kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

Fix SMS login code flow for phone relay

Browse Source
This commit is contained in:
admin-bot
2026-05-07 13:53:23 +09:00
parent 404e5179e8
commit 57a00c0236
4 changed files with 79 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
backend/internal/handler/auth_handler.go
View File

@@ -1028,6 +1028,13 @@ func (h *AuthHandler) resolveUserfrontURL(c *fiber.Ctx) string {
envParsed.Scheme == "https" && baseParsed.Scheme == "http" {
return strings.TrimRight(envURL, "/")
}
if os.Getenv("APP_ENV") == "dev" &&
envErr == nil && baseErr == nil &&
strings.EqualFold(envParsed.Hostname(), baseParsed.Hostname()) &&
(envParsed.Hostname() == "localhost" || envParsed.Hostname() == "127.0.0.1") &&
envParsed.Port() != "" && baseParsed.Port() == "" {
return strings.TrimRight(envURL, "/")
}
return baseURL
}
@@ -2003,6 +2010,13 @@ func (h *AuthHandler) VerifyLoginCode(c *fiber.Ctx) error {
if !strings.Contains(loginID, "@") {
lookupLoginID = normalizePhoneForLoginID(loginID)
}
smsLookupLoginID := ""
if !strings.Contains(loginID, "@") {
smsLookupLoginID = lookupLoginID
if mapped, _ := h.RedisService.Get(prefixLoginCodeSmsLookup + smsLookupLoginID); mapped != "" {
lookupLoginID = mapped
}
}
if h.IdpProvider == nil {
return errorJSONCode(c, fiber.StatusServiceUnavailable, "service_unavailable", "Identity provider unavailable")
@@ -2016,11 +2030,6 @@ func (h *AuthHandler) VerifyLoginCode(c *fiber.Ctx) error {
if req.VerifyOnly {
c.Locals("auth_timeline_skip", true)
effectiveLoginID := lookupLoginID
if !strings.Contains(loginID, "@") {
if mapped, _ := h.RedisService.Get(prefixLoginCodeSmsLookup + lookupLoginID); mapped != "" {
effectiveLoginID = mapped
}
}
pendingRef := strings.TrimSpace(req.PendingRef)
storedRef, _ := h.RedisService.Get(prefixLoginCodePending + lookupLoginID)
if pendingRef == "" {
@@ -2075,6 +2084,9 @@ func (h *AuthHandler) VerifyLoginCode(c *fiber.Ctx) error {
h.RedisService.Delete(prefixLoginCode + lookupLoginID)
h.RedisService.Delete(prefixLoginCodeSmsTarget + lookupLoginID)
if smsLookupLoginID != "" {
h.RedisService.Delete(prefixLoginCodeSmsLookup + smsLookupLoginID)
}
pendingRef := strings.TrimSpace(req.PendingRef)
if pendingRef == "" {
@@ -2089,6 +2101,9 @@ func (h *AuthHandler) VerifyLoginCode(c *fiber.Ctx) error {
h.RedisService.Set(prefixSession+pendingRef, string(sessionData), loginCodeExpiration)
h.RedisService.Delete(prefixLoginCodePending + lookupLoginID)
h.RedisService.Delete(prefixLoginCodeSmsTarget + lookupLoginID)
if smsLookupLoginID != "" {
h.RedisService.Delete(prefixLoginCodeSmsLookup + smsLookupLoginID)
}
return c.JSON(fiber.Map{
"status": "approved",
"pendingRef": pendingRef,