This commit is contained in:
eric
2026-03-12 19:50:25 -05:00
parent ffa5043daf
commit 37d0883ce9
22 changed files with 688 additions and 236 deletions

76
ANALYSIS_REPORT.md Normal file
View File

@@ -0,0 +1,76 @@
# 项目分析报告
## 一、项目架构概览
| 项目 | 端口 | 支付 API 前缀 | 站点 ID | 本地地址 | 线上地址 |
|------|------|---------------|---------|----------|----------|
| digital | 3000 | /digital/payh5 | digital | http://192.168.41.222:3000 | digital.hackrobot.cn |
| cnomadcna | 3001 | /cnomadcna/payh5 | meetup | http://192.168.41.222:3001 | meetup.hackrobot.cn |
| nomadvip | 3002 | /nomadvip/payh5 | vip | http://192.168.41.222:3002 | vip.hackrobot.cn |
| payjsapi | 8007 | - | - | http://192.168.41.222:8007 | api.hackrobot.cn |
## 二、PocketBase 数据表
- **users**: 用户认证
- **payments**: 支付记录
- **site_vip**: 站点 VIP 权限 (user_id, site_id, order_id, expires_at)
- **sites**: 站点配置
- **solan**: 游牧中国申请表单 (需与 users 关联)
## 三、Bug 分析与修复方案
### Bug 1: digital 首页登录注册异常
**可能原因:**
- Cookie 未设置 domain跨子域或本地 IP 访问时可能失效
- auth/me 使用 `/api/users/refresh`,需确认 PocketBase 版本兼容
- 本地开发时 PAYMENT_API_URL 默认 8700用户期望 8007
**修复:**
- 统一 Cookie 设置逻辑,生产环境设置 AUTH_COOKIE_DOMAIN
- 本地开发不设置 domain
- 修正 payjsapi 端口配置
### Bug 2: digital /course 立即报名流程
**当前逻辑:** 已实现登录校验→支付→VIP 解锁CTASection 的 handleEnroll 正确。
**需确认:** 支付返回后 useAuthAndVip 会 refetchcourse 页面需轮询支付状态。
### Bug 3: cnomadcna 首页「加入游牧中国」流程不完整
**需求:**
1. 检查 users 是否存在
2. 校验 VIP 状态
3. 老用户:弹窗密码校验,可修改密码,无 VIP 进入支付
4. 新用户:直接进入支付
5. 支付失败users 新增记录但无 VIP
6. 支付成功:解锁 VIP
**当前问题:**
- check-user 只返回 exists未返回 vip
- 老用户有 VIP 时仍会弹窗要求支付
- JoinModal 未区分「有 VIP 直接进入」逻辑
**修复:** 扩展 check-user 返回 vipHeroSection/JoinModal 按 vip 分支处理。
### Bug 4: cnomadcna 支付成功后首页未显示登录
**原因:** cnomadcna 首页无 Header/Navbar 展示登录态。
**修复:** 添加 TopBar 或复用 layout 展示 auth 状态join/paid 完成后调用 pbSaveAuth 同步 localStorage。
### Bug 5: cnomadcna /join 提交申请
**需求:** 必须先登录solan 与 users 关联。
**当前问题:** api/join 的 getOrCreateUserId 在无 cookie 时返回 `user${Date.now()}` 假 IDsolan 未正确关联真实用户。
**修复:** 未登录时返回 401强制登录后再提交solan.user_id 使用 cookie 中的真实 userId。
## 四、环境配置
将创建各项目的 .env.example本地默认
- PAYMENT_API_URL: http://192.168.41.222:8007
- NEXT_PUBLIC_POCKETBASE_URL: https://pocketbase.hackrobot.cn或本地 PB 地址)
- 本地不设置 AUTH_COOKIE_DOMAIN

View File

@@ -0,0 +1,96 @@
# Bug 与问题总结
基于代码分析,发现并已修复/待关注的问题如下。
---
## 一、已修复的 Bug
### 1. digital 首页登录注册异常
| 问题 | 原因 | 修复 |
|------|------|------|
| 登录/注册后状态异常 | Cookie 未设置 domain跨子域失效 | 新增 `auth-cookie.ts`,生产环境支持 `AUTH_COOKIE_DOMAIN` |
| auth/me 校验失败 | 使用已废弃的 `/api/users/refresh` | 改为 `POST /api/collections/users/auth-refresh` |
| AuthModal 类型错误 | `pbSaveAuth` 传入 record 的 email 可能为 undefined | 显式传入 `{ id, email: email ?? "" }` |
### 2. cnomadcna 首页「加入游牧中国」流程不完整
| 问题 | 原因 | 修复 |
|------|------|------|
| 老用户有 VIP 仍被要求支付 | check-user 只返回 exists未返回 vip | payjsapi 扩展 check-user 返回 `vip``user_id` |
| 无 VIP 状态判断 | 前端未按 vip 分支处理 | HeroSection 在 exists 且 vip 时提示「您已是会员」 |
### 3. cnomadcna 支付成功后首页未显示登录
| 问题 | 原因 | 修复 |
|------|------|------|
| 支付完成返回首页仍显示未登录 | join/paid 未同步 localStorageNavbar 不刷新 | join/paid 调用 `pbSaveAuth` 并派发 `auth:updated`Navbar 监听并 refetch |
### 4. cnomadcna /join 提交申请
| 问题 | 原因 | 修复 |
|------|------|------|
| 未登录可提交 | getOrCreateUserId 无 cookie 时返回假 ID | 未登录返回 401强制先登录 |
| solan 未关联真实用户 | 使用 `user${Date.now()}` 作为 user_id | 使用 cookie 中的真实 userId |
### 5. 环境与配置
| 问题 | 原因 | 修复 |
|------|------|------|
| payjsapi 端口不一致 | 默认 8700用户期望 8007 | run.py 支持 `PORT` 环境变量,默认 8007 |
| 各项目默认支付 API 端口 | domain.config 使用 8700 | 统一改为 127.0.0.1:8007 |
---
## 二、潜在风险与待关注点
### 1. PocketBase 管理员认证
- **现象**check-user、ensure-user、vip/check 依赖 `POCKETBASE_EMAIL``POCKETBASE_PASSWORD`
- **风险**:未配置时返回「服务配置错误」或 vip 始终为 false
- **建议**:确保各项目 `.env.local` 中正确配置管理员账号
### 2. ZPAY 回调地址
- **现象**payjsapi 的 `BASE_URL` 需为 ZPAY 可访问的公网地址
- **风险**:本地调试时 ZPAY 无法回调 localhost/内网,支付成功但 PocketBase 不更新
- **建议**:本地测试可用 ngrok 暴露 8007或部署到公网后测试回调
### 3. 跨域 Cookie
- **现象**digital/meetup/vip 三站共享登录需 `AUTH_COOKIE_DOMAIN=.hackrobot.cn`
- **风险**:生产环境未配置时,各子域登录态不共享
- **建议**:生产部署时在 `.env.local` 中设置 `AUTH_COOKIE_DOMAIN=.hackrobot.cn`
### 4. cnomadcna 新用户预创建逻辑
- **现象**`isPrivateDevHost` 时新用户会先 ensure-user 再支付,生产环境用 `pending_hex(email)` 作为 user_id
- **风险**:生产环境新用户支付成功后才创建 users逻辑正确本地预创建可能掩盖问题
- **建议**:保持现状,本地与生产流程略有差异
### 5. digital 支付 return_url
- **现象**course 页「立即报名」的 return_url 为 `/course/0/0`
- **风险**支付返回后需轮询支付状态usePayStatusPoll 依赖 `join_pay_order` cookiedigital 的 pay 路由可能未设置该 cookie
- **建议**:确认 digital 支付返回后 course 页能正确轮询并刷新 VIP 状态
---
## 三、代码质量与结构
| 类型 | 说明 |
|------|------|
| 重复逻辑 | 三个前端的 auth、pay、vip 逻辑相似,可考虑抽公共库 |
| 硬编码 | 部分文案、金额、URL 散落代码中,建议集中到 config |
| 错误处理 | 部分 API 的 catch 仅 `console.error`,未统一错误格式 |
| 类型安全 | AuthModal 等处的 record 类型可再收紧 |
---
## 四、本次修改项(当前会话)
1. **支付测试价格**:所有前端默认 1 元100 分)
2. **默认 zpay 渠道**:各项目 `.env.local` 设置 `PAYMENT_PROVIDER=zpay`cnomadcna 默认 channel 改为 alipay
3. **.env.local**:为 digital、cnomadcna、nomadvip、payjsapi 创建本地调试配置
4. **cnomadcna 支付页**/api/pay 返回的 HTML 使用 `opacity:0` 隐藏「正在跳转」提示,直接进入支付流程

