"use client"; import React, { useEffect, useState } from "react"; import { useRouter, useSearchParams } from "next/navigation"; import { CheckCircle, XCircle, Loader2, AlertTriangle } from "lucide-react"; import { loginWithGoogleToken } from "@/lib/auth"; import type { OAuthCallbackParams, OAuthState } from "@/app/types/google-oauth"; export default function OAuthCallback() { const router = useRouter(); const searchParams = useSearchParams(); const [status, setStatus] = useState<"loading" | "success" | "error" | "conflict">("loading"); const [message, setMessage] = useState(""); const [conflictData, setConflictData] = useState(null); useEffect(() => { const handleOAuthCallback = async () => { try { // 获取URL参数 const params: OAuthCallbackParams = { code: searchParams.get("code") || undefined, state: searchParams.get("state") || undefined, error: searchParams.get("error") || undefined, error_description: searchParams.get("error_description") || undefined, }; // 检查是否有错误 if (params.error) { setStatus("error"); setMessage(params.error_description || `OAuth error: ${params.error}`); return; } // 验证必需参数 if (!params.code || !params.state) { setStatus("error"); setMessage("Missing required OAuth parameters"); return; } // 验证state参数防止CSRF攻击 const savedStateStr = sessionStorage.getItem("google_oauth_state"); if (!savedStateStr) { setStatus("error"); setMessage("OAuth state not found. Please try again."); return; } const savedState: OAuthState = JSON.parse(savedStateStr); if (savedState.state !== params.state) { setStatus("error"); setMessage("Invalid OAuth state. Possible CSRF attack detected."); return; } // 检查state是否过期（5分钟） if (Date.now() - savedState.timestamp > 5 * 60 * 1000) { setStatus("error"); setMessage("OAuth session expired. Please try again."); return; } // 清除保存的state sessionStorage.removeItem("google_oauth_state"); // 这里应该调用后端API处理授权码 // 但根据当前的实现，我们需要使用Google JavaScript SDK // 或者等待后端提供处理授权码的接口 // 临时处理：重定向到登录页面并显示消息 setStatus("error"); setMessage("OAuth callback processing is not yet implemented. Please use the Google login button directly."); // 3秒后重定向到登录页面 setTimeout(() => { router.push("/login?error=oauth_callback_incomplete"); }, 3000); } catch (error: any) { console.error("OAuth callback error:", error); if (error.type === 'EMAIL_CONFLICT') { setStatus("conflict"); setMessage(error.message); setConflictData(error.data); } else { setStatus("error"); setMessage(error.message || "OAuth callback processing failed"); } } }; handleOAuthCallback(); }, [searchParams, router]); const handleBindAccount = async () => { try { // 这里应该实现账户绑定逻辑 // 需要调用 /api/auth/google/bind 接口 console.log("Account binding not yet implemented"); setMessage("Account binding feature is not yet implemented"); } catch (error: any) { console.error("Account binding failed:", error); setMessage(error.message || "Account binding failed"); } }; const handleReturnToLogin = () => { router.push("/login"); }; const renderContent = () => { switch (status) { case "loading": return (

Processing OAuth callback...

); case "success": return (

Login Successful

{message}

); case "conflict": return (

Account Conflict

{message}

{conflictData && (

Email: {conflictData.existingUser?.email}

)}

); case "error": return (

OAuth Failed

{message}

); } }; return (

{status === "loading" && (

OAuth Callback

Please wait while we process your authentication

)} {renderContent()}

); }