fix: enhance OAuth configuration and add debugging - Add Google OAuth authorization parameters - Add environment variable validation - Add debugging logs for redirect callback - Create OAuth configuration check script

2025-08-01 20:42:03 +08:00
parent 2cd0ebda65
commit e955f4c317
8 changed files with 195 additions and 358 deletions
--- a/scripts/check-env.js
+++ b/scripts/check-env.js
@ -1,71 +0,0 @@
-#!/usr/bin/env node
-
-// 环境变量检查脚本
-console.log("=== 环境变量检查 ===");
-
-const requiredVars = [
-  "NEXTAUTH_URL",
-  "NEXTAUTH_SECRET",
-  "GOOGLE_CLIENT_ID",
-  "GOOGLE_CLIENT_SECRET",
-  "DATABASE_URL",
-];
-
-console.log("\n必需的环境变量:");
-requiredVars.forEach((varName) => {
-  const value = process.env[varName];
-  if (value) {
-    console.log(
-      `✅ ${varName}: ${value.substring(0, 20)}${
-        value.length > 20 ? "..." : ""
-      }`
-    );
-  } else {
-    console.log(`❌ ${varName}: 未设置`);
-  }
-});
-
-console.log("\n=== NEXTAUTH_URL 详细检查 ===");
-const nextAuthUrl = process.env.NEXTAUTH_URL;
-if (nextAuthUrl) {
-  console.log(`原始值: "${nextAuthUrl}"`);
-  console.log(`长度: ${nextAuthUrl.length}`);
-  console.log(`包含引号: ${nextAuthUrl.includes('"')}`);
-  console.log(`包含单引号: ${nextAuthUrl.includes("'")}`);
-
-  // 清理 URL
-  let cleanUrl = nextAuthUrl.trim();
-  if (cleanUrl.startsWith('"') && cleanUrl.endsWith('"')) {
-    cleanUrl = cleanUrl.slice(1, -1);
-    console.log(`清理后: "${cleanUrl}"`);
-  }
-
-  try {
-    new URL(cleanUrl);
-    console.log(`✅ URL 格式有效`);
-  } catch (error) {
-    console.log(`❌ URL 格式无效: ${error.message}`);
-  }
-} else {
-  console.log("❌ NEXTAUTH_URL 未设置");
-}
-
-console.log("\n=== Google OAuth 配置检查 ===");
-const googleClientId = process.env.GOOGLE_CLIENT_ID;
-const googleClientSecret = process.env.GOOGLE_CLIENT_SECRET;
-
-if (googleClientId && googleClientSecret) {
-  console.log("✅ Google OAuth 凭据已设置");
-  console.log(`Client ID 长度: ${googleClientId.length}`);
-  console.log(`Client Secret 长度: ${googleClientSecret.length}`);
-} else {
-  console.log("❌ Google OAuth 凭据未完全设置");
-}
-
-console.log("\n=== 建议 ===");
-console.log("1. 确保 NEXTAUTH_URL 不包含多余的引号");
-console.log("2. 确保 Google OAuth 重定向 URI 配置正确");
-console.log("3. 在 Google Cloud Console 中添加正确的重定向 URI");
-console.log(
-  "4. 重定向 URI 格式应为: https://your-domain.com/api/auth/callback/google"
-);
--- a/scripts/check-oauth.sh
+++ b/scripts/check-oauth.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+
+echo "🔍 检查 OAuth 配置..."