View File

@@ -8,16 +8,27 @@ import { LessonMarkdown } from "./LessonMarkdown";
import { getLesson } from "@/config/lessons"; import { getLesson } from "@/config/lessons";
import { canWatchLesson } from "@/app/lib/course-payment"; import { canWatchLesson } from "@/app/lib/course-payment";
import { useAuthAndVip } from "@/app/lib/useAuthAndVip"; import { useAuthAndVip } from "@/app/lib/useAuthAndVip";
import { getStoredToken, getStoredUser } from "@/app/lib/pocketbase";
import { setLastWatched, markCompleted } from "@/app/lib/learning"; import { setLastWatched, markCompleted } from "@/app/lib/learning";
import { DOWNLOAD_CONFIG } from "@/config/course"; import { DOWNLOAD_CONFIG } from "@/config/course";
import Header from "@/app/components/Header"; import Header from "@/app/components/Header";
import AuthModal from "@/app/components/AuthModal";
import {
getPayEnv,
getRecommendedChannel,
mustUseWxPay,
redirectToPay,
getDeviceFromEnv,
} from "@/app/lib/payment";
export default function LessonPage() { export default function LessonPage() {
const params = useParams(); const params = useParams();
const router = useRouter(); const router = useRouter();
const { t } = useTranslation("community"); const { t } = useTranslation("community");
const { vip } = useAuthAndVip(); const { user, vip } = useAuthAndVip();
const [toast, setToast] = useState(false); const [toast, setToast] = useState(false);
const [authOpen, setAuthOpen] = useState(false);
const [payRedirecting, setPayRedirecting] = useState(false);
const moduleIndex = Number(params.moduleIndex); const moduleIndex = Number(params.moduleIndex);
const lessonIndex = Number(params.lessonIndex); const lessonIndex = Number(params.lessonIndex);
@@ -29,6 +40,57 @@ export default function LessonPage() {
if (lesson && unlocked) setLastWatched(moduleIndex, lessonIndex, lesson.name); if (lesson && unlocked) setLastWatched(moduleIndex, lessonIndex, lesson.name);
}, [moduleIndex, lessonIndex, lesson?.name, unlocked]); }, [moduleIndex, lessonIndex, lesson?.name, unlocked]);
const startPay = (userId: string) => {
const env = getPayEnv();
const channel = mustUseWxPay(env) ? "wxpay" : getRecommendedChannel(env);
const device = getDeviceFromEnv(env);
const returnUrl = `${window.location.origin}${window.location.pathname}`;
redirectToPay({
user_id: userId,
return_url: returnUrl,
channel,
device,
useJoinConfig: true,
});
};
const handleEnroll = async () => {
if (payRedirecting) return;
setPayRedirecting(true);
try {
if (user?.id) {
startPay(user.id);
return;
}
const meRes = await fetch("/api/auth/me", { credentials: "include" });
const meData = await meRes.json().catch(() => ({}));
if (meData?.user?.id) {
startPay(meData.user.id);
return;
}
const storedUser = getStoredUser();
const storedToken = getStoredToken();
if (storedUser?.id && storedToken) {
await fetch("/api/auth/sync-session", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ token: storedToken, record: storedUser }),
credentials: "include",
}).catch(() => null);
startPay(storedUser.id);
return;
}
setAuthOpen(true);
} finally {
setPayRedirecting(false);
}
};
if (!lesson || isNaN(moduleIndex) || isNaN(lessonIndex)) { if (!lesson || isNaN(moduleIndex) || isNaN(lessonIndex)) {
return ( return (
<div className="min-h-screen bg-[var(--background)]"> <div className="min-h-screen bg-[var(--background)]">
@@ -36,14 +98,12 @@ export default function LessonPage() {
<main className="pt-20 pb-16"> <main className="pt-20 pb-16">
<div className="mx-auto max-w-4xl px-4 py-16 text-center"> <div className="mx-auto max-w-4xl px-4 py-16 text-center">
<h1 className="mb-4 text-2xl font-bold"></h1> <h1 className="mb-4 text-2xl font-bold"></h1>
<p className="mb-6 text-[var(--muted-foreground)]"> <p className="mb-6 text-[var(--muted-foreground)]"></p>
</p>
<Link <Link
href="/course" href="/course"
className="inline-flex items-center gap-2 rounded-full bg-[var(--accent)] px-6 py-3 font-medium text-[var(--accent-foreground)] transition hover:opacity-90" className="inline-flex items-center gap-2 rounded-full bg-[var(--accent)] px-6 py-3 font-medium text-[var(--accent-foreground)] transition hover:opacity-90"
> >
</Link> </Link>
</div> </div>
</main> </main>
@@ -56,7 +116,6 @@ export default function LessonPage() {
<Header /> <Header />
<main className="pt-14 pb-16 md:pt-16"> <main className="pt-14 pb-16 md:pt-16">
<div className="mx-auto max-w-4xl px-4 sm:px-6"> <div className="mx-auto max-w-4xl px-4 sm:px-6">
{/* 返回导航 */}
<nav className="mb-6 flex items-center gap-2 text-sm"> <nav className="mb-6 flex items-center gap-2 text-sm">
<button <button
type="button" type="button"
@@ -74,7 +133,6 @@ export default function LessonPage() {
</Link> </Link>
</nav> </nav>
{/* 标题 */}
<h1 className="mb-2 flex items-center gap-2 text-xl font-bold sm:text-2xl md:text-3xl"> <h1 className="mb-2 flex items-center gap-2 text-xl font-bold sm:text-2xl md:text-3xl">
{lesson.name} {lesson.name}
{isFreeTrial && ( {isFreeTrial && (
@@ -83,11 +141,8 @@ export default function LessonPage() {
</span> </span>
)} )}
</h1> </h1>
<p className="mb-8 text-sm text-[var(--muted-foreground)]"> <p className="mb-8 text-sm text-[var(--muted-foreground)]"> {lesson.duration}</p>
{lesson.duration}
</p>
{/* 视频播放器 / 锁定 overlay */}
<div className="relative mb-12"> <div className="relative mb-12">
{unlocked ? ( {unlocked ? (
<VideoPlayer <VideoPlayer
@@ -102,18 +157,19 @@ export default function LessonPage() {
<div className="aspect-video flex flex-col items-center justify-center gap-4 bg-zinc-900"> <div className="aspect-video flex flex-col items-center justify-center gap-4 bg-zinc-900">
<span className="text-6xl">🔒</span> <span className="text-6xl">🔒</span>
<p className="text-lg text-white/90"></p> <p className="text-lg text-white/90"></p>
<Link <button
href="/join" type="button"
className="rounded-full bg-[var(--accent)] px-6 py-3 font-medium text-[var(--accent-foreground)] transition hover:opacity-90" onClick={handleEnroll}
disabled={payRedirecting}
className="rounded-full bg-[var(--accent)] px-6 py-3 font-medium text-[var(--accent-foreground)] transition hover:opacity-90 disabled:opacity-70"
> >
{payRedirecting ? "跳转支付中..." : "立即报名"}
</Link> </button>
</div> </div>
</div> </div>
)} )}
</div> </div>
{/* 配套文档 - 仅解锁后显示 */}
{unlocked && ( {unlocked && (
<div className="relative rounded-xl border border-[var(--border)] bg-[var(--card)] p-6 shadow-sm md:rounded-2xl md:p-8"> <div className="relative rounded-xl border border-[var(--border)] bg-[var(--card)] p-6 shadow-sm md:rounded-2xl md:p-8">
<h2 className="mb-6 flex items-center gap-2 text-lg font-semibold"> <h2 className="mb-6 flex items-center gap-2 text-lg font-semibold">
@@ -126,7 +182,6 @@ export default function LessonPage() {
</div> </div>
)} )}
{/* 网盘下载 */}
{DOWNLOAD_CONFIG.enabled && unlocked && ( {DOWNLOAD_CONFIG.enabled && unlocked && (
<div className="mt-8 rounded-xl border border-[var(--border)] bg-[var(--card)] p-6 shadow-sm md:rounded-2xl md:p-8"> <div className="mt-8 rounded-xl border border-[var(--border)] bg-[var(--card)] p-6 shadow-sm md:rounded-2xl md:p-8">
<h2 className="mb-4 flex items-center gap-2 text-lg font-semibold"> <h2 className="mb-4 flex items-center gap-2 text-lg font-semibold">
@@ -135,9 +190,7 @@ export default function LessonPage() {
</svg> </svg>
{DOWNLOAD_CONFIG.title} {DOWNLOAD_CONFIG.title}
</h2> </h2>
<p className="mb-4 text-sm text-[var(--muted-foreground)]"> <p className="mb-4 text-sm text-[var(--muted-foreground)]"></p>
</p>
<a <a
href={DOWNLOAD_CONFIG.url} href={DOWNLOAD_CONFIG.url}
target="_blank" target="_blank"
@@ -161,6 +214,14 @@ export default function LessonPage() {
{t("updating")} {t("updating")}
</div> </div>
)} )}
<AuthModal
isOpen={authOpen}
onClose={() => setAuthOpen(false)}
onSuccess={() => {
setAuthOpen(false);
void handleEnroll();
}}
/>
</div> </div>
); );
} }

View File

@@ -0,0 +1,45 @@
import { NextRequest, NextResponse } from "next/server";
import { getPocketBaseConfig } from "@/config/services.config";
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
export async function POST(request: NextRequest) {
const body = await request.json().catch(() => ({}));
const identity = String(body?.identity || body?.email || "").trim();
const password = String(body?.password || "");
if (!identity || !password) {
return NextResponse.json({ ok: false, error: "Missing identity or password" }, { status: 400 });
}
const pb = getPocketBaseConfig();
const pbRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-with-password`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ identity, password }),
});
const pbData = await pbRes.json().catch(() => ({}));
if (!pbRes.ok || !pbData?.token || !pbData?.record?.id) {
return NextResponse.json(
{ ok: false, error: pbData?.message || "Login failed" },
{ status: pbRes.status || 401 }
);
}
const payload = JSON.stringify({
token: pbData.token,
userId: pbData.record.id,
email: pbData.record.email ?? identity,
});
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
const res = NextResponse.json({
ok: true,
token: pbData.token,
record: pbData.record,
user: { id: pbData.record.id, email: pbData.record.email ?? identity },
});
res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
return res;
}

View File

@@ -1,15 +1,8 @@
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { getAuthCookieDomain } from "@/config/domain.config"; import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
const COOKIE_NAME = "pb_session";
export async function POST(request: NextRequest) { export async function POST(request: NextRequest) {
const domain = getAuthCookieDomain(request);
const res = NextResponse.json({ ok: true }); const res = NextResponse.json({ ok: true });
res.cookies.set(COOKIE_NAME, "", { res.cookies.set(COOKIE_NAME, "", getCookieOptions(true, getHostFromRequest(request)) as Record<string, string | number | boolean>);
...(domain && { domain }),
path: "/",
maxAge: 0,
});
return res; return res;
} }

View File

@@ -1,13 +1,9 @@
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { getPocketBaseConfig } from "@/config/services.config"; import { getPocketBaseConfig } from "@/config/services.config";
import { getAuthCookieDomain } from "@/config/domain.config"; import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
const COOKIE_NAME = "pb_session";
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365;
export async function GET(request: NextRequest) { export async function GET(request: NextRequest) {
const cookie = request.cookies.get(COOKIE_NAME)?.value; const cookie = request.cookies.get(COOKIE_NAME)?.value;
const domain = getAuthCookieDomain(request);
if (!cookie) { if (!cookie) {
return NextResponse.json({ ok: true, user: null }); return NextResponse.json({ ok: true, user: null });
} }
@@ -17,18 +13,18 @@ export async function GET(request: NextRequest) {
if (!token || !userId) return NextResponse.json({ ok: true, user: null }); if (!token || !userId) return NextResponse.json({ ok: true, user: null });
const pb = getPocketBaseConfig(); const pb = getPocketBaseConfig();
const res = await fetch(`${pb.url}/api/users/refresh`, { const res = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-refresh`, {
method: "POST",
headers: { Authorization: `Bearer ${token}` }, headers: { Authorization: `Bearer ${token}` },
}); });
if (!res.ok) { if (!res.ok) {
const r = NextResponse.json({ ok: true, user: null }); const r = NextResponse.json({ ok: true, user: null });
r.cookies.set(COOKIE_NAME, "", { ...(domain && { domain }), path: "/", maxAge: 0 }); r.cookies.set(COOKIE_NAME, "", getCookieOptions(true, getHostFromRequest(request)) as Record<string, string | number | boolean>);
return r; return r;
} }
const data = await res.json(); const data = await res.json();
const newToken = data.token; const newToken = data.token;
const newRecord = data.record; const newRecord = data.record;
// 刷新成功:回写新 token 到 Cookie保持登录态长期有效
if (newToken && newRecord?.id) { if (newToken && newRecord?.id) {
const newPayload = JSON.stringify({ const newPayload = JSON.stringify({
token: newToken, token: newToken,
@@ -41,14 +37,7 @@ export async function GET(request: NextRequest) {
user: { id: newRecord.id, email: newRecord.email ?? email }, user: { id: newRecord.id, email: newRecord.email ?? email },
token: newToken, token: newToken,
}); });
r.cookies.set(COOKIE_NAME, encoded, { r.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
...(domain && { domain }),
path: "/",
maxAge: COOKIE_MAX_AGE,
secure: process.env.NODE_ENV === "production",
sameSite: "lax",
httpOnly: true,
});
return r; return r;
} }
return NextResponse.json({ return NextResponse.json({

View File

@@ -0,0 +1,62 @@
import { NextRequest, NextResponse } from "next/server";
import { getPocketBaseConfig } from "@/config/services.config";
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
export async function POST(request: NextRequest) {
const body = await request.json().catch(() => ({}));
const email = String(body?.email || "").trim();
const password = String(body?.password || "");
const passwordConfirm = String(body?.passwordConfirm || "");
if (!email || !password || !passwordConfirm) {
return NextResponse.json(
{ ok: false, error: "Missing email/password/passwordConfirm" },
{ status: 400 }
);
}
const pb = getPocketBaseConfig();
const createRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/records`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ email, password, passwordConfirm }),
});
const createData = await createRes.json().catch(() => ({}));
if (!createRes.ok) {
return NextResponse.json(
{ ok: false, error: createData?.message || "Register failed" },
{ status: createRes.status || 400 }
);
}
const loginRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-with-password`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ identity: email, password }),
});
const loginData = await loginRes.json().catch(() => ({}));
if (!loginRes.ok || !loginData?.token || !loginData?.record?.id) {
return NextResponse.json(
{ ok: false, error: loginData?.message || "Auto login failed after register" },
{ status: loginRes.status || 401 }
);
}
const payload = JSON.stringify({
token: loginData.token,
userId: loginData.record.id,
email: loginData.record.email ?? email,
});
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
const res = NextResponse.json({
ok: true,
token: loginData.token,
record: loginData.record,
user: { id: loginData.record.id, email: loginData.record.email ?? email },
});
res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
return res;
}

