添加 OIDC 认证支持，更新环境变量配置，重构 Docker Compose 文件，移除旧的 Dex 初始化脚本，优化用户模型，更新前端登录流程，支持通过 OIDC 登录。

2026-06-04 14:22:57 +00:00 · 2025-08-18 20:50:43 +08:00
parent fa80805bb1
commit 4da39f2d6a
12 changed files with 233 additions and 179 deletions
@@ -23,7 +23,6 @@ var (
 	jwtSecret         []byte
 )

-const oauthStateString = "random"

 // AppClaims represents the custom claims for the JWT.
 type AppClaims struct {
@@ -124,10 +123,9 @@ func HandleGitHubCallback(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	// For now we don't have a user database, so we create a user object on the fly.
-	// In phase 3, we will save/get the user from the database here.
+	// Create user object using Subject instead of GitHubID
 	user := &core.User{
-		GitHubID:  githubUser.ID,
+		Subject:   fmt.Sprintf("github:%d", githubUser.ID),
 		Login:     githubUser.Login,
 		AvatarURL: githubUser.AvatarURL,
 		Name:      githubUser.Name,
@@ -147,7 +145,7 @@ func HandleGitHubCallback(w http.ResponseWriter, r *http.Request) {
 func createJWT(user *core.User) (string, error) {
 	claims := AppClaims{
 		RegisteredClaims: jwt.RegisteredClaims{
-			Subject:   fmt.Sprintf("%d", user.GitHubID),
+			Subject:   user.Subject,
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 7)), // 1 week
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 		},