feat: redesign profile pages and fix activity create layout #27
Conversation
- Redesign /me and /user/[id] pages with modern hero sections - Fix avatar clipping by moving avatars outside overflow containers - Use Bootstrap utility classes for responsive styling - Adjust activity/create editor to responsive column layout - Fix hydration error on /me page by using SSR props directly
📝 WalkthroughWalkthroughImplements OAuth authentication and user profile features, including server-side session validation, login page redirection, session restoration on app startup, enhanced sign-in/sign-out UI in UserBar, and new user profile pages. Updates activity creation layout and adds configuration documentation. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Browser as Browser/<br/>Next.js Client
participant App as App<br/>(_app.tsx)
participant Login as Login Page
participant OAuth as GitHub OAuth
participant Server as Server
participant Session as Session Store
rect rgb(200, 220, 255)
Note over Browser,Server: App Startup - Session Restoration
User->>Browser: Visit app
activate App
App->>App: componentDidMount()
App->>App: initSession() [if JWT exists]
App->>Session: getProfile()
Session->>Server: Fetch user profile
alt Profile fetch succeeds
Server-->>Session: User data
Session-->>App: User loaded
App->>App: Update session store
else Profile fetch fails (401/403)
Server-->>Session: Error
Session-->>App: Error logged
App->>Session: signOut()
Session-->>Browser: Clear JWT
end
deactivate App
end
rect rgb(220, 255, 220)
Note over User,Server: Login Flow - Unauthenticated User
User->>Browser: Click sign-in button
Browser->>Browser: Redirect to /login
Browser->>Login: Load login page
Login->>Server: sessionGuard validation
alt No JWT present
Server-->>Login: Proceed to login UI
Login->>Browser: Render loading + spinner
end
User->>Login: Redirected from GitHub OAuth
Login->>Login: jwtPayload present
Login->>Session: Store user profile
Login->>Browser: Redirect to target URL
Browser->>Browser: Navigate (e.g., to /)
end
rect rgb(255, 240, 200)
Note over Browser,Server: Auth Failure - 401/403 Redirect
User->>Browser: Perform authenticated request
Browser->>Server: API call (with Authorization)
Server->>Server: Check auth
alt Auth fails (401/403)
Server-->>Browser: HTTPError 401/403
Browser->>Browser: HTTP middleware catches error
Browser->>Browser: Check if not server
Browser->>Browser: Redirect to /login
else Auth succeeds
Server-->>Browser: Success response
Browser->>Browser: Render content
end
end
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes
Possibly related PRs
Suggested labels
Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
pages/api/core.ts (1)
84-89: Harden JWT cookie with HttpOnly/Secure/SameSite flagsThe JWT session token is currently set without any security flags:
res.setHeader('Set-Cookie', `JWT=${user.token}; Path=/`);This makes the token readable from JavaScript and more exposed to XSS and CSRF‑style attacks. Add HttpOnly, Secure (in production), and SameSite flags:
- res.setHeader('Set-Cookie', `JWT=${user.token}; Path=/`); + const isProd = process.env.NODE_ENV === 'production'; + res.setHeader( + 'Set-Cookie', + [ + `JWT=${user.token}`, + 'Path=/', + 'HttpOnly', + isProd ? 'Secure' : '', + 'SameSite=Lax', + ] + .filter(Boolean) + .join('; '), + );This significantly reduces the blast radius if any XSS occurs and improves CSRF resistance for JWT‑backed requests.
🧹 Nitpick comments (4)
pages/login.tsx (1)
17-24: Consider hydration error prevention and error handling.The redirect logic looks correct, but consider these improvements:
Effect cleanup: If the component unmounts during redirect (e.g., user navigates away), the
router.replacecould throw. Consider adding cleanup or error handling.Session storage timing: Direct assignment on Line 19 (
sessionStore.user = jwtPayload) happens before the redirect completes. If the target page immediately reads session state, ensure MobX reactivity has settled.No-op when jwtPayload is absent: The effect only runs when
jwtPayloadexists, which is correct. However, consider what happens if a user reaches this page without a valid session—should there be a fallback UI or redirect to home?Consider adding error boundary or try-catch:
useEffect(() => { if (jwtPayload) { sessionStore.user = jwtPayload; const targetUrl = typeof redirect === 'string' ? redirect : '/'; - router.replace(targetUrl); + router.replace(targetUrl).catch(error => { + console.error('Redirect failed:', error); + }); } }, [jwtPayload, redirect, router]);pages/me/index.tsx (1)
48-68: Optional: consider factoring repeated avatar/action patterns into shared componentsThe avatar block and some of the action button patterns overlap conceptually with
/user/[id].tsx. Extracting a smallAvatarand/orProfileActionscomponent could reduce duplication and keep behavior (e.g., future avatar sizing or styling tweaks) consistent across pages.Also applies to: 166-188
pages/user/[id].tsx (2)
75-89: GitHub link assumesnameis a username; consider using an explicit field or guardingThe GitHub button currently links to:
href={`https://github.com/${name}`}This only works reliably if
nameis guaranteed to be the GitHub handle. In many user models,nameis a display name, which can contain spaces or non‑ASCII characters and won’t map cleanly to a GitHub profile URL.Consider either:
- Using an explicit
githubLogin(or similar) field fromUser, if available, or- Guarding the link so it’s only active when you have a valid GitHub handle, e.g.:
- <a - href={`https://github.com/${name}`} + {name && ( + <a + href={`https://github.com/${encodeURIComponent(name)}`} target="_blank" rel="noreferrer" ... - > - <Icon name="github" /> - </a> + > + <Icon name="github" /> + </a> + )}This avoids obviously broken or misleading links for users whose
nameisn’t their GitHub username.