View File

@@ -1,8 +1,5 @@
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { getAuthCookieDomain } from "@/config/domain.config"; import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
const COOKIE_NAME = "pb_session";
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 365 天,登录态持续有效直至用户主动退出
export async function POST(request: NextRequest) { export async function POST(request: NextRequest) {
const body = await request.json().catch(() => ({})); const body = await request.json().catch(() => ({}));
@@ -19,15 +16,7 @@ export async function POST(request: NextRequest) {
}); });
const encoded = Buffer.from(payload, "utf-8").toString("base64url"); const encoded = Buffer.from(payload, "utf-8").toString("base64url");
const domain = getAuthCookieDomain(request);
const res = NextResponse.json({ ok: true }); const res = NextResponse.json({ ok: true });
res.cookies.set(COOKIE_NAME, encoded, { res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
...(domain && { domain }),
path: "/",
maxAge: COOKIE_MAX_AGE,
secure: process.env.NODE_ENV === "production",
sameSite: "lax",
httpOnly: true,
});
return res; return res;
} }

View File

@@ -1,11 +1,7 @@
"use client"; "use client";
import { useState, type FormEvent } from "react"; import { useState, type FormEvent } from "react";
import { import { pbSaveAuth } from "@/app/lib/pocketbase";
pbLogin,
pbRegister,
pbSaveAuth,
} from "@/app/lib/pocketbase";
interface AuthModalProps { interface AuthModalProps {
isOpen: boolean; isOpen: boolean;
@@ -13,6 +9,14 @@ interface AuthModalProps {
onSuccess: (email: string) => void; onSuccess: (email: string) => void;
} }
type AuthResult = {
ok: boolean;
token?: string;
record?: { id: string; email?: string; [key: string]: unknown };
error?: string;
message?: string;
};
export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps) { export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps) {
const [mode, setMode] = useState<"login" | "register">("login"); const [mode, setMode] = useState<"login" | "register">("login");
const [email, setEmail] = useState(""); const [email, setEmail] = useState("");
@@ -27,40 +31,45 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
setLoading(true); setLoading(true);
try { try {
let result;
if (mode === "register") { if (mode === "register") {
if (password !== passwordConfirm) { if (password !== passwordConfirm) {
setError("两次密码不一致"); setError("Passwords do not match");
setLoading(false); setLoading(false);
return; return;
} }
if (password.length < 8) { if (password.length < 8) {
setError("密码至少 8 位"); setError("Password must be at least 8 characters");
setLoading(false); setLoading(false);
return; return;
} }
result = await pbRegister(email, password, passwordConfirm);
} else {
result = await pbLogin(email, password);
} }
pbSaveAuth(result.token, result.record);
try { const endpoint = mode === "login" ? "/api/auth/login" : "/api/auth/register";
await fetch("/api/auth/sync-session", { const payload =
method: "POST", mode === "login"
headers: { "Content-Type": "application/json" }, ? { identity: email, password }
body: JSON.stringify({ token: result.token, record: result.record }), : { email, password, passwordConfirm };
credentials: "include",
}); const res = await fetch(endpoint, {
} catch { method: "POST",
/* ignore */ headers: { "Content-Type": "application/json" },
credentials: "include",
body: JSON.stringify(payload),
});
const data = (await res.json().catch(() => ({}))) as AuthResult;
if (!res.ok || !data?.ok || !data?.token || !data?.record) {
throw new Error(data?.error || data?.message || "Authentication failed");
} }
pbSaveAuth(data.token, { id: data.record.id, email: data.record.email ?? email });
onSuccess(email); onSuccess(email);
onClose(); onClose();
setEmail(""); setEmail("");
setPassword(""); setPassword("");
setPasswordConfirm(""); setPasswordConfirm("");
} catch (err) { } catch (err) {
setError(err instanceof Error ? err.message : "操作失败"); setError(err instanceof Error ? err.message : "Authentication failed");
} finally { } finally {
setLoading(false); setLoading(false);
} }
@@ -70,32 +79,26 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
return ( return (
<div className="fixed inset-0 z-[100] flex items-center justify-center"> <div className="fixed inset-0 z-[100] flex items-center justify-center">
<div <div className="absolute inset-0 bg-black/50" onClick={onClose} aria-hidden />
className="absolute inset-0 bg-black/50"
onClick={onClose}
aria-hidden
/>
<div className="relative w-full max-w-sm rounded-2xl bg-white p-6 shadow-xl"> <div className="relative w-full max-w-sm rounded-2xl bg-white p-6 shadow-xl">
<button <button
onClick={onClose} onClick={onClose}
className="absolute right-4 top-4 text-slate-400 hover:text-slate-600" className="absolute right-4 top-4 text-slate-400 hover:text-slate-600"
aria-label="关闭" aria-label="Close"
> >
<svg className="h-5 w-5" fill="none" viewBox="0 0 24 24" stroke="currentColor"> <svg className="h-5 w-5" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" /> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
</svg> </svg>
</button> </button>
<h2 className="text-xl font-bold text-slate-800"> <h2 className="text-xl font-bold text-slate-800">{mode === "login" ? "Login" : "Register"}</h2>
{mode === "login" ? "登录" : "注册"}
</h2>
<p className="mt-1 text-sm text-slate-500"> <p className="mt-1 text-sm text-slate-500">
{mode === "login" ? "使用邮箱密码登录" : "创建新账号"} {mode === "login" ? "Use email and password" : "Create a new account"}
</p> </p>
<form onSubmit={handleSubmit} className="mt-6 space-y-4"> <form onSubmit={handleSubmit} className="mt-6 space-y-4">
<div> <div>
<label className="mb-1 block text-sm font-medium text-slate-700"></label> <label className="mb-1 block text-sm font-medium text-slate-700">Email</label>
<input <input
type="email" type="email"
value={email} value={email}
@@ -106,12 +109,12 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
/> />
</div> </div>
<div> <div>
<label className="mb-1 block text-sm font-medium text-slate-700"></label> <label className="mb-1 block text-sm font-medium text-slate-700">Password</label>
<input <input
type="password" type="password"
value={password} value={password}
onChange={(e) => setPassword(e.target.value)} onChange={(e) => setPassword(e.target.value)}
placeholder="至少 8 位" placeholder="At least 8 characters"
required required
minLength={mode === "register" ? 8 : 1} minLength={mode === "register" ? 8 : 1}
className="w-full rounded-lg border border-slate-200 px-4 py-2.5 text-slate-800 placeholder-slate-400 focus:border-sky-500 focus:outline-none focus:ring-1 focus:ring-sky-500" className="w-full rounded-lg border border-slate-200 px-4 py-2.5 text-slate-800 placeholder-slate-400 focus:border-sky-500 focus:outline-none focus:ring-1 focus:ring-sky-500"
@@ -119,33 +122,31 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
</div> </div>
{mode === "register" && ( {mode === "register" && (
<div> <div>
<label className="mb-1 block text-sm font-medium text-slate-700"></label> <label className="mb-1 block text-sm font-medium text-slate-700">Confirm Password</label>
<input <input
type="password" type="password"
value={passwordConfirm} value={passwordConfirm}
onChange={(e) => setPasswordConfirm(e.target.value)} onChange={(e) => setPasswordConfirm(e.target.value)}
placeholder="再次输入密码" placeholder="Enter password again"
required required
className="w-full rounded-lg border border-slate-200 px-4 py-2.5 text-slate-800 placeholder-slate-400 focus:border-sky-500 focus:outline-none focus:ring-1 focus:ring-sky-500" className="w-full rounded-lg border border-slate-200 px-4 py-2.5 text-slate-800 placeholder-slate-400 focus:border-sky-500 focus:outline-none focus:ring-1 focus:ring-sky-500"
/> />
</div> </div>
)} )}
{error && ( {error && <p className="rounded-lg bg-red-50 px-3 py-2 text-sm text-red-600">{error}</p>}
<p className="rounded-lg bg-red-50 px-3 py-2 text-sm text-red-600">{error}</p>
)}
<button <button
type="submit" type="submit"
disabled={loading} disabled={loading}
className="w-full rounded-lg bg-sky-500 py-3 font-semibold text-white transition-colors hover:bg-sky-600 disabled:opacity-70" className="w-full rounded-lg bg-sky-500 py-3 font-semibold text-white transition-colors hover:bg-sky-600 disabled:opacity-70"
> >
{loading ? "处理中…" : mode === "login" ? "登录" : "注册"} {loading ? "Processing..." : mode === "login" ? "Login" : "Register"}
</button> </button>
</form> </form>
<p className="mt-4 text-center text-sm text-slate-500"> <p className="mt-4 text-center text-sm text-slate-500">
{mode === "login" ? ( {mode === "login" ? (
<> <>
{" "} No account?{" "}
<button <button
type="button" type="button"
onClick={() => { onClick={() => {
@@ -154,12 +155,12 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
}} }}
className="font-medium text-sky-500 hover:text-sky-600" className="font-medium text-sky-500 hover:text-sky-600"
> >
Register
</button> </button>
</> </>
) : ( ) : (
<> <>
{" "} Already have an account?{" "}
<button <button
type="button" type="button"
onClick={() => { onClick={() => {
@@ -168,7 +169,7 @@ export default function AuthModal({ isOpen, onClose, onSuccess }: AuthModalProps
}} }}
className="font-medium text-sky-500 hover:text-sky-600" className="font-medium text-sky-500 hover:text-sky-600"
> >
Login
</button> </button>
</> </>
)} )}

