update response

refactor: remove WebAppAccessToken
2026-01-24 16:24:55 +00:00 · 2026-01-14 18:51:15 +08:00 · 2026-01-14 17:44:18 +08:00
9 changed files with 5 additions and 44 deletions
--- a/web/app/(shareLayout)/components/splash.tsx
+++ b/web/app/(shareLayout)/components/splash.tsx
@@ -7,7 +7,7 @@ import AppUnavailable from '@/app/components/base/app-unavailable'
 import Loading from '@/app/components/base/loading'
 import { useWebAppStore } from '@/context/web-app-context'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport, webAppLoginStatus, webAppLogout } from '@/service/webapp-auth'
+import { setWebAppPassport, webAppLoginStatus, webAppLogout } from '@/service/webapp-auth'

 const Splash: FC<PropsWithChildren> = ({ children }) => {
  const { t } = useTranslation()
@@ -40,9 +40,6 @@ const Splash: FC<PropsWithChildren> = ({ children }) => {
      return
    }

-    if (tokenFromUrl)
-      setWebAppAccessToken(tokenFromUrl)
-
    const redirectOrFinish = () => {
      if (redirectUrl)
        router.replace(decodeURIComponent(redirectUrl))
--- a/web/app/(shareLayout)/webapp-signin/check-code/page.tsx
+++ b/web/app/(shareLayout)/webapp-signin/check-code/page.tsx
@@ -12,7 +12,7 @@ import { useLocale } from '@/context/i18n'
 import { useWebAppStore } from '@/context/web-app-context'
 import { sendWebAppEMailLoginCode, webAppEmailLoginWithCode } from '@/service/common'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport } from '@/service/webapp-auth'
+import { setWebAppPassport } from '@/service/webapp-auth'
 import { encryptVerificationCode } from '@/utils/encryption'

 export default function CheckCode() {
@@ -66,9 +66,6 @@ export default function CheckCode() {
      setIsLoading(true)
      const ret = await webAppEmailLoginWithCode({ email, code: encryptVerificationCode(code), token })
      if (ret.result === 'success') {
-        if (ret?.data?.access_token) {
-          setWebAppAccessToken(ret.data.access_token)
-        }
        const { access_token } = await fetchAccessToken({
          appCode: appCode!,
          userId: embeddedUserId || undefined,
--- a/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx
+++ b/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx
@@ -12,7 +12,7 @@ import { useLocale } from '@/context/i18n'
 import { useWebAppStore } from '@/context/web-app-context'
 import { webAppLogin } from '@/service/common'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport } from '@/service/webapp-auth'
+import { setWebAppPassport } from '@/service/webapp-auth'
 import { encryptPassword } from '@/utils/encryption'

 type MailAndPasswordAuthProps = {
@@ -82,10 +82,6 @@ export default function MailAndPasswordAuth({ isEmailSetup }: MailAndPasswordAut
        body: loginData,
      })
      if (res.result === 'success') {
-        if (res?.data?.access_token) {
-          setWebAppAccessToken(res.data.access_token)
-        }
-
        const { access_token } = await fetchAccessToken({
          appCode: appCode!,
          userId: embeddedUserId || undefined,
--- a/web/app/signin/components/mail-and-password-auth.tsx
+++ b/web/app/signin/components/mail-and-password-auth.tsx
@@ -11,7 +11,6 @@ import Toast from '@/app/components/base/toast'
 import { emailRegex } from '@/config'
 import { useLocale } from '@/context/i18n'
 import { login } from '@/service/common'
-import { setWebAppAccessToken } from '@/service/webapp-auth'
 import { encryptPassword } from '@/utils/encryption'
 import { resolvePostLoginRedirect } from '../utils/post-login-redirect'

@@ -65,10 +64,6 @@ export default function MailAndPasswordAuth({ isInvite, isEmailSetup, allowRegis
        body: loginData,
      })
      if (res.result === 'success') {
-        if (res?.data?.access_token) {
-          // Track login success event
-          setWebAppAccessToken(res.data.access_token)
-        }
        trackEvent('user_login_success', {
          method: 'email_password',
          is_invite: isInvite,
--- a/web/config/index.ts
+++ b/web/config/index.ts
@@ -179,7 +179,6 @@ export const CSRF_COOKIE_NAME = () => {
  return isSecure ? '__Host-csrf_token' : 'csrf_token'
 }
 export const CSRF_HEADER_NAME = 'X-CSRF-Token'
-export const ACCESS_TOKEN_LOCAL_STORAGE_NAME = 'access_token'
 export const PASSPORT_LOCAL_STORAGE_NAME = (appCode: string) => `passport-${appCode}`
 export const PASSPORT_HEADER_NAME = 'X-App-Passport'

