hao/tennis-training-hub
1
0
派生 0
代码 工单 合并请求 工作流 软件包 项目 发布 百科 活动

Add multi-session auth and changelog tracking

浏览代码
这个提交包含在:
cryptocommuniums-afk
2026-03-15 17:30:19 +08:00
父节点 c4ec397ed3
当前提交 a9ea94fb78
修改 27 个文件,包含 1280 行新增89 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

17
server/_core/sdk.ts
查看文件

@@ -21,7 +21,8 @@ const isNonEmptyString = (value: unknown): value is string =>
export type SessionPayload = {
openId: string;
appId: string;
name: string;
name?: string;
sid?: string;
};
const EXCHANGE_TOKEN_PATH = `/webdev.v1.WebDevAuthPublicService/ExchangeToken`;
@@ -173,6 +174,7 @@ class SDKServer {
openId,
appId: ENV.appId,
name: options.name || "",
sid: crypto.randomUUID(),
},
options
);
@@ -190,7 +192,8 @@ class SDKServer {
return new SignJWT({
openId: payload.openId,
appId: payload.appId,
name: payload.name,
name: payload.name || "",
sid: payload.sid || crypto.randomUUID(),
})
.setProtectedHeader({ alg: "HS256", typ: "JWT" })
.setExpirationTime(expirationSeconds)
@@ -199,7 +202,7 @@ class SDKServer {
async verifySession(
cookieValue: string | undefined | null
): Promise<{ openId: string; appId: string; name: string } | null> {
): Promise<{ openId: string; appId: string; name?: string; sid?: string } | null> {
if (!cookieValue) {
console.warn("[Auth] Missing session cookie");
return null;
@@ -210,12 +213,11 @@ class SDKServer {
const { payload } = await jwtVerify(cookieValue, secretKey, {
algorithms: ["HS256"],
});
const { openId, appId, name } = payload as Record<string, unknown>;
const { openId, appId, name, sid } = payload as Record<string, unknown>;
if (
!isNonEmptyString(openId) ||
!isNonEmptyString(appId) ||
!isNonEmptyString(name)
!isNonEmptyString(appId)
) {
console.warn("[Auth] Session payload missing required fields");
return null;
@@ -224,7 +226,8 @@ class SDKServer {
return {
openId,
appId,
name,
name: typeof name === "string" ? name : undefined,
sid: typeof sid === "string" ? sid : undefined,
};
} catch (error) {
console.warn("[Auth] Session verification failed", String(error));