Skip to content

Commit

Permalink
🐛 修复一个线上环境因为未设置 cookie domain 导致后端设置的用户令牌无法共享到前端的问题
Browse files Browse the repository at this point in the history
  • Loading branch information
@cfdxkk
cfdxkk committed Feb 25, 2024
1 parent 0d97cf4 commit 25a6550
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 3 deletions.
6 changes: 4 additions & 2 deletions .env.powershell.temp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
$env:SERVER_PORT="9999"
# 当前运行的环境,dev 代表开发环境
$env:SERVER_ENV="dev"
# 可选,暴露后端服务器的域名的根域名,SERVER_ENV 为 dev 时该环境变量无用
$env:SERVER_ROOT_URL="example.com"


# R2 连接点
Expand All @@ -23,12 +25,12 @@ $env:MONGODB_PASSWORD = "password"


# 以逗号分隔的集群地址和端口号,例:XXX.XXX.XXX.XXX:32000,YYY.YYY.YYY.YYY:32000,ZZZ.ZZZ.ZZZ.ZZZ:32000
$env:ELASTICSEARCH_CLUSTER_HOST: "elasticsearch cluster host"
$env:ELASTICSEARCH_CLUSTER_HOST: "elasticsearch cluster host"
# Elasticsearch 管理员用户名
$env:ELASTICSEARCH_ADMIN_USERNAME: "elasticsearch admin username"
# Elasticsearch 管理员的密码
$env:ELASTICSEARCH_ADMIN_PASSWORD: "elasticsearch admin password"
# Elasticsearch Kibana 管理员用户名
$env:ELASTICSEARCH_KIBANA_ADMIN_USERNAME: "elasticsearch kibana admin username"
# Elasticsearch Kibana 管理员的密码
$env:ELASTICSEARCH_KIBANA_ADMIN_PASSWORD: "elasticsearch kibana admin password"
$env:ELASTICSEARCH_KIBANA_ADMIN_PASSWORD: "elasticsearch kibana admin password"
11 changes: 11 additions & 0 deletions src/common/UrlTool.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
export function getCorrectCookieDomain(): string {
try {
const serverEnv = process.env.SERVER_ENV
const serverRootUrl = process.env.SERVER_ROOT_URL
const devEnvFlag = 'dev'
const localhostCookieDomain = ''
return serverEnv && serverEnv === devEnvFlag ? localhostCookieDomain : (serverRootUrl || localhostCookieDomain)
} catch (error) {
console.error('ERROR', '获取 Cookie Domain 时出错:', error)
}
}
3 changes: 2 additions & 1 deletion src/controller/UserController.ts
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { getCorrectCookieDomain } from '../common/UrlTool.js'
import { checkUserTokenService, getSelfUserInfoService, getUserAvatarUploadSignedUrlService, getUserInfoByUidService, getUserSettingsService, updateOrCreateUserInfoService, updateOrCreateUserSettingsService, updateUserEmailService, userExistsCheckService, userLoginService, userRegistrationService } from '../service/UserService.js'
import { koaCtx, koaNext } from '../type/koaTypes.js'
import { GetSelfUserInfoRequestDto, GetUserInfoByUidRequestDto, GetUserSettingsRequestDto, UpdateOrCreateUserInfoRequestDto, UpdateOrCreateUserSettingsRequestDto, UpdateUserEmailRequestDto, UserExistsCheckRequestDto, UserLoginRequestDto, UserLogoutResponseDto, UserRegistrationRequestDto } from './UserControllerDto.js'
Expand Down Expand Up @@ -181,7 +182,7 @@ export const userLogoutController = async (ctx: koaCtx, next: koaNext) => {
sameSite: 'strict' as boolean | 'none' | 'strict' | 'lax',
maxAge: 0, // 立即过期
expires: new Date(0), // 设置一个以前的日期让浏览器删除 cookie
// domain: 'yourdomain.com' // TODO 如果你在生产环境,可以设置 domain
domain: getCorrectCookieDomain(), // TODO 如果你在生产环境,可以设置 domain
}

ctx.cookies.set('token', '', cookieOption)
Expand Down

0 comments on commit 25a6550

Please sign in to comment.