diff --git a/app/api/auth/logout/route.ts b/app/api/auth/logout/route.ts index 12fd2af..938680d 100644 --- a/app/api/auth/logout/route.ts +++ b/app/api/auth/logout/route.ts @@ -1,10 +1,15 @@ -import { NextResponse } from "next/server"; +import { NextRequest, NextResponse } from "next/server"; +import { getAuthCookieDomain } from "@/app/lib/auth-cookie-domain"; const COOKIE_NAME = "pb_session"; -const COOKIE_DOMAIN = process.env.AUTH_COOKIE_DOMAIN || ".hackrobot.cn"; -export async function POST() { +export async function POST(request: NextRequest) { + const domain = getAuthCookieDomain(request); const res = NextResponse.json({ ok: true }); - res.cookies.set(COOKIE_NAME, "", { domain: COOKIE_DOMAIN, path: "/", maxAge: 0 }); + res.cookies.set(COOKIE_NAME, "", { + ...(domain && { domain }), + path: "/", + maxAge: 0, + }); return res; } diff --git a/app/api/auth/me/route.ts b/app/api/auth/me/route.ts index 89569eb..22e3efe 100644 --- a/app/api/auth/me/route.ts +++ b/app/api/auth/me/route.ts @@ -1,12 +1,13 @@ import { NextRequest, NextResponse } from "next/server"; import { getPocketBaseConfig } from "@/config/services.config"; +import { getAuthCookieDomain } from "@/app/lib/auth-cookie-domain"; const COOKIE_NAME = "pb_session"; -const COOKIE_DOMAIN = process.env.AUTH_COOKIE_DOMAIN || ".hackrobot.cn"; const COOKIE_MAX_AGE = 60 * 60 * 24 * 365; export async function GET(request: NextRequest) { const cookie = request.cookies.get(COOKIE_NAME)?.value; + const domain = getAuthCookieDomain(request); if (!cookie) { return NextResponse.json({ ok: true, user: null }); } @@ -21,7 +22,7 @@ export async function GET(request: NextRequest) { }); if (!res.ok) { const r = NextResponse.json({ ok: true, user: null }); - r.cookies.set(COOKIE_NAME, "", { domain: COOKIE_DOMAIN, path: "/", maxAge: 0 }); + r.cookies.set(COOKIE_NAME, "", { ...(domain && { domain }), path: "/", maxAge: 0 }); return r; } const data = await res.json(); @@ -40,7 +41,7 @@ export async function GET(request: NextRequest) { token: newToken, }); r.cookies.set(COOKIE_NAME, encoded, { - domain: COOKIE_DOMAIN, + ...(domain && { domain }), path: "/", maxAge: COOKIE_MAX_AGE, secure: process.env.NODE_ENV === "production", diff --git a/app/api/auth/sync-session/route.ts b/app/api/auth/sync-session/route.ts index 0578d90..23018db 100644 --- a/app/api/auth/sync-session/route.ts +++ b/app/api/auth/sync-session/route.ts @@ -1,8 +1,8 @@ import { NextRequest, NextResponse } from "next/server"; +import { getAuthCookieDomain } from "@/app/lib/auth-cookie-domain"; const COOKIE_NAME = "pb_session"; const COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 365 天,登录态持续有效直至用户主动退出 -const COOKIE_DOMAIN = process.env.AUTH_COOKIE_DOMAIN || ".hackrobot.cn"; export async function POST(request: NextRequest) { const body = await request.json().catch(() => ({})); @@ -19,9 +19,10 @@ export async function POST(request: NextRequest) { }); const encoded = Buffer.from(payload, "utf-8").toString("base64url"); + const domain = getAuthCookieDomain(request); const res = NextResponse.json({ ok: true }); res.cookies.set(COOKIE_NAME, encoded, { - domain: COOKIE_DOMAIN, + ...(domain && { domain }), path: "/", maxAge: COOKIE_MAX_AGE, secure: process.env.NODE_ENV === "production", diff --git a/app/lib/auth-cookie-domain.ts b/app/lib/auth-cookie-domain.ts new file mode 100644 index 0000000..555d48a --- /dev/null +++ b/app/lib/auth-cookie-domain.ts @@ -0,0 +1,11 @@ +/** + * 根据请求 host 返回 Cookie domain。 + * localhost 时不设 domain,生产环境用根域实现跨站 SSO。 + */ +export function getAuthCookieDomain(request: { headers: { get: (name: string) => string | null } }): string | undefined { + const envDomain = process.env.AUTH_COOKIE_DOMAIN; + if (envDomain) return envDomain; + const host = request.headers.get("host") ?? ""; + if (host.includes("localhost") || host.startsWith("127.0.0.1")) return undefined; + return process.env.AUTH_COOKIE_DOMAIN || ".hackrobot.cn"; +} diff --git a/app/vip/components/VipHeader.tsx b/app/vip/components/VipHeader.tsx index fc866ab..7a47a71 100644 --- a/app/vip/components/VipHeader.tsx +++ b/app/vip/components/VipHeader.tsx @@ -37,11 +37,7 @@ export function VipHeader({ isLoggedIn, userName, onLogout }: VipHeaderProps) { )} - ) : ( - - 登录 - - )} + ) : null} );