From 3eeabe87d1a702d140bc0bbb301a3c2ac2332002 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=8F=A4=E6=9C=88?=
 <17949154+yazhouio@users.noreply.github.com>
Date: Wed, 13 Nov 2024 15:19:22 +0800
Subject: [PATCH] fix: clear authAuthorizeUrl cookie when redirecting to login
 (#4340)

Signed-off-by: yazhou <yazhouhu@yunify.com>
---
 server/controllers/session.js | 1 +
 server/proxy.js               | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/server/controllers/session.js b/server/controllers/session.js
index a6dcb4fdaaa..b60b4447ad8 100644
--- a/server/controllers/session.js
+++ b/server/controllers/session.js
@@ -191,6 +191,7 @@ const handleLogin = async ctx => {
   }
 
   if (authAuthorizeUrl) {
+    ctx.cookies.set('authAuthorizeUrl', null);
     ctx.body = {
       success: true,
       redirect: authAuthorizeUrl,
diff --git a/server/proxy.js b/server/proxy.js
index dc76f9034b2..e5be7088eca 100644
--- a/server/proxy.js
+++ b/server/proxy.js
@@ -141,7 +141,10 @@ const oauthProxy = {
   target,
   changeOrigin: true,
   optionsHandle(options, req, ctx) {
-    ctx.cookies.set('authAuthorizeUrl', req.url);
+    // if not login, redirect to login page
+    if (!ct.cookies.get('token')) {
+      ctx.cookies.set('authAuthorizeUrl', req.url);
+    }
   },
   events: {
     proxyReq(proxyReq, req) {