From edc843951b4cc79f082020f6ef0720895e462af9 Mon Sep 17 00:00:00 2001
From: 237899745 <237899745@workyai.cn>
Date: Thu, 28 May 2026 00:46:24 +0800
Subject: [PATCH] fix: stabilize admin social redirect

---
 routes/api_social.py       | 15 +++++++++++++++
 templates/admin_login.html | 34 ++++++++++++++++++++++++++++++----
 2 files changed, 45 insertions(+), 4 deletions(-)

diff --git a/routes/api_social.py b/routes/api_social.py
index 8fa7720..0d8442f 100644
--- a/routes/api_social.py
+++ b/routes/api_social.py
@@ -341,6 +341,21 @@ def admin_auth_social_callback():
     )
 
 
+@api_social_bp.route("/yuyx/api/admin-auth/social/session", methods=["GET"])
+def admin_auth_social_session():
+    admin_id = int(session.get("admin_id") or 0)
+    if not admin_id:
+        return jsonify({"authenticated": False}), 401
+    admin = database.get_admin_by_id(admin_id)
+    if not admin:
+        session.pop("admin_id", None)
+        session.pop("admin_username", None)
+        session.pop("admin_reauth_until", None)
+        session.modified = True
+        return jsonify({"authenticated": False}), 401
+    return jsonify({"authenticated": True, "username": admin.get("username") or ""})
+
+
 @api_social_bp.route("/yuyx/api/admin-auth/social/qr", methods=["GET"])
 def admin_auth_social_qr():
     value = str(request.args.get("data") or "").strip()
diff --git a/templates/admin_login.html b/templates/admin_login.html
index c3ec77c..a2915b6 100644
--- a/templates/admin_login.html
+++ b/templates/admin_login.html
@@ -683,6 +683,25 @@
             }
         }
 
+        async function waitForAdminSession(maxAttempts = 8) {
+            for (let attempt = 0; attempt < maxAttempts; attempt += 1) {
+                try {
+                    const response = await fetch('/yuyx/api/admin-auth/social/session', {
+                        method: 'GET',
+                        credentials: 'same-origin',
+                        cache: 'no-store'
+                    });
+                    if (response.ok) {
+                        return true;
+                    }
+                } catch (error) {
+                    // retry below
+                }
+                await new Promise((resolve) => setTimeout(resolve, 180 + attempt * 120));
+            }
+            return false;
+        }
+
         async function handleSocialCallback() {
             const params = new URLSearchParams(window.location.search || '');
             const provider = String(params.get('provider') || params.get('type') || '').trim();
@@ -703,17 +722,24 @@
                     return;
                 }
                 showSuccess('登录成功，正在跳转...');
-                window.setTimeout(() => {
-                    window.location.replace(data.redirect || '/yuyx/admin');
-                }, 500);
+                await waitForAdminSession();
+                window.location.replace(data.redirect || '/yuyx/admin');
             } catch (error) {
                 showError('快捷登录失败');
             }
         }
 
         document.addEventListener('DOMContentLoaded', () => {
+            const params = new URLSearchParams(window.location.search || '');
+            const hasSocialCallback = Boolean(
+                String(params.get('code') || '').trim()
+                && String(params.get('provider') || params.get('type') || '').trim()
+            );
+            if (hasSocialCallback) {
+                handleSocialCallback();
+                return;
+            }
             loadSocialConfig();
-            handleSocialCallback();
         });
     </script>
 </body>