From cc9c9c63442e264ba3f2f9aad66878df089e94ff Mon Sep 17 00:00:00 2001
From: Stephen Zhou <38493346+hyoban@users.noreply.github.com>
Date: Sun, 1 Mar 2026 15:39:09 +0800
Subject: [PATCH] fix: remove REDIRECT_URL_KEY from url (#32770)

---
 web/app/account/oauth/authorize/constants.ts  |  3 --
 web/app/account/oauth/authorize/page.tsx      | 19 ++-------
 web/app/components/app-initializer.tsx        |  2 +-
 web/app/signin/check-code/page.tsx            |  2 +-
 .../components/mail-and-password-auth.tsx     |  2 +-
 web/app/signin/invite-settings/page.tsx       |  2 +-
 web/app/signin/normal-form.tsx                |  2 +-
 web/app/signin/utils/post-login-redirect.ts   | 40 +++++--------------
 8 files changed, 17 insertions(+), 55 deletions(-)
 delete mode 100644 web/app/account/oauth/authorize/constants.ts

diff --git a/web/app/account/oauth/authorize/constants.ts b/web/app/account/oauth/authorize/constants.ts
deleted file mode 100644
index f1d8b98ef4..0000000000
--- a/web/app/account/oauth/authorize/constants.ts
+++ /dev/null
@@ -1,3 +0,0 @@
-export const OAUTH_AUTHORIZE_PENDING_KEY = 'oauth_authorize_pending'
-export const REDIRECT_URL_KEY = 'oauth_redirect_url'
-export const OAUTH_AUTHORIZE_PENDING_TTL = 60 * 3
diff --git a/web/app/account/oauth/authorize/page.tsx b/web/app/account/oauth/authorize/page.tsx
index c923d6457a..b62355768f 100644
--- a/web/app/account/oauth/authorize/page.tsx
+++ b/web/app/account/oauth/authorize/page.tsx
@@ -7,7 +7,6 @@ import {
   RiMailLine,
   RiTranslate2,
 } from '@remixicon/react'
-import dayjs from 'dayjs'
 import { useRouter, useSearchParams } from 'next/navigation'
 import * as React from 'react'
 import { useEffect, useRef } from 'react'
@@ -17,22 +16,10 @@ import Button from '@/app/components/base/button'
 import Loading from '@/app/components/base/loading'
 import Toast from '@/app/components/base/toast'
 import { useLanguage } from '@/app/components/header/account-setting/model-provider-page/hooks'
+import { setPostLoginRedirect } from '@/app/signin/utils/post-login-redirect'
 import { useAppContext } from '@/context/app-context'
 import { useIsLogin } from '@/service/use-common'
 import { useAuthorizeOAuthApp, useOAuthAppInfo } from '@/service/use-oauth'
-import {
-  OAUTH_AUTHORIZE_PENDING_KEY,
-  OAUTH_AUTHORIZE_PENDING_TTL,
-  REDIRECT_URL_KEY,
-} from './constants'
-
-function setItemWithExpiry(key: string, value: string, ttl: number) {
-  const item = {
-    value,
-    expiry: dayjs().add(ttl, 'seconds').unix(),
-  }
-  localStorage.setItem(key, JSON.stringify(item))
-}
 
 function buildReturnUrl(pathname: string, search: string) {
   try {
@@ -86,8 +73,8 @@ export default function OAuthAuthorize() {
   const onLoginSwitchClick = () => {
     try {
       const returnUrl = buildReturnUrl('/account/oauth/authorize', `?client_id=${encodeURIComponent(client_id)}&redirect_uri=${encodeURIComponent(redirect_uri)}`)
-      setItemWithExpiry(OAUTH_AUTHORIZE_PENDING_KEY, returnUrl, OAUTH_AUTHORIZE_PENDING_TTL)
-      router.push(`/signin?${REDIRECT_URL_KEY}=${encodeURIComponent(returnUrl)}`)
+      setPostLoginRedirect(returnUrl)
+      router.push('/signin')
     }
     catch {
       router.push('/signin')
diff --git a/web/app/components/app-initializer.tsx b/web/app/components/app-initializer.tsx
index dfbac5d743..e4cd10175a 100644
--- a/web/app/components/app-initializer.tsx
+++ b/web/app/components/app-initializer.tsx
@@ -84,7 +84,7 @@ export const AppInitializer = ({
           return
         }
 
