: qcqcqc <1220204124@zust.edu.cn> Date: Thu, 22 Jan 2026 16:00:02 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8Dauth=E7=BB=84=E4=BB=B6?= =?UTF-8?q?=E5=86=85=E4=B8=80=E5=A4=84=E4=B8=8D=E9=9C=80=E8=A6=81=E7=9A=84?= =?UTF-8?q?=E5=88=A4=E6=96=AD=EF=BC=8C=E5=AF=B9aspect=E5=86=85=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2state=E6=96=B0=E5=A2=9E=E4=BA=86forUpdate?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- es/aspects/oauth.js | 4 +-- es/components/login/oauth/authorize/index.js | 30 ----------------- lib/aspects/oauth.js | 4 +-- src/aspects/oauth.ts | 4 +-- src/components/login/oauth/authorize/index.ts | 32 ------------------- 5 files changed, 6 insertions(+), 68 deletions(-) diff --git a/es/aspects/oauth.js b/es/aspects/oauth.js index 30d637380..aece0fed8 100644 --- a/es/aspects/oauth.js +++ b/es/aspects/oauth.js @@ -32,7 +32,7 @@ export async function loginByOauth(params, context) { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { data: { @@ -96,7 +96,7 @@ export async function loginByOauth(params, context) { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId, } - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { // 检查当前用户是否已绑定此提供商 diff --git a/es/components/login/oauth/authorize/index.js b/es/components/login/oauth/authorize/index.js index 481f03371..0b10c79ac 100644 --- a/es/components/login/oauth/authorize/index.js +++ b/es/components/login/oauth/authorize/index.js @@ -33,36 +33,6 @@ export default OakComponent({ const redirectUri = searchParams.get('redirect_uri') || ''; const scope = searchParams.get('scope') || ''; const state = searchParams.get('state') || ''; - //判断是否允许oauth登录 - const application = this.features.application.getApplication(); - const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id }); - const oauthPassport = applicationPassports?.find((ele) => ele.passport?.type === 'oauth'); - const oauthIds = oauthPassport?.config?.oauthIds; - let allowOauth = false; - if (clientId) { - const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', { - data: { - id: 1, - clientId: 1, - systemId: 1, - }, - filter: { - clientId, - systemId: application.systemId, - } - }); - if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) { - allowOauth = true; - } - } - if (!allowOauth) { - this.setState({ - hasError: true, - errorMsg: 'oauth.login', - }); - this.setState({ loading: false }); - return; - } this.setState({ client_id: clientId, response_type: responseType, diff --git a/lib/aspects/oauth.js b/lib/aspects/oauth.js index cfde86094..992bcf483 100644 --- a/lib/aspects/oauth.js +++ b/lib/aspects/oauth.js @@ -39,7 +39,7 @@ async function loginByOauth(params, context) { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { data: { @@ -103,7 +103,7 @@ async function loginByOauth(params, context) { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId, } - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { // 检查当前用户是否已绑定此提供商 diff --git a/src/aspects/oauth.ts b/src/aspects/oauth.ts index d2c4200af..4e15a04a6 100644 --- a/src/aspects/oauth.ts +++ b/src/aspects/oauth.ts @@ -43,7 +43,7 @@ export async function loginByOauth(params: { filter: { state: stateCode, }, - }, { dontCollect: true }); + }, { dontCollect: true, forUpdate: true }); // 这里直接加锁,防止其他人抢了 const systemId = context.getSystemId(); const [applicationPassport] = await context.select('applicationPassport', { @@ -115,7 +115,7 @@ export async function loginByOauth(params: { providerUserId: oauthUserInfo.providerUserId, providerConfigId: state.providerId!, } - }, { dontCollect: true }) + }, { dontCollect: true, forUpdate: true }); // 加锁,防止并发绑定 // 已登录的情况 if (islogginedIn) { diff --git a/src/components/login/oauth/authorize/index.ts b/src/components/login/oauth/authorize/index.ts index 79bc173be..678780b48 100644 --- a/src/components/login/oauth/authorize/index.ts +++ b/src/components/login/oauth/authorize/index.ts @@ -44,38 +44,6 @@ export default OakComponent({ const scope = searchParams.get('scope') || ''; const state = searchParams.get('state') || ''; - //判断是否允许oauth登录 - const application = this.features.application.getApplication(); - const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id }); - const oauthPassport = applicationPassports?.find((ele: EntityDict['applicationPassport']['Schema']) => ele.passport?.type === 'oauth'); - const oauthIds = oauthPassport?.config?.oauthIds; - let allowOauth = false; - if (clientId) { - const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', { - data: { - id: 1, - clientId: 1, - systemId: 1, - }, - filter: { - clientId, - systemId: application.systemId, - } - }); - if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) { - allowOauth = true; - } - } - if (!allowOauth) { - this.setState({ - hasError: true, - errorMsg: 'oauth.login', - }); - - this.setState({ loading: false }); - return; - } - this.setState({ client_id: clientId, response_type: responseType,