feat: admin frontend - React + Vite, auth pages, user management, roles, permissions, webhooks, devices, logs

2026-04-02 11:20:20 +08:00
parent dcc1f186f8
commit 4718980ab5
235 changed files with 35682 additions and 0 deletions
--- a/frontend/admin/src/lib/auth/oauth.test.ts
+++ b/frontend/admin/src/lib/auth/oauth.test.ts
@@ -0,0 +1,29 @@
+import { describe, expect, it } from 'vitest'
+
+import {
+  buildOAuthCallbackReturnTo,
+  parseOAuthCallbackHash,
+  sanitizeAuthRedirect,
+} from './oauth'
+
+describe('oauth auth helpers', () => {
+  it('sanitizes redirect paths to internal routes only', () => {
+    expect(sanitizeAuthRedirect('/users')).toBe('/users')
+    expect(sanitizeAuthRedirect('https://evil.example.com')).toBe('/dashboard')
+    expect(sanitizeAuthRedirect('//evil.example.com')).toBe('/dashboard')
+    expect(sanitizeAuthRedirect('users')).toBe('/dashboard')
+  })
+
+  it('builds oauth callback return url on current origin', () => {
+    expect(buildOAuthCallbackReturnTo('/users')).toBe('http://localhost:3000/login/oauth/callback?redirect=%2Fusers')
+  })
+
+  it('parses oauth callback hash payload', () => {
+    expect(parseOAuthCallbackHash('#status=success&code=abc&provider=github')).toEqual({
+      status: 'success',
+      code: 'abc',
+      provider: 'github',
+      message: '',
+    })
+  })
+})
--- a/frontend/admin/src/lib/auth/oauth.ts
+++ b/frontend/admin/src/lib/auth/oauth.ts
@@ -0,0 +1,27 @@
+export function sanitizeAuthRedirect(target: string | null | undefined, fallback: string = '/dashboard'): string {
+  const value = (target || '').trim()
+  if (!value.startsWith('/') || value.startsWith('//')) {
+    return fallback
+  }
+  return value
+}
+
+export function buildOAuthCallbackReturnTo(redirectPath: string): string {
+  const callbackUrl = new URL('/login/oauth/callback', window.location.origin)
+  if (redirectPath && redirectPath !== '/dashboard') {
+    callbackUrl.searchParams.set('redirect', redirectPath)
+  }
+  return callbackUrl.toString()
+}
+
+export function parseOAuthCallbackHash(hash: string): Record<string, string> {
+  const normalized = hash.startsWith('#') ? hash.slice(1) : hash
+  const values = new URLSearchParams(normalized)
+
+  return {
+    status: values.get('status') || '',
+    code: values.get('code') || '',
+    provider: values.get('provider') || '',
+    message: values.get('message') || '',
+  }
+}