-        const redirectUrl = resolvePostLoginRedirect(searchParams)
+        const redirectUrl = resolvePostLoginRedirect()
         if (redirectUrl) {
           location.replace(redirectUrl)
           return
diff --git a/web/app/signin/check-code/page.tsx b/web/app/signin/check-code/page.tsx
index 59579a76ec..1b01381aab 100644
--- a/web/app/signin/check-code/page.tsx
+++ b/web/app/signin/check-code/page.tsx
@@ -57,7 +57,7 @@ export default function CheckCode() {
           router.replace(`/signin/invite-settings?${searchParams.toString()}`)
         }
         else {
-          const redirectUrl = resolvePostLoginRedirect(searchParams)
+          const redirectUrl = resolvePostLoginRedirect()
           router.replace(redirectUrl || '/apps')
         }
       }
diff --git a/web/app/signin/components/mail-and-password-auth.tsx b/web/app/signin/components/mail-and-password-auth.tsx
index 92165bb65b..41f26d9a40 100644
--- a/web/app/signin/components/mail-and-password-auth.tsx
+++ b/web/app/signin/components/mail-and-password-auth.tsx
@@ -78,7 +78,7 @@ export default function MailAndPasswordAuth({ isInvite, isEmailSetup, allowRegis
           router.replace(`/signin/invite-settings?${searchParams.toString()}`)
         }
         else {
-          const redirectUrl = resolvePostLoginRedirect(searchParams)
+          const redirectUrl = resolvePostLoginRedirect()
           router.replace(redirectUrl || '/apps')
         }
       }
diff --git a/web/app/signin/invite-settings/page.tsx b/web/app/signin/invite-settings/page.tsx
index c16a580b3a..600b8af994 100644
--- a/web/app/signin/invite-settings/page.tsx
+++ b/web/app/signin/invite-settings/page.tsx
@@ -56,7 +56,7 @@ export default function InviteSettingsPage() {
       if (res.result === 'success') {
         // Tokens are now stored in cookies by the backend
         await setLocaleOnClient(language, false)
-        const redirectUrl = resolvePostLoginRedirect(searchParams)
+        const redirectUrl = resolvePostLoginRedirect()
         router.replace(redirectUrl || '/apps')
       }
     }
diff --git a/web/app/signin/normal-form.tsx b/web/app/signin/normal-form.tsx
index be0feea6c1..57f1dd8609 100644
--- a/web/app/signin/normal-form.tsx
+++ b/web/app/signin/normal-form.tsx
@@ -42,7 +42,7 @@ const NormalForm = () => {
     try {
       if (isLoggedIn) {
         setIsRedirecting(true)
-        const redirectUrl = resolvePostLoginRedirect(searchParams)
+        const redirectUrl = resolvePostLoginRedirect()
         router.replace(redirectUrl || '/apps')
         return
       }
diff --git a/web/app/signin/utils/post-login-redirect.ts b/web/app/signin/utils/post-login-redirect.ts
index b548a1bac9..a94fb2ad79 100644
--- a/web/app/signin/utils/post-login-redirect.ts
+++ b/web/app/signin/utils/post-login-redirect.ts
@@ -1,37 +1,15 @@
-import type { ReadonlyURLSearchParams } from 'next/navigation'
-import dayjs from 'dayjs'
-import { OAUTH_AUTHORIZE_PENDING_KEY, REDIRECT_URL_KEY } from '@/app/account/oauth/authorize/constants'
+let postLoginRedirect: string | null = null
 
-function getItemWithExpiry(key: string): string | null {
-  const itemStr = localStorage.getItem(key)
-  if (!itemStr)
-    return null
-
-  try {
-    const item = JSON.parse(itemStr)
-    localStorage.removeItem(key)
-    if (!item?.value)
-      return null
-
-    return dayjs().unix() > item.expiry ? null : item.value
-  }
-  catch {
-    return null
-  }
+export const setPostLoginRedirect = (value: string | null) => {
+  postLoginRedirect = value
 }
 
-export const resolvePostLoginRedirect = (searchParams: ReadonlyURLSearchParams) => {
-  const redirectUrl = searchParams.get(REDIRECT_URL_KEY)
-  if (redirectUrl) {
-    try {
-      localStorage.removeItem(OAUTH_AUTHORIZE_PENDING_KEY)
-      return decodeURIComponent(redirectUrl)
-    }
-    catch (e) {
-      console.error('Failed to decode redirect URL:', e)
-      return redirectUrl
-    }
+export const resolvePostLoginRedirect = () => {
+  if (postLoginRedirect) {
+    const redirectUrl = postLoginRedirect
+    postLoginRedirect = null
+    return redirectUrl
   }
 
-  return getItemWithExpiry(OAUTH_AUTHORIZE_PENDING_KEY)
+  return null
 }