View File

@@ -4,6 +4,7 @@ import { useState } from "react";
import { Link, useTranslation } from "@/i18n/navigation"; import { Link, useTranslation } from "@/i18n/navigation";
import { TOPIC_IDS } from "@/config"; import { TOPIC_IDS } from "@/config";
import type { ResourceData } from "@/app/lib/theme-data"; import type { ResourceData } from "@/app/lib/theme-data";
import { useCrossSiteUrls } from "@/app/lib/useCrossSiteUrls";
import ResourceNavigation from "./ResourceNavigation"; import ResourceNavigation from "./ResourceNavigation";
const mainModuleKeys = ["destinations", "vipEntry", "appDownload"] as const; const mainModuleKeys = ["destinations", "vipEntry", "appDownload"] as const;
@@ -18,11 +19,6 @@ const linkIcons: Record<string, string> = {
cloudPhone: "☁️", cloudPhone: "☁️",
unmannedLive: "📺", unmannedLive: "📺",
}; };
const linkHrefs: Record<string, { href: string; newTab?: boolean }> = {
destinations: { href: "https://meetup.hackrobot.cn/", newTab: true },
vipEntry: { href: "https://vip.hackrobot.cn/", newTab: true },
appDownload: { href: "/app" },
};
type CommunityProps = { type CommunityProps = {
resourceData?: ResourceData; resourceData?: ResourceData;
@@ -31,6 +27,12 @@ type CommunityProps = {
export default function Community({ resourceData }: CommunityProps) { export default function Community({ resourceData }: CommunityProps) {
const { t } = useTranslation("community"); const { t } = useTranslation("community");
const [toast, setToast] = useState(false); const [toast, setToast] = useState(false);
const { meetupUrl, vipUrl } = useCrossSiteUrls();
const linkHrefs: Record<string, { href: string; newTab?: boolean }> = {
destinations: { href: meetupUrl, newTab: true },
vipEntry: { href: vipUrl, newTab: true },
appDownload: { href: "/app" },
};
const showUpdating = () => { const showUpdating = () => {
setToast(true); setToast(true);

View File

@@ -1,46 +1,47 @@
"use client"; "use client";
import { Link, useTranslation } from "@/i18n/navigation"; import { Link, useTranslation } from "@/i18n/navigation";
import { useCrossSiteUrls } from "@/app/lib/useCrossSiteUrls";
const footerSections = [
{
titleKey: "guide" as const,
links: [
{ labelKey: "roadmap" as const, href: "#roadmap" },
{ labelKey: "tools" as const, href: "#tools" },
{ labelKey: "destinations" as const, href: "https://meetup.hackrobot.cn/", openInNewTab: true },
],
},
{
titleKey: "resources" as const,
links: [
{ labelKey: "remoteJobs" as const, href: "#" },
{ labelKey: "visa" as const, href: "#" },
{ labelKey: "coliving" as const, href: "#" },
{ labelKey: "insurance" as const, href: "#" },
],
},
{
titleKey: "community" as const,
links: [
{ labelKey: "discord" as const, href: "#" },
{ labelKey: "wechat" as const, href: "https://vip.hackrobot.cn/", openInNewTab: true },
{ labelKey: "jike" as const, href: "#" },
],
},
{
titleKey: "about" as const,
links: [
{ labelKey: "aboutUs" as const, href: "/about", internal: true },
{ labelKey: "recruit" as const, href: "/jobs", internal: true },
{ labelKey: "privacy" as const, href: "/privacy", internal: true, openInNewTab: true },
{ labelKey: "contact" as const, href: "#" },
],
},
];
export default function Footer() { export default function Footer() {
const { t } = useTranslation("footer"); const { t } = useTranslation("footer");
const { meetupUrl, vipUrl } = useCrossSiteUrls();
const footerSections = [
{
titleKey: "guide" as const,
links: [
{ labelKey: "roadmap" as const, href: "#roadmap" },
{ labelKey: "tools" as const, href: "#tools" },
{ labelKey: "destinations" as const, href: meetupUrl, openInNewTab: true },
],
},
{
titleKey: "resources" as const,
links: [
{ labelKey: "remoteJobs" as const, href: "#" },
{ labelKey: "visa" as const, href: "#" },
{ labelKey: "coliving" as const, href: "#" },
{ labelKey: "insurance" as const, href: "#" },
],
},
{
titleKey: "community" as const,
links: [
{ labelKey: "discord" as const, href: "#" },
{ labelKey: "wechat" as const, href: vipUrl, openInNewTab: true },
{ labelKey: "jike" as const, href: "#" },
],
},
{
titleKey: "about" as const,
links: [
{ labelKey: "aboutUs" as const, href: "/about", internal: true },
{ labelKey: "recruit" as const, href: "/jobs", internal: true },
{ labelKey: "privacy" as const, href: "/privacy", internal: true, openInNewTab: true },
{ labelKey: "contact" as const, href: "#" },
],
},
];
return ( return (
<footer className="border-t border-slate-100 bg-white dark:border-slate-800 dark:bg-slate-900"> <footer className="border-t border-slate-100 bg-white dark:border-slate-800 dark:bg-slate-900">
<div className="mx-auto max-w-7xl px-4 py-12 sm:px-6 lg:px-8 lg:py-16"> <div className="mx-auto max-w-7xl px-4 py-12 sm:px-6 lg:px-8 lg:py-16">

