forked from baron/baron-sso
Merge pull request 'fix/issue-637' (#645) from fix/issue-637 into dev
Reviewed-on: baron/baron-sso#645
This commit is contained in:
@@ -846,11 +846,13 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
|
|||||||
final profileState = ref.watch(profileProvider);
|
final profileState = ref.watch(profileProvider);
|
||||||
final profile = profileState.value;
|
final profile = profileState.value;
|
||||||
final timelineState = ref.watch(authTimelineProvider);
|
final timelineState = ref.watch(authTimelineProvider);
|
||||||
final userName =
|
final userName = (profile?.name.trim().isNotEmpty ?? false)
|
||||||
profile?.name ??
|
? profile!.name
|
||||||
profile?.email ??
|
: (profile?.email.trim().isNotEmpty ?? false)
|
||||||
profile?.phone ??
|
? profile!.email
|
||||||
tr('ui.userfront.profile.user_fallback', fallback: 'User');
|
: (profile?.phone.trim().isNotEmpty ?? false)
|
||||||
|
? profile!.phone
|
||||||
|
: tr('ui.userfront.profile.user_fallback', fallback: 'User');
|
||||||
final departmentValue =
|
final departmentValue =
|
||||||
profile?.tenant?.name ?? profile?.department ?? '';
|
profile?.tenant?.name ?? profile?.department ?? '';
|
||||||
final department = departmentValue.isNotEmpty
|
final department = departmentValue.isNotEmpty
|
||||||
|
|||||||
@@ -79,8 +79,30 @@ Future<void> _silentSessionRecovery() async {
|
|||||||
// 1. Local token check
|
// 1. Local token check
|
||||||
final hasLocalToken = AuthTokenStore.hasToken();
|
final hasLocalToken = AuthTokenStore.hasToken();
|
||||||
if (hasLocalToken) {
|
if (hasLocalToken) {
|
||||||
_log.info("[SessionRecovery] Local token found. Skipping recovery.");
|
_log.info("[SessionRecovery] Local token found. Verifying session...");
|
||||||
return;
|
try {
|
||||||
|
final status = await AuthProxyService.getSessionStatus(
|
||||||
|
token: AuthTokenStore.getToken(),
|
||||||
|
useCookie: false,
|
||||||
|
);
|
||||||
|
if (status == 401 || status == 403) {
|
||||||
|
_log.warning(
|
||||||
|
"[SessionRecovery] Local token is invalid. Clearing store.",
|
||||||
|
);
|
||||||
|
AuthTokenStore.clear();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
_log.info(
|
||||||
|
"[SessionRecovery] Local token is valid. Skipping cookie check.",
|
||||||
|
);
|
||||||
|
return;
|
||||||
|
} catch (e) {
|
||||||
|
_log.info("[SessionRecovery] Failed to verify local token: $e");
|
||||||
|
// 만약 네트워크 에러 등이라면 당장 로그아웃 시키지 않고 일단 통과시킬 수도 있지만,
|
||||||
|
// 보안과 확실한 상태 갱신을 위해 여기서는 실패 시 상태를 유지하거나 필요에 따라 처리합니다.
|
||||||
|
// (현재는 401/403 확실한 인증 실패시에만 clear 처리)
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
_log.info(
|
_log.info(
|
||||||
@@ -104,11 +126,13 @@ Future<void> _silentSessionRecovery() async {
|
|||||||
_log.info("[SessionRecovery] Recovery complete. Subject: $subject");
|
_log.info("[SessionRecovery] Recovery complete. Subject: $subject");
|
||||||
} else {
|
} else {
|
||||||
_log.warning("[SessionRecovery] Session found but subject is empty.");
|
_log.warning("[SessionRecovery] Session found but subject is empty.");
|
||||||
|
AuthTokenStore.clear();
|
||||||
}
|
}
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
_log.info(
|
_log.info(
|
||||||
"[SessionRecovery] No valid cookie session found or request failed: $e",
|
"[SessionRecovery] No valid cookie session found or request failed: $e",
|
||||||
);
|
);
|
||||||
|
AuthTokenStore.clear();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user