From d78c1459b7dadc2950e0f3818fb91a60a4865bc8 Mon Sep 17 00:00:00 2001
From: wxg0103 <727495428@qq.com>
Date: Wed, 9 Apr 2025 17:56:45 +0800
Subject: [PATCH] refactor: oauth2 state

---
 ui/src/views/login/index.vue | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/ui/src/views/login/index.vue b/ui/src/views/login/index.vue
index 4cacd7ee5..714c439c6 100644
--- a/ui/src/views/login/index.vue
+++ b/ui/src/views/login/index.vue
@@ -153,6 +153,14 @@ interface qrOption {
 
 const orgOptions = ref<qrOption[]>([])
 
+function uuidv4() {
+  return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function (c) {
+    const r = (Math.random() * 16) | 0
+    const v = c === 'x' ? r : (r & 0x3) | 0x8
+    return v.toString(16)
+  })
+}
+
 function redirectAuth(authType: string) {
   if (authType === 'LDAP' || authType === '') {
     return
@@ -191,7 +199,7 @@ function redirectAuth(authType: string) {
         if (authType === 'OAuth2') {
           url =
             `${config.authEndpoint}?client_id=${config.clientId}&response_type=code` +
-            `&redirect_uri=${redirectUrl}&state=${res.data.id}`
+            `&redirect_uri=${redirectUrl}&state=${uuidv4()}`
           if (config.scope) {
             url += `&scope=${config.scope}`
           }