View File

@@ -3,17 +3,11 @@
import { useState, useEffect } from "react"; import { useState, useEffect } from "react";
import { Link, useLocale, usePathname, useRouter, useTranslation } from "@/i18n/navigation"; import { Link, useLocale, usePathname, useRouter, useTranslation } from "@/i18n/navigation";
import { getStoredUserEmail } from "@/app/lib/pocketbase"; import { getStoredUserEmail } from "@/app/lib/pocketbase";
import { useCrossSiteUrls } from "@/app/lib/useCrossSiteUrls";
import AuthModal from "./AuthModal"; import AuthModal from "./AuthModal";
import ThemeToggle from "./ThemeToggle"; import ThemeToggle from "./ThemeToggle";
import UserAvatar from "./UserAvatar"; import UserAvatar from "./UserAvatar";
const navLinks = [
{ labelKey: "roadmap" as const, href: "#roadmap" },
{ labelKey: "tools" as const, href: "#tools" },
{ labelKey: "community" as const, href: "https://vip.hackrobot.cn/", external: true },
{ labelKey: "resources" as const, href: "#resources" },
];
export default function Header() { export default function Header() {
const { t } = useTranslation("common"); const { t } = useTranslation("common");
const { t: tNav } = useTranslation("nav"); const { t: tNav } = useTranslation("nav");
@@ -24,6 +18,13 @@ export default function Header() {
const [scrolled, setScrolled] = useState(false); const [scrolled, setScrolled] = useState(false);
const [authOpen, setAuthOpen] = useState(false); const [authOpen, setAuthOpen] = useState(false);
const [userEmail, setUserEmail] = useState<string | null>(null); const [userEmail, setUserEmail] = useState<string | null>(null);
const { vipUrl } = useCrossSiteUrls();
const navLinks = [
{ labelKey: "roadmap" as const, href: "#roadmap" },
{ labelKey: "tools" as const, href: "#tools" },
{ labelKey: "community" as const, href: vipUrl, external: true },
{ labelKey: "resources" as const, href: "#resources" },
];
useEffect(() => { useEffect(() => {
let mounted = true; let mounted = true;

View File

@@ -1,9 +1,6 @@
"use client"; "use client";
import { useState } from "react"; import { Link, useTranslation } from "@/i18n/navigation";
import { Link, useTranslation, useRouter } from "@/i18n/navigation";
import { useAuthAndVip } from "@/app/lib/useAuthAndVip";
import AuthModal from "@/app/components/AuthModal";
const days = [ const days = [
{ day: 1, icon: "👋", color: "bg-sky-500" }, { day: 1, icon: "👋", color: "bg-sky-500" },
@@ -17,9 +14,6 @@ const days = [
export default function Roadmap() { export default function Roadmap() {
const { t } = useTranslation("roadmap"); const { t } = useTranslation("roadmap");
const router = useRouter();
const { user, vip, loading, refetch } = useAuthAndVip();
const [authOpen, setAuthOpen] = useState(false);
return ( return (
<section id="roadmap" className="bg-slate-50 py-20 sm:py-28 dark:bg-slate-900"> <section id="roadmap" className="bg-slate-50 py-20 sm:py-28 dark:bg-slate-900">
<div className="mx-auto max-w-7xl px-4 sm:px-6 lg:px-8"> <div className="mx-auto max-w-7xl px-4 sm:px-6 lg:px-8">
@@ -90,20 +84,8 @@ export default function Roadmap() {
</span> </span>
</Link> </Link>
<button <Link
type="button" href="/course"
onClick={async () => {
if (loading) return;
if (!user) {
setAuthOpen(true);
return;
}
if (!vip) {
router.replace("/join");
return;
}
router.replace("/course");
}}
className="group flex w-full flex-col overflow-hidden rounded-2xl border-2 border-amber-200 bg-gradient-to-br from-amber-50 to-orange-50/50 p-8 text-left shadow-md transition-all hover:border-amber-300 hover:shadow-lg dark:border-amber-800 dark:from-amber-900/20 dark:to-orange-900/10 dark:hover:border-amber-700" className="group flex w-full flex-col overflow-hidden rounded-2xl border-2 border-amber-200 bg-gradient-to-br from-amber-50 to-orange-50/50 p-8 text-left shadow-md transition-all hover:border-amber-300 hover:shadow-lg dark:border-amber-800 dark:from-amber-900/20 dark:to-orange-900/10 dark:hover:border-amber-700"
> >
<div className="mb-4 flex h-14 w-14 items-center justify-center rounded-2xl bg-gradient-to-r from-amber-500 to-orange-500 text-3xl shadow-lg shadow-amber-200/50 dark:shadow-amber-900/30"> <div className="mb-4 flex h-14 w-14 items-center justify-center rounded-2xl bg-gradient-to-r from-amber-500 to-orange-500 text-3xl shadow-lg shadow-amber-200/50 dark:shadow-amber-900/30">
@@ -121,19 +103,9 @@ export default function Roadmap() {
<span className="mt-6 inline-flex items-center gap-2 self-start rounded-full bg-amber-500 px-6 py-3 font-semibold text-white transition group-hover:bg-amber-600 dark:bg-amber-600 dark:group-hover:bg-amber-500"> <span className="mt-6 inline-flex items-center gap-2 self-start rounded-full bg-amber-500 px-6 py-3 font-semibold text-white transition group-hover:bg-amber-600 dark:bg-amber-600 dark:group-hover:bg-amber-500">
{t("course.cta")} {t("course.cta")}
</span> </span>
</button> </Link>
</div> </div>
</div> </div>
<AuthModal
isOpen={authOpen}
onClose={() => setAuthOpen(false)}
onSuccess={async () => {
setAuthOpen(false);
const { vip: isVip } = await refetch();
router.replace(isVip ? "/course" : "/join");
}}
/>
</div> </div>
</section> </section>
); );

View File

@@ -3,20 +3,79 @@
import { Link } from "@/i18n/navigation"; import { Link } from "@/i18n/navigation";
import { CTA_CONFIG } from "@/config/course"; import { CTA_CONFIG } from "@/config/course";
import { useAuthAndVip } from "@/app/lib/useAuthAndVip"; import { useAuthAndVip } from "@/app/lib/useAuthAndVip";
import { getStoredToken, getStoredUser } from "@/app/lib/pocketbase";
import AuthModal from "@/app/components/AuthModal";
import {
getPayEnv,
getRecommendedChannel,
mustUseWxPay,
redirectToPay,
getDeviceFromEnv,
} from "@/app/lib/payment";
import { useState } from "react";
export function CTASection() { export function CTASection() {
const { user, vip } = useAuthAndVip(); const { user, vip } = useAuthAndVip();
const paid = !!user && vip; const paid = !!user && vip;
const [authOpen, setAuthOpen] = useState(false);
const [payRedirecting, setPayRedirecting] = useState(false);
const startPay = (userId: string) => {
const env = getPayEnv();
const channel = mustUseWxPay(env) ? "wxpay" : getRecommendedChannel(env);
const device = getDeviceFromEnv(env);
const returnUrl = `${window.location.origin}/course/0/0`;
redirectToPay({
user_id: userId,
return_url: returnUrl,
channel,
device,
useJoinConfig: true,
});
};
const handleEnroll = async () => {
if (payRedirecting) return;
setPayRedirecting(true);
try {
if (user?.id) {
startPay(user.id);
return;
}
const meRes = await fetch("/api/auth/me", { credentials: "include" });
const meData = await meRes.json().catch(() => ({}));
if (meData?.user?.id) {
startPay(meData.user.id);
return;
}
const storedUser = getStoredUser();
const storedToken = getStoredToken();
if (storedUser?.id && storedToken) {
await fetch("/api/auth/sync-session", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ token: storedToken, record: storedUser }),
credentials: "include",
}).catch(() => null);
startPay(storedUser.id);
return;
}
setAuthOpen(true);
} finally {
setPayRedirecting(false);
}
};
return ( return (
<section className="border-t border-[var(--border)] py-16 sm:py-20 md:py-24"> <section className="border-t border-[var(--border)] py-16 sm:py-20 md:py-24">
<div className="mx-auto max-w-3xl px-4 text-center sm:px-6"> <div className="mx-auto max-w-3xl px-4 text-center sm:px-6">
<h2 className="mb-4 text-xl font-bold sm:text-2xl md:text-3xl"> <h2 className="mb-4 text-xl font-bold sm:text-2xl md:text-3xl">{CTA_CONFIG.title}</h2>
{CTA_CONFIG.title} <p className="mb-6 text-[var(--muted-foreground)] sm:mb-8">{CTA_CONFIG.subtitle}</p>
</h2>
<p className="mb-6 text-[var(--muted-foreground)] sm:mb-8">
{CTA_CONFIG.subtitle}
</p>
<div className="mb-8 flex flex-wrap justify-center gap-4 text-sm text-[var(--muted-foreground)] sm:mb-10 sm:gap-6"> <div className="mb-8 flex flex-wrap justify-center gap-4 text-sm text-[var(--muted-foreground)] sm:mb-10 sm:gap-6">
{CTA_CONFIG.badges.map((b, i) => ( {CTA_CONFIG.badges.map((b, i) => (
<span <span
@@ -36,14 +95,24 @@ export function CTASection() {
</Link> </Link>
) : ( ) : (
<Link <button
href="/join" type="button"
className="inline-flex items-center gap-2 rounded-full bg-[var(--accent)] px-8 py-4 text-lg font-semibold text-[var(--accent-foreground)] shadow-lg shadow-[var(--accent)]/25 transition hover:opacity-95 sm:px-10" onClick={handleEnroll}
disabled={payRedirecting}
className="inline-flex items-center gap-2 rounded-full bg-[var(--accent)] px-8 py-4 text-lg font-semibold text-[var(--accent-foreground)] shadow-lg shadow-[var(--accent)]/25 transition hover:opacity-95 disabled:opacity-70 sm:px-10"
> >
{payRedirecting ? "跳转支付中..." : "立即报名 →"}
</Link> </button>
)} )}
</div> </div>
<AuthModal
isOpen={authOpen}
onClose={() => setAuthOpen(false)}
onSuccess={() => {
setAuthOpen(false);
void handleEnroll();
}}
/>
</section> </section>
); );
} }

View File

@@ -4,7 +4,16 @@ import { useState, useEffect } from "react";
import { Link } from "@/i18n/navigation"; import { Link } from "@/i18n/navigation";
import { HERO_CONFIG, CURRICULUM_CONFIG } from "@/config/course"; import { HERO_CONFIG, CURRICULUM_CONFIG } from "@/config/course";
import { useAuthAndVip } from "@/app/lib/useAuthAndVip"; import { useAuthAndVip } from "@/app/lib/useAuthAndVip";
import { getStoredToken, getStoredUser } from "@/app/lib/pocketbase";
import { getLastWatched, getProgress } from "@/app/lib/learning"; import { getLastWatched, getProgress } from "@/app/lib/learning";
import AuthModal from "@/app/components/AuthModal";
import {
getPayEnv,
getRecommendedChannel,
mustUseWxPay,
redirectToPay,
getDeviceFromEnv,
} from "@/app/lib/payment";
const TOTAL_LESSONS = CURRICULUM_CONFIG.modules.reduce((s, m) => s + m.lessons.length, 0); const TOTAL_LESSONS = CURRICULUM_CONFIG.modules.reduce((s, m) => s + m.lessons.length, 0);
@@ -12,6 +21,8 @@ export function CourseHero() {
const { user, vip } = useAuthAndVip(); const { user, vip } = useAuthAndVip();
const [last, setLast] = useState<ReturnType<typeof getLastWatched>>(null); const [last, setLast] = useState<ReturnType<typeof getLastWatched>>(null);
const [progress, setProgress] = useState({ completed: 0, percent: 0 }); const [progress, setProgress] = useState({ completed: 0, percent: 0 });
const [authOpen, setAuthOpen] = useState(false);
const [payRedirecting, setPayRedirecting] = useState(false);
useEffect(() => { useEffect(() => {
setLast(getLastWatched()); setLast(getLastWatched());
@@ -26,6 +37,57 @@ export function CourseHero() {
const paid = !!user && vip; const paid = !!user && vip;
const startPay = (userId: string) => {
const env = getPayEnv();
const channel = mustUseWxPay(env) ? "wxpay" : getRecommendedChannel(env);
const device = getDeviceFromEnv(env);
const returnUrl = `${window.location.origin}/course/0/0`;
redirectToPay({
user_id: userId,
return_url: returnUrl,
channel,
device,
useJoinConfig: true,
});
};
const handleEnroll = async () => {
if (payRedirecting) return;
setPayRedirecting(true);
try {
if (user?.id) {
startPay(user.id);
return;
}
const meRes = await fetch("/api/auth/me", { credentials: "include" });
const meData = await meRes.json().catch(() => ({}));
if (meData?.user?.id) {
startPay(meData.user.id);
return;
}
const storedUser = getStoredUser();
const storedToken = getStoredToken();
if (storedUser?.id && storedToken) {
await fetch("/api/auth/sync-session", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ token: storedToken, record: storedUser }),
credentials: "include",
}).catch(() => null);
startPay(storedUser.id);
return;
}
setAuthOpen(true);
} finally {
setPayRedirecting(false);
}
};
return ( return (
<section className="relative overflow-hidden pt-24 pb-16 sm:pt-28 sm:pb-20 md:pt-32 md:pb-24"> <section className="relative overflow-hidden pt-24 pb-16 sm:pt-28 sm:pb-20 md:pt-32 md:pb-24">
<div className="absolute inset-0 bg-[radial-gradient(ellipse_80%_50%_at_50%_-20%,var(--gradient-accent),transparent)] animate-gradient" /> <div className="absolute inset-0 bg-[radial-gradient(ellipse_80%_50%_at_50%_-20%,var(--gradient-accent),transparent)] animate-gradient" />
@@ -39,12 +101,8 @@ export function CourseHero() {
<div className="mb-10 flex flex-wrap justify-center gap-6 sm:mb-12 sm:gap-8"> <div className="mb-10 flex flex-wrap justify-center gap-6 sm:mb-12 sm:gap-8">
{HERO_CONFIG.stats.map((s) => ( {HERO_CONFIG.stats.map((s) => (
<div key={s.label} className="text-center transition-transform duration-300 hover:scale-105"> <div key={s.label} className="text-center transition-transform duration-300 hover:scale-105">
<div className="text-2xl font-bold text-[var(--accent)] sm:text-3xl md:text-4xl"> <div className="text-2xl font-bold text-[var(--accent)] sm:text-3xl md:text-4xl">{s.value}</div>
{s.value} <div className="mt-1 text-xs text-[var(--muted-foreground)] sm:text-sm">{s.label}</div>
</div>
<div className="mt-1 text-xs text-[var(--muted-foreground)] sm:text-sm">
{s.label}
</div>
</div> </div>
))} ))}
</div> </div>
@@ -64,12 +122,14 @@ export function CourseHero() {
</Link> </Link>
) : ( ) : (
<Link <button
href="/join" type="button"
className="inline-flex shrink-0 items-center gap-2 rounded-full bg-[var(--accent)] px-8 py-4 text-lg font-semibold text-[var(--accent-foreground)] transition hover:opacity-90 sm:px-10" onClick={handleEnroll}
disabled={payRedirecting}
className="inline-flex shrink-0 items-center gap-2 rounded-full bg-[var(--accent)] px-8 py-4 text-lg font-semibold text-[var(--accent-foreground)] transition hover:opacity-90 disabled:opacity-70 sm:px-10"
> >
{payRedirecting ? "跳转支付中..." : "立即报名 →"}
</Link> </button>
)} )}
</div> </div>
{paid && progress.completed > 0 && ( {paid && progress.completed > 0 && (
@@ -79,14 +139,19 @@ export function CourseHero() {
<span>{progress.completed}/{TOTAL_LESSONS} </span> <span>{progress.completed}/{TOTAL_LESSONS} </span>
</div> </div>
<div className="h-2 overflow-hidden rounded-full bg-[var(--muted)]"> <div className="h-2 overflow-hidden rounded-full bg-[var(--muted)]">
<div <div className="h-full rounded-full bg-[var(--accent)] transition-all" style={{ width: `${progress.percent}%` }} />
className="h-full rounded-full bg-[var(--accent)] transition-all"
style={{ width: `${progress.percent}%` }}
/>
</div> </div>
</div> </div>
)} )}
</div> </div>
<AuthModal
isOpen={authOpen}
onClose={() => setAuthOpen(false)}
onSuccess={() => {
setAuthOpen(false);
void handleEnroll();
}}
/>
</section> </section>
); );
} }

