fix: 修复auth组件内一处不需要的判断，对aspect内查询state新增了forUpdate

2026-01-22 16:00:02 +08:00 · 2026-01-22 16:00:02 +08:00 · 11f978b24c
parent b8654da5fb
commit 11f978b24c
5 changed files with 6 additions and 68 deletions
--- a/es/aspects/oauth.js
+++ b/es/aspects/oauth.js
@ -32,7 +32,7 @@ export async function loginByOauth(params, context) {
        filter: {
            state: stateCode,
        },
-    }, { dontCollect: true });
+    }, { dontCollect: true, forUpdate: true }); // 这里直接加锁，防止其他人抢了
    const systemId = context.getSystemId();
    const [applicationPassport] = await context.select('applicationPassport', {
        data: {
@ -96,7 +96,7 @@ export async function loginByOauth(params, context) {
            providerUserId: oauthUserInfo.providerUserId,
            providerConfigId: state.providerId,
        }
-    }, { dontCollect: true });
+    }, { dontCollect: true, forUpdate: true }); // 加锁，防止并发绑定
    // 已登录的情况
    if (islogginedIn) {
        // 检查当前用户是否已绑定此提供商
--- a/es/components/login/oauth/authorize/index.js
+++ b/es/components/login/oauth/authorize/index.js
@ -33,36 +33,6 @@ export default OakComponent({
            const redirectUri = searchParams.get('redirect_uri') || '';
            const scope = searchParams.get('scope') || '';
            const state = searchParams.get('state') || '';
-            //判断是否允许oauth登录
-            const application = this.features.application.getApplication();
-            const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id });
-            const oauthPassport = applicationPassports?.find((ele) => ele.passport?.type === 'oauth');
-            const oauthIds = oauthPassport?.config?.oauthIds;
-            let allowOauth = false;
-            if (clientId) {
-                const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', {
-                    data: {
-                        id: 1,
-                        clientId: 1,
-                        systemId: 1,
-                    },
-                    filter: {
-                        clientId,
-                        systemId: application.systemId,
-                    }
-                });
-                if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) {
-                    allowOauth = true;
-                }
-            }
-            if (!allowOauth) {
-                this.setState({
-                    hasError: true,
-                    errorMsg: 'oauth.login',
-                });
-                this.setState({ loading: false });
-                return;
-            }
            this.setState({
                client_id: clientId,
                response_type: responseType,
--- a/lib/aspects/oauth.js
+++ b/lib/aspects/oauth.js
@ -39,7 +39,7 @@ async function loginByOauth(params, context) {
        filter: {
            state: stateCode,
        },
-    }, { dontCollect: true });
+    }, { dontCollect: true, forUpdate: true }); // 这里直接加锁，防止其他人抢了
    const systemId = context.getSystemId();
    const [applicationPassport] = await context.select('applicationPassport', {
        data: {
@ -103,7 +103,7 @@ async function loginByOauth(params, context) {
            providerUserId: oauthUserInfo.providerUserId,
            providerConfigId: state.providerId,
        }
-    }, { dontCollect: true });
+    }, { dontCollect: true, forUpdate: true }); // 加锁，防止并发绑定
    // 已登录的情况
    if (islogginedIn) {
        // 检查当前用户是否已绑定此提供商
--- a/src/aspects/oauth.ts
+++ b/src/aspects/oauth.ts
@ -43,7 +43,7 @@ export async function loginByOauth<ED extends EntityDict>(params: {
        filter: {
            state: stateCode,
        },
-    }, { dontCollect: true });
+    }, { dontCollect: true, forUpdate: true }); // 这里直接加锁，防止其他人抢了

    const systemId = context.getSystemId();
    const [applicationPassport] = await context.select('applicationPassport', {
@ -115,7 +115,7 @@ export async function loginByOauth<ED extends EntityDict>(params: {
            providerUserId: oauthUserInfo.providerUserId,
            providerConfigId: state.providerId!,
        }
-    }, { dontCollect: true })
+    }, { dontCollect: true, forUpdate: true }); // 加锁，防止并发绑定

    // 已登录的情况
    if (islogginedIn) {
--- a/src/components/login/oauth/authorize/index.ts
+++ b/src/components/login/oauth/authorize/index.ts
@ -44,38 +44,6 @@ export default OakComponent({
            const scope = searchParams.get('scope') || '';
            const state = searchParams.get('state') || '';

-            //判断是否允许oauth登录
-            const application = this.features.application.getApplication();
-            const { result: applicationPassports } = await this.features.cache.exec('getApplicationPassports', { applicationId: application.id });
-            const oauthPassport = applicationPassports?.find((ele: EntityDict['applicationPassport']['Schema']) => ele.passport?.type === 'oauth');
-            const oauthIds = oauthPassport?.config?.oauthIds;
-            let allowOauth = false;
-            if (clientId) {
-                const { data: [oauthProvider] } = await this.features.cache.refresh('oauthProvider', {
-                    data: {
-                        id: 1,
-                        clientId: 1,
-                        systemId: 1,
-                    },
-                    filter: {
-                        clientId,
-                        systemId: application.systemId,
-                    }
-                });
-                if (oauthProvider?.id && oauthIds?.length > 0 && oauthIds.includes(oauthProvider?.id)) {
-                    allowOauth = true;
-                }
-            }
-            if (!allowOauth) {
-                this.setState({
-                    hasError: true,
-                    errorMsg: 'oauth.login',
-                });
-
-                this.setState({ loading: false });
-                return;
-            }
-
            this.setState({
                client_id: clientId,
                response_type: responseType,