fix: resolve OIDC session state issue and synchronize portal sessions

Details: - Backend: Extract Kratos session cookies and propagate via SetCookies in AuthInfo. - Backend: Include sessionJwt and token during OIDC flows in PasswordLogin. - UserFront: Add _silentSessionRecovery in main.dart to recover session via cookies if localStorage token is missing. - UserFront: Update AuthProxyService, AuthTokenStore, AuthNotifier to support silent recovery and immediate local state update before redirect. - AdminFront/DevFront: Fix OIDC authority to point directly to Gateway proxy and add recovery/error UI components.
2026-04-21 14:10:27 +09:00
parent 1024ad17d3
commit 0f79b7635b
12 changed files with 199 additions and 5 deletions
--- a/userfront/lib/main.dart
+++ b/userfront/lib/main.dart
@@ -73,6 +73,44 @@ Future<void> _loadBundledFonts() async {
  }
 }

+Future<void> _silentSessionRecovery() async {
+  _log.info("[SessionRecovery] Starting silent session recovery check...");
+
+  // 1. Local token check
+  final hasLocalToken = AuthTokenStore.hasToken();
+  if (hasLocalToken) {
+    _log.info("[SessionRecovery] Local token found. Skipping recovery.");
+    return;
+  }
+
+  _log.info(
+    "[SessionRecovery] Local token missing. Checking for browser cookies...",
+  );
+
+  try {
+    // 2. Try fetching user info (backend will use cookies if present)
+    final userInfo = await AuthProxyService.getMe();
+    final subject = userInfo['id'] ?? userInfo['identity_id'] ?? '';
+
+    if (subject.isNotEmpty) {
+      _log.info(
+        "[SessionRecovery] Valid session found via cookies. Recovering login state...",
+      );
+      // For cookie-based auth, we don't necessarily have a JWT in local storage,
+      // but AuthNotifier needs to know we are logged in.
+      final jwt = userInfo['sessionJwt'] ?? userInfo['token'] ?? 'cookie-session';
+      await AuthNotifier.instance.onLoginSuccess(jwt);
+      _log.info("[SessionRecovery] Recovery complete. Subject: $subject");
+    } else {
+      _log.warning("[SessionRecovery] Session found but subject is empty.");
+    }
+  } catch (e) {
+    _log.info(
+      "[SessionRecovery] No valid cookie session found or request failed: $e",
+    );
+  }
+}
+
 void main() async {
  WidgetsFlutterBinding.ensureInitialized();
  usePathUrlStrategy();
@@ -115,6 +153,9 @@ void main() async {
  // 폰트를 먼저 로딩해서 렌더링 깨짐(FOIT/FOUT) 최소화
  await _loadBundledFonts();

+  // 2. Silent Session Recovery (from cookies)
+  await _silentSessionRecovery();
+
  runApp(
    // URL(/en, /ko)이 있으면 우선 적용해서 첫 렌더부터 올바른 언어로 시작합니다.
    () {