GenarrativeAI/Genarrative
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source
This commit is contained in:
高物
2026-04-21 10:30:12 +08:00
parent ae28dab032
commit 13bc79306f
49 changed files with 3691 additions and 1357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
server-node/src/routes/authRoutes.ts
View File

@@ -1,4 +1,4 @@
import { type Request, Router } from 'express';
import { type Request, type Response, Router } from 'express';
import { z } from 'zod';
import type {
@@ -30,6 +30,10 @@ import {
sendPhoneLoginCode,
startWechatLogin,
} from '../auth/authService.js';
import {
clearAccessSessionCookie,
setAccessSessionCookie,
} from '../auth/accessSessionCookie.js';
import {
clearRefreshSessionCookie,
readRefreshSessionToken,
@@ -112,6 +116,23 @@ function buildRefreshCookieLifetimeSeconds(
);
}
function buildAccessCookieLifetimeSeconds(context: AppContext) {
return Math.max(0, context.config.authSession.accessCookieTtlSeconds);
}
async function writeAccessSessionCookie(
context: AppContext,
response: Response,
token: string,
) {
setAccessSessionCookie(
response,
context.config,
token,
buildAccessCookieLifetimeSeconds(context),
);
}
export function createAuthRoutes(context: AppContext) {
const router = Router();
const requireAuth = requireJwtAuth(context.config, context.userRepository);
@@ -145,6 +166,7 @@ export function createAuthRoutes(context: AppContext) {
user,
requestContext,
);
await writeAccessSessionCookie(context, response, result.token);
setRefreshSessionCookie(
response,
context.config,
@@ -223,6 +245,7 @@ export function createAuthRoutes(context: AppContext) {
user,
requestContext,
);
await writeAccessSessionCookie(context, response, result.token);
setRefreshSessionCookie(
response,
context.config,
@@ -298,6 +321,7 @@ export function createAuthRoutes(context: AppContext) {
user,
requestContext,
);
await writeAccessSessionCookie(context, response, result.token);
setRefreshSessionCookie(
response,
context.config,
@@ -309,7 +333,6 @@ export function createAuthRoutes(context: AppContext) {
302,
buildAuthResultRedirectUrl(redirectPath, {
auth_provider: 'wechat',
auth_token: result.token,
auth_binding_status: result.user.bindingStatus,
}),
);
@@ -352,6 +375,7 @@ export function createAuthRoutes(context: AppContext) {
user,
requestContext,
);
await writeAccessSessionCookie(context, response, result.token);
setRefreshSessionCookie(
response,
context.config,
@@ -369,6 +393,7 @@ export function createAuthRoutes(context: AppContext) {
const refreshToken = readRefreshSessionToken(request, context.config);
try {
const result = await refreshAuthSession(context, refreshToken);
await writeAccessSessionCookie(context, response, result.token);
setRefreshSessionCookie(
response,
context.config,
@@ -376,9 +401,11 @@ export function createAuthRoutes(context: AppContext) {
buildRefreshCookieLifetimeSeconds(context, result.refreshExpiresAt),
);
sendApiResponse(response, {
ok: true,
token: result.token,
});
} catch (error) {
clearAccessSessionCookie(response, context.config);
clearRefreshSessionCookie(response, context.config);
throw error;
}
@@ -479,6 +506,7 @@ export function createAuthRoutes(context: AppContext) {
routeMeta({ operation: 'auth.logout_all' }),
requireAuth,
asyncHandler(async (request, response) => {
clearAccessSessionCookie(response, context.config);
clearRefreshSessionCookie(response, context.config);
sendApiResponse(
response,
@@ -498,6 +526,7 @@ export function createAuthRoutes(context: AppContext) {
asyncHandler(async (request, response) => {
const refreshToken = readRefreshSessionToken(request, context.config);
await revokeRefreshSession(context, refreshToken);
clearAccessSessionCookie(response, context.config);
clearRefreshSessionCookie(response, context.config);
sendApiResponse(
response,