+
+# 检查环境变量
+echo "📋 环境变量检查:"
+echo "NEXTAUTH_URL: ${NEXTAUTH_URL:-'未设置'}"
+echo "NEXTAUTH_SECRET: ${NEXTAUTH_SECRET:-'未设置'}"
+echo "GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID:-'未设置'}"
+
+# 检查容器环境变量
+echo ""
+echo "🐳 Docker 容器环境变量:"
+docker exec recorder-app env | grep -E "(NEXTAUTH|GOOGLE)" || echo "无法获取容器环境变量"
+
+# 检查应用日志
+echo ""
+echo "📝 最近的认证日志:"
+docker logs recorder-app --tail 50 | grep -i "auth\|oauth\|redirect" || echo "未找到相关日志"
+
+# 检查网络连接
+echo ""
+echo "🌐 网络连接检查:"
+curl -I https://recorder.zyj.best 2>/dev/null | head -1 || echo "无法连接到网站"
+
+echo ""
+echo "✅ 检查完成！"
+echo ""
+echo "📋 下一步操作:"
+echo "1. 确保 Google Cloud Console 中配置了正确的重定向 URI"
+echo "2. 重启应用: ./deploy.sh"
+echo "3. 检查日志: docker logs recorder-app" 
--- a/scripts/oauth-debug.js
+++ b/scripts/oauth-debug.js
@ -1,64 +0,0 @@
-#!/usr/bin/env node
-
-// OAuth 调试脚本
-console.log("=== OAuth 配置调试 ===");
-
-// 模拟服务器环境变量
-const envVars = {
-  NEXTAUTH_URL: "https://recorder.zyj.best",
-  GOOGLE_CLIENT_ID:
-    "1060072115182-l5u59vrbs2lmcpg7pnn72bc8h37eolff.apps.googleusercontent.com",
-  GOOGLE_CLIENT_SECRET: "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",
-};
-
-console.log("\n=== 环境变量检查 ===");
-Object.entries(envVars).forEach(([key, value]) => {
-  console.log(`✅ ${key}: ${value.substring(0, 30)}...`);
-});
-
-console.log("\n=== 重定向 URI 分析 ===");
-const nextAuthUrl = envVars.NEXTAUTH_URL;
-const expectedRedirectUri = `${nextAuthUrl}/api/auth/callback/google`;
-
-console.log(`NEXTAUTH_URL: ${nextAuthUrl}`);
-console.log(`预期的重定向 URI: ${expectedRedirectUri}`);
-
-// 验证 URL 格式
-try {
-  new URL(nextAuthUrl);
-  console.log("✅ NEXTAUTH_URL 格式有效");
-} catch (error) {
-  console.log(`❌ NEXTAUTH_URL 格式无效: ${error.message}`);
-}
-
-try {
-  new URL(expectedRedirectUri);
-  console.log("✅ 重定向 URI 格式有效");
-} catch (error) {
-  console.log(`❌ 重定向 URI 格式无效: ${error.message}`);
-}
-
-console.log("\n=== Google Cloud Console 配置检查 ===");
-console.log("请在 Google Cloud Console 中验证以下配置：");
-console.log("1. 项目 ID: 检查你的 Google Cloud 项目");
-console.log(
-  "2. OAuth 2.0 客户端 ID: 1060072115182-l5u59vrbs2lmcpg7pnn72bc8h37eolff.apps.googleusercontent.com"
-);
-console.log("3. 授权重定向 URI 应包含:");
-console.log(`   - ${expectedRedirectUri}`);
-
-console.log("\n=== 常见问题排查 ===");
-console.log("1. 确保 Google Cloud Console 中的重定向 URI 完全匹配");
-console.log("2. 检查是否有额外的空格或引号");
-console.log("3. 确保协议是 https（不是 http）");
-console.log("4. 检查域名是否正确（recorder.zyj.best）");
-
-console.log("\n=== 测试步骤 ===");
-console.log("1. 访问: https://recorder.zyj.best/login");
-console.log("2. 点击 '使用 Google 登录'");
-console.log("3. 观察浏览器地址栏的重定向 URL");
-console.log("4. 检查是否与 Google Cloud Console 中的配置匹配");
-
-console.log("\n=== 调试命令 ===");
-console.log("在服务器上运行以下命令查看应用日志：");
-console.log("docker logs recorder-app --tail 50");