fix: force reset callbackurl cookie in electron (#4199)

2026-02-12 04:18:54 +00:00 · 2023-09-05 20:54:17 +08:00
parent d7838633e6
commit 8407b2dd7c
2 changed files with 12 additions and 5 deletions
--- a/apps/electron/src/main/deep-link.ts
+++ b/apps/electron/src/main/deep-link.ts
@@ -7,6 +7,7 @@ import { logger } from './logger';
 import {
  handleOpenUrlInHiddenWindow,
  mainWindowOrigin,
+  removeCookie,
  restoreOrCreateWindow,
  setCookie,
 } from './main-window';
@@ -92,11 +93,12 @@ async function handleOauthJwt(url: string) {
      });

      // force reset next-auth.callback-url
-      await setCookie({
-        url: CLOUD_BASE_URL,
-        httpOnly: true,
-        name: 'next-auth.callback-url',
-      });
+      // there could be incorrect callback-url in cookie that will cause auth failure
+      // so we need to reset it to empty to mitigate this issue
+      await removeCookie(
+        CLOUD_BASE_URL,
+        isSecure ? '__Secure-next-auth.callback-url' : 'next-auth.callback-url'
+      );

      // hacks to refresh auth state in the main window
      const window = await handleOpenUrlInHiddenWindow(
--- a/apps/electron/src/main/main-window.ts
+++ b/apps/electron/src/main/main-window.ts
@@ -203,6 +203,11 @@ export async function setCookie(
  await window.webContents.session.cookies.set(details);
 }

+export async function removeCookie(url: string, name: string): Promise<void> {
+  const window = await restoreOrCreateWindow();
+  await window.webContents.session.cookies.remove(url, name);
+}
+
 export async function getCookie(url?: string, name?: string) {
  const window = await restoreOrCreateWindow();
  const cookies = await window.webContents.session.cookies.get({