修复用户登录

This commit is contained in:
zhx 2026-06-25 21:48:44 +08:00
parent 4c9bca8008
commit d145f3608d
2 changed files with 4 additions and 2 deletions

View File

@ -53,7 +53,9 @@ func (h *Handler) withAuth(jwtVerifier *auth.Verifier, next http.HandlerFunc) ht
ctx := auth.WithClaims(request.Context(), claims)
if claims.TokenType == auth.TokenTypePendingRegistration {
if !pendingRegistrationAllowedPath(request.URL.Path) {
httpkit.WriteError(writer, request.WithContext(ctx), http.StatusForbidden, httpkit.CodeProfileRequired, "profile required")
// pending token 是“已验证三方身份但还不是用户”的注册态凭证;拒绝业务接口时不能返回 401/403
// 否则旧 Flutter 会把它当认证失败触发 refreshpending session 又没有 refresh token最终清登录态。
httpkit.WriteError(writer, request.WithContext(ctx), http.StatusPreconditionRequired, httpkit.CodeProfileRequired, "profile required")
return
}
next.ServeHTTP(writer, request.WithContext(ctx))

View File

@ -8565,7 +8565,7 @@ func TestPendingRegistrationTokenIsRejectedOutsideRegistrationWhitelist(t *testi
router.ServeHTTP(recorder, request)
assertEnvelope(t, recorder, http.StatusForbidden, httpkit.CodeProfileRequired, "req-pending-denied")
assertEnvelope(t, recorder, http.StatusPreconditionRequired, httpkit.CodeProfileRequired, "req-pending-denied")
}
func TestProfileGateRejectsIncompleteUsersForRoomIMRTCPaidCapabilities(t *testing.T) {