From ae1634a4d50cd121c9e30bb1652f298931eb6c90 Mon Sep 17 00:00:00 2001 From: Yang Luo Date: Mon, 18 Mar 2024 02:11:39 +0800 Subject: [PATCH] feat: fix user cannot logout issue about bug in GetSessionToken() --- controllers/account.go | 10 +++++----- controllers/base.go | 18 ++++++++---------- object/init.go | 5 ----- object/token_oauth.go | 11 ++++++----- 4 files changed, 19 insertions(+), 25 deletions(-) diff --git a/controllers/account.go b/controllers/account.go index cf8bf224..a668a24a 100644 --- a/controllers/account.go +++ b/controllers/account.go @@ -435,16 +435,16 @@ func (c *ApiController) GetAccount() { return } - token := c.GetSessionToken() - if token == nil { - token, err = object.GetTokenForExtension(user, c.Ctx.Request.Host) + accessToken := c.GetSessionToken() + if accessToken == "" { + accessToken, err = object.GetAccessTokenByUser(user, c.Ctx.Request.Host) if err != nil { c.ResponseError(err.Error()) return } - c.SetSessionToken(token) + c.SetSessionToken(accessToken) } - u.AccessToken = token.AccessToken + u.AccessToken = accessToken resp := Response{ Status: "ok", diff --git a/controllers/base.go b/controllers/base.go index a55826de..d691d006 100644 --- a/controllers/base.go +++ b/controllers/base.go @@ -122,15 +122,13 @@ func (c *ApiController) GetSessionUsername() string { return user.(string) } -func (c *ApiController) GetSessionToken() *object.Token { - tokenValue := c.GetSession("token") - var token *object.Token - var ok bool - if token, ok = tokenValue.(*object.Token); !ok { - token = nil +func (c *ApiController) GetSessionToken() string { + accessToken := c.GetSession("accessToken") + if accessToken == nil { + return "" } - return token + return accessToken.(string) } func (c *ApiController) GetSessionApplication() *object.Application { @@ -153,7 +151,7 @@ func (c *ApiController) ClearUserSession() { } func (c *ApiController) ClearTokenSession() { - c.SetSessionToken(nil) + c.SetSessionToken("") } func (c *ApiController) GetSessionOidc() (string, string) { @@ -182,8 +180,8 @@ func (c *ApiController) SetSessionUsername(user string) { c.SetSession("username", user) } -func (c *ApiController) SetSessionToken(token *object.Token) { - c.SetSession("token", token) +func (c *ApiController) SetSessionToken(accessToken string) { + c.SetSession("accessToken", accessToken) } // GetSessionData ... diff --git a/object/init.go b/object/init.go index 0861be1f..16174a73 100644 --- a/object/init.go +++ b/object/init.go @@ -45,7 +45,6 @@ func InitDb() { } initWebAuthn() - initToken() } func getBuiltInAccountItems() []*AccountItem { @@ -310,10 +309,6 @@ func initWebAuthn() { gob.Register(webauthn.SessionData{}) } -func initToken() { - gob.Register(&Token{}) -} - func initBuiltInUserModel() { model, err := GetModel("built-in/user-model-built-in") if err != nil { diff --git a/object/token_oauth.go b/object/token_oauth.go index 2e7d0e5b..0598d3b8 100644 --- a/object/token_oauth.go +++ b/object/token_oauth.go @@ -727,18 +727,19 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin return token, nil, nil } -func GetTokenForExtension(user *User, host string) (*Token, error) { +func GetAccessTokenByUser(user *User, host string) (string, error) { application, err := GetApplicationByUser(user) if err != nil { - return nil, err + return "", err } if application == nil { - return nil, fmt.Errorf("the application for user %s is not found", user.Id) + return "", fmt.Errorf("the application for user %s is not found", user.Id) } token, err := GetTokenByUser(application, user, "profile", "", host) if err != nil { - return nil, err + return "", err } - return token, nil + + return token.AccessToken, nil }