View File

@@ -47,9 +47,7 @@ export default function RootLayout({
}>) { }>) {
return ( return (
<html lang="zh-CN" suppressHydrationWarning> <html lang="zh-CN" suppressHydrationWarning>
<body <body className="antialiased font-sans">
className="antialiased font-sans"
>
<ThemeScript /> <ThemeScript />
<ThemeProvider>{children}</ThemeProvider> <ThemeProvider>{children}</ThemeProvider>
</body> </body>

34
app/lib/auth-cookie.ts Normal file
View File

@@ -0,0 +1,34 @@
/**
* 认证 Cookie 配置
* 生产环境设置 AUTH_COOKIE_DOMAIN 实现跨子域 SSO如 .hackrobot.cn
* 本地开发不设置 domain避免 IP 访问时 cookie 失效
*/
const COOKIE_NAME = "pb_session";
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365;
export { COOKIE_NAME, COOKIE_MAX_AGE };
/** 从请求 Host 头提取 hostname不含端口 */
export function getHostFromRequest(request: { headers: { get: (k: string) => string | null } }): string {
const host = request.headers.get("host") || request.headers.get("x-forwarded-host") || "";
return host.split(",")[0].trim().replace(/:\d+$/, "");
}
export function getCookieOptions(clear = false, requestHost?: string) {
const isProd = process.env.NODE_ENV === "production";
const domain = process.env.AUTH_COOKIE_DOMAIN?.trim();
const opts: Record<string, unknown> = {
path: "/",
maxAge: clear ? 0 : COOKIE_MAX_AGE,
secure: isProd,
sameSite: "lax" as const,
httpOnly: true,
};
if (domain && isProd) {
opts.domain = domain;
} else if (!isProd && requestHost && /^(\d{1,3}\.){3}\d{1,3}$/.test(requestHost)) {
opts.domain = requestHost;
}
return opts;
}

View File

@@ -9,9 +9,12 @@ type LocaleLinkProps = React.ComponentProps<typeof NextLink>;
export function LocaleLink({ href, ...props }: LocaleLinkProps) { export function LocaleLink({ href, ...props }: LocaleLinkProps) {
const locale = useLocale(); const locale = useLocale();
const hrefStr = typeof href === "string" ? href : href.pathname ?? "/"; const hrefStr = typeof href === "string" ? href : href.pathname ?? "/";
const localeHref = hrefStr.startsWith("/") const localeHref =
? `/${locale}${hrefStr === "/" ? "" : hrefStr}` hrefStr.startsWith("/api/") || hrefStr.startsWith("/_next")
: hrefStr; ? hrefStr
: hrefStr.startsWith("/")
? `/${locale}${hrefStr === "/" ? "" : hrefStr}`
: hrefStr;
return <NextLink href={localeHref} {...props} />; return <NextLink href={localeHref} {...props} />;
} }

View File

@@ -27,7 +27,6 @@ export function useAuthAndVip(): AuthAndVipState {
let newUser = meData?.user ?? null; let newUser = meData?.user ?? null;
let newVip = vipData?.vip === true; let newVip = vipData?.vip === true;
// 与 Header 一致API 无用户时,尝试从 localStorage 恢复(如 cookie 未同步、localhost 开发等)
if (!newUser) { if (!newUser) {
const storedUser = getStoredUser(); const storedUser = getStoredUser();
const storedToken = getStoredToken(); const storedToken = getStoredToken();

View File

@@ -0,0 +1,5 @@
import { MEETUP_URL, VIP_URL } from "@/config/domain.config";
export function useCrossSiteUrls(): { meetupUrl: string; vipUrl: string } {
return { meetupUrl: MEETUP_URL, vipUrl: VIP_URL };
}

View File

@@ -16,22 +16,9 @@ const isDev = process.env.NODE_ENV === "development";
export const ROOT_DOMAIN = export const ROOT_DOMAIN =
process.env.ROOT_DOMAIN || process.env.NEXT_PUBLIC_ROOT_DOMAIN || "hackrobot.cn"; process.env.ROOT_DOMAIN || process.env.NEXT_PUBLIC_ROOT_DOMAIN || "hackrobot.cn";
/** Cookie 根域SSO 跨站登录用。如 .nomadro.com、.hackrobot.cn */ /** 支付 API 默认地址(本地可用 PAYMENT_API_URL 覆盖,如 http://192.168.41.222:8007 */
export const AUTH_COOKIE_DOMAIN =
process.env.AUTH_COOKIE_DOMAIN || `.${ROOT_DOMAIN}`;
/** 根据请求 host 返回 Cookie domain。localhost 时不设 domain生产环境用根域实现跨站 SSO */
export function getAuthCookieDomain(request: { headers: { get: (name: string) => string | null } }): string | undefined {
const envDomain = process.env.AUTH_COOKIE_DOMAIN;
if (envDomain) return envDomain;
const host = request.headers.get("host") ?? "";
if (host.includes("localhost") || host.startsWith("127.0.0.1")) return undefined;
return AUTH_COOKIE_DOMAIN;
}
/** 支付 API 默认地址 */
export const DEFAULT_PAYMENT_API_URL = isDev export const DEFAULT_PAYMENT_API_URL = isDev
? "http://127.0.0.1:8700" ? "http://127.0.0.1:8007"
: `https://api.${ROOT_DOMAIN}`; : `https://api.${ROOT_DOMAIN}`;
/** PocketBase 默认地址 */ /** PocketBase 默认地址 */
@@ -44,3 +31,9 @@ export const DEFAULT_SITE_URL = isDev
/** MinIO 端点默认主机 */ /** MinIO 端点默认主机 */
export const DEFAULT_MINIO_HOST = `minioweb.${ROOT_DOMAIN}`; export const DEFAULT_MINIO_HOST = `minioweb.${ROOT_DOMAIN}`;
/** meetup目的地站链接 */
export const MEETUP_URL = `https://meetup.${ROOT_DOMAIN}/`;
/** vip异度星球站链接 */
export const VIP_URL = `https://vip.${ROOT_DOMAIN}/`;

View File

@@ -3,7 +3,7 @@
"version": "0.1.0", "version": "0.1.0",
"private": true, "private": true,
"scripts": { "scripts": {
"dev": "next dev", "dev": "next dev -p 3000 -H 0.0.0.0",
"build": "next build", "build": "next build",
"start": "next start", "start": "next start",
"lint": "eslint" "lint": "eslint"
@@ -12,8 +12,6 @@
"@fontsource-variable/geist": "^5.2.8", "@fontsource-variable/geist": "^5.2.8",
"@fontsource-variable/geist-mono": "^5.2.7", "@fontsource-variable/geist-mono": "^5.2.7",
"@aws-sdk/client-s3": "^3.1004.0", "@aws-sdk/client-s3": "^3.1004.0",
"@fontsource-variable/geist": "^5.2.8",
"@fontsource-variable/geist-mono": "^5.2.7",
"github-markdown-css": "^5.6.1", "github-markdown-css": "^5.6.1",
"highlight.js": "^11.11.1", "highlight.js": "^11.11.1",
"marked": "^14.1.2", "marked": "^14.1.2",