fix: old webapp url still valid (#1643)

2024-11-16 19:59:50 +08:00 · 2023-11-28 20:04:46 +08:00 · 2023-11-28 20:04:46 +08:00 · cf0ba794d7
commit cf0ba794d7
parent c21e2063fe
2 changed files with 17 additions and 22 deletions
--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@ -40,7 +40,7 @@ def decode_jwt_token():
    site = db.session.query(Site).filter(Site.code == app_code).first()
    if not app_model:
        raise NotFound()
-    if not app_code and not site:
+    if not app_code or not site:
        raise Unauthorized('Site URL is no longer valid.')
    if app_model.enable_site is False:
        raise Unauthorized('Site is disabled.')
--- a/web/service/base.ts
+++ b/web/service/base.ts
@ -237,29 +237,24 @@ const baseFetch = <T>(
            switch (res.status) {
              case 401: {
                if (isPublicAPI) {
-                  Toast.notify({ type: 'error', message: 'Invalid token' })
-                  return bodyJson.then((data: T) => Promise.reject(data))
+                  return bodyJson.then((data: ResponseError) => {
+                    Toast.notify({ type: 'error', message: data.message })
+                    return Promise.reject(data)
+                  })
                }
                const loginUrl = `${globalThis.location.origin}/signin`
-                if (IS_CE_EDITION) {
-                  bodyJson.then((data: ResponseError) => {
-                    if (data.code === 'not_setup') {
-                      globalThis.location.href = `${globalThis.location.origin}/install`
-                    }
-                    else {
-                      if (location.pathname === '/signin') {
-                        bodyJson.then((data: ResponseError) => {
-                          Toast.notify({ type: 'error', message: data.message })
-                        })
-                      }
-                      else {
-                        globalThis.location.href = loginUrl
-                      }
-                    }
-                  })
-                  return Promise.reject(Error('Unauthorized'))
-                }
-                globalThis.location.href = loginUrl
+                bodyJson.then((data: ResponseError) => {
+                  if (data.code === 'not_setup' && IS_CE_EDITION)
+                    globalThis.location.href = `${globalThis.location.origin}/install`
+                  else if (location.pathname !== '/signin' || !IS_CE_EDITION)
+                    globalThis.location.href = loginUrl
+                  else
+                    Toast.notify({ type: 'error', message: data.message })
+                }).catch(() => {
+                  // Handle any other errors
+                  globalThis.location.href = loginUrl
+                })
+
                break
              }
              case 403: