fix: S06.6 guard window.isSecureContext in Login.svelte (SSR-safe) / S06.7 remove legacy localStorage refresh token
This commit is contained in:
@@ -23,13 +23,7 @@ export function setRefreshToken() {}
|
|||||||
|
|
||||||
let refreshPromise = null;
|
let refreshPromise = null;
|
||||||
|
|
||||||
function getLegacyRefreshToken() {
|
|
||||||
return localStorage.getItem("refresh_token") || "";
|
|
||||||
}
|
|
||||||
|
|
||||||
function clearLegacyRefreshToken() {
|
|
||||||
localStorage.removeItem("refresh_token");
|
|
||||||
}
|
|
||||||
|
|
||||||
async function requestRefresh(body) {
|
async function requestRefresh(body) {
|
||||||
const r = await fetch(BASE + "/auth/refresh", {
|
const r = await fetch(BASE + "/auth/refresh", {
|
||||||
@@ -50,18 +44,9 @@ export async function tryRefreshSession() {
|
|||||||
try {
|
try {
|
||||||
const cookieRefreshed = await requestRefresh();
|
const cookieRefreshed = await requestRefresh();
|
||||||
if (cookieRefreshed) {
|
if (cookieRefreshed) {
|
||||||
clearLegacyRefreshToken();
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
const legacyRefreshToken = getLegacyRefreshToken();
|
|
||||||
if (!legacyRefreshToken) return false;
|
|
||||||
const legacyRefreshed = await requestRefresh({ refresh_token: legacyRefreshToken });
|
|
||||||
if (legacyRefreshed) {
|
|
||||||
clearLegacyRefreshToken();
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
clearLegacyRefreshToken();
|
|
||||||
return false;
|
return false;
|
||||||
} catch {
|
} catch {
|
||||||
return false;
|
return false;
|
||||||
|
|||||||
@@ -8,7 +8,14 @@
|
|||||||
let error = $state("");
|
let error = $state("");
|
||||||
let loading = $state(false);
|
let loading = $state(false);
|
||||||
let require2FA = $state(false);
|
let require2FA = $state(false);
|
||||||
let showPasswordForm = $state(!window.isSecureContext);
|
let showPasswordForm = $state(true);
|
||||||
|
let _isBrowser = $state(typeof window !== "undefined");
|
||||||
|
$effect(() => {
|
||||||
|
if (_isBrowser) {
|
||||||
|
showPasswordForm = !window.isSecureContext;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
function base64urlToBuffer(b64) {
|
function base64urlToBuffer(b64) {
|
||||||
const s = b64.replace(/-/g, '+').replace(/_/g, '/');
|
const s = b64.replace(/-/g, '+').replace(/_/g, '/');
|
||||||
|
|||||||
Reference in New Issue
Block a user