更改回调允许算法

This commit is contained in:
cxykevin 2024-09-08 19:28:07 +08:00
parent 78ecd798c8
commit be11e11397
1 changed files with 1 additions and 1 deletions

View File

@ -277,7 +277,7 @@ async def changepasswd(password: str = Form(), session: Annotated[str | None, Co
@app.get("/login") @app.get("/login")
async def login(state: str = "", client_id: str = "", redirect_url: str = "/user", session: Annotated[str | None, Cookie()] = None): async def login(state: str = "", client_id: str = "", redirect_url: str = "/user", session: Annotated[str | None, Cookie()] = None):
now_redirect_url = redirect_url.replace( now_redirect_url = redirect_url.replace(
"https://", "").replace("http://", "").split("#")[0].rstrip("/") "https://", "").replace("http://", "").split("#")[0].split("/")[0]
if (now_redirect_url not in REDIRECT_URL_WHITELIST): if (now_redirect_url not in REDIRECT_URL_WHITELIST):
return templates.TemplateResponse("checkemail.html", {"request": {}, "msg": cfg.lang["invalid_redirect_url"], "ui": cfg.config["ui"], "lang": cfg.lang}) return templates.TemplateResponse("checkemail.html", {"request": {}, "msg": cfg.lang["invalid_redirect_url"], "ui": cfg.config["ui"], "lang": cfg.lang})
if (session is not None): if (session is not None):