--- a/web/service/common.ts
+++ b/web/service/common.ts
@@ -38,7 +38,6 @@ import { del, get, patch, post, put } from './base'

 type LoginSuccess = {
  result: 'success'
-  data?: { access_token?: string }
 }
 type LoginFail = {
  result: 'fail'
--- a/web/service/fetch.ts
+++ b/web/service/fetch.ts
@@ -4,7 +4,7 @@ import Cookies from 'js-cookie'
 import ky from 'ky'
 import Toast from '@/app/components/base/toast'
 import { API_PREFIX, APP_VERSION, CSRF_COOKIE_NAME, CSRF_HEADER_NAME, IS_MARKETPLACE, MARKETPLACE_API_PREFIX, PASSPORT_HEADER_NAME, PUBLIC_API_PREFIX, WEB_APP_SHARE_CODE_HEADER_NAME } from '@/config'
-import { getWebAppAccessToken, getWebAppPassport } from './webapp-auth'
+import { getWebAppPassport } from './webapp-auth'

 const TIME_OUT = 100000

@@ -93,11 +93,6 @@ const resolveShareCode = () => {
 }

 const beforeRequestPublicWithCode = (request: Request) => {
-  const accessToken = getWebAppAccessToken()
-  if (accessToken)
-    request.headers.set('Authorization', `Bearer ${accessToken}`)
-  else
-    request.headers.delete('Authorization')
  const shareCode = resolveShareCode()
  if (!shareCode)
    return
--- a/web/service/share.ts
+++ b/web/service/share.ts
@@ -42,7 +42,6 @@ import {
  postPublic as post,
  ssePost,
 } from './base'
-import { getWebAppAccessToken } from './webapp-auth'

 function getAction(action: 'get' | 'post' | 'del' | 'patch', isInstalledApp: boolean) {
  switch (action) {
@@ -305,9 +304,6 @@ export const textToAudioStream = (url: string, isPublicAPI: boolean, header: { c
 export const fetchAccessToken = async ({ userId, appCode }: { userId?: string, appCode: string }) => {
  const headers = new Headers()
  headers.append(WEB_APP_SHARE_CODE_HEADER_NAME, appCode)
-  const accessToken = getWebAppAccessToken()
-  if (accessToken)
-    headers.append('Authorization', `Bearer ${accessToken}`)
  const params = new URLSearchParams()
  if (userId)
    params.append('user_id', userId)
--- a/web/service/webapp-auth.ts
+++ b/web/service/webapp-auth.ts
@@ -1,26 +1,14 @@
-import { ACCESS_TOKEN_LOCAL_STORAGE_NAME, PASSPORT_LOCAL_STORAGE_NAME } from '@/config'
+import { PASSPORT_LOCAL_STORAGE_NAME } from '@/config'
 import { getPublic, postPublic } from './base'

-export function setWebAppAccessToken(token: string) {
-  localStorage.setItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME, token)
-}
-
 export function setWebAppPassport(shareCode: string, token: string) {
  localStorage.setItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode), token)
 }

-export function getWebAppAccessToken() {
-  return localStorage.getItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME) || ''
-}
-
 export function getWebAppPassport(shareCode: string) {
  return localStorage.getItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode)) || ''
 }

-export function clearWebAppAccessToken() {
-  localStorage.removeItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME)
-}
-
 export function clearWebAppPassport(shareCode: string) {
  localStorage.removeItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode))
 }
@@ -44,7 +32,6 @@ export async function webAppLoginStatus(shareCode: string, userId?: string) {
 }

 export async function webAppLogout(shareCode: string) {
-  clearWebAppAccessToken()
  clearWebAppPassport(shareCode)
  await postPublic('/logout')
 }
Author	SHA1	Message	Date
Stephen Zhou	18a6b4ac90	update response	2026-01-14 18:51:15 +08:00
Stephen Zhou	32bc319387	refactor: remove WebAppAccessToken	2026-01-14 17:44:18 +08:00