90-120: Optional: clarify placeholder social buttons to avoid implying wired accountsThe QQ/WeChat/Weibo icons are rendered as styled
<span>elements without any actual linking or behavior. Visually they look like active buttons, which can confuse users if they click and nothing happens.If these are placeholders for future work, consider:
- Reducing opacity / disabling pointer events, or
- Hiding them until real profile data (e.g.,
That keeps the UI honest about which socials are actually connected.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (14)
.env.development(1 hunks)README.md(1 hunks)components/User/UserBar.tsx(2 hunks)docs/TASKS.md(1 hunks)models/User/Session.ts(1 hunks)pages/_app.tsx(2 hunks)pages/activity/create.module.less(0 hunks)pages/activity/create.tsx(1 hunks)pages/api/core.ts(1 hunks)pages/login.tsx(1 hunks)pages/me/index.module.less(1 hunks)pages/me/index.tsx(1 hunks)pages/user/[id].module.less(1 hunks)pages/user/[id].tsx(2 hunks)
💤 Files with no reviewable changes (1)
- pages/activity/create.module.less
🧰 Additional context used
🧬 Code graph analysis (5)
pages/me/index.tsx (5)
pages/activity/create.tsx (1)
getServerSideProps(14-14)pages/login.tsx (1)
getServerSideProps(11-11)pages/user/[id].tsx (1)
getServerSideProps(19-24)pages/api/core.ts (1)
sessionGuard(115-115)models/Base/Translation.ts (1)
I18nContext(44-44)
pages/login.tsx (4)
pages/activity/create.tsx (1)
getServerSideProps(14-14)pages/me/index.tsx (1)
getServerSideProps(15-15)pages/api/core.ts (1)
sessionGuard(115-115)components/layout/PageHead.tsx (1)
PageHead(11-19)
components/User/UserBar.tsx (1)
components/layout/MainNavigation.tsx (1)
() => import('../User/UserBar')(10-10)
models/User/Session.ts (1)
configuration/index.ts (3)
API_HOST(10-10)isServer(3-3)globalThis(12-15)
pages/api/core.ts (3)
configuration/index.ts (1)
process(8-8)models/Git.ts (1)
next(15-21)next.config.ts (1)
beforeFiles(25-38)
🪛 dotenv-linter (4.0.0)
.env.development
[warning] 4-4: [SpaceCharacter] The line has spaces around equal sign
(SpaceCharacter)
🔇 Additional comments (8)
README.md (1)
29-57: LGTM! Clear and comprehensive setup documentation.The environment configuration section provides excellent guidance for developers. The OAuth setup instructions are particularly helpful.
pages/activity/create.tsx (1)
33-45: LGTM! Well-structured responsive layout.The Bootstrap grid implementation is clean and follows best practices. The responsive column sizing (lg=10, xl=8) provides appropriate width constraints for the form.
docs/TASKS.md (1)
1-191: LGTM! Excellent project planning documentation.The task breakdown is comprehensive and well-structured, with clear acceptance criteria and scope definitions for each milestone. This will help maintain organized development flow.
pages/me/index.module.less (1)
1-18: LGTM! Clean styling module.The styles are well-structured with appropriate transitions and theming. The gradient and hover effects enhance the UI.
pages/user/[id].module.less (1)
1-46: LGTM! Consistent styling with good interaction states.The styling module provides good visual feedback with transitions and hover states. The use of
:globalselectors for Bootstrap classes is appropriate.pages/me/index.tsx (1)
17-27: Session source and hydration behavior look soundUsing
jwtPayloadfromgetServerSidePropsas the primary user source and mirroring it intosessionStore.userinuseEffect, while resolvinguser = jwtPayload || sessionStore.user, avoids hydration mismatches and still keeps the MobX store in sync. The null fallback whenuseris missing is a reasonable guard givensessionGuardshould already handle redirects.components/User/UserBar.tsx (1)
14-18: Login redirect handling is correct locally; verify server-side validation
loginUrlcorrectly encodesrouter.asPath, and the UI cleanly distinguishes authenticated (dropdown) vs unauthenticated (GitHub sign‑in button) states. The only remaining concern is how/loginconsumes theredirectquery:
- If
/loginblindly redirects toredirect, a crafted URL could potentially be used for open redirects.- Ideally, the login handler should allow only internal paths and ignore or sanitize absolute URLs.
Given that logic lives outside this file, please confirm
/pages/login.tsxvalidatesredirectas an internal path before using it.Also applies to: 25-49
pages/_app.tsx (1)
14-16: > Likely an incorrect or invalid review comment.
| NEXT_PUBLIC_API_HOST = http://127.0.0.1:8080 | ||
|
|
||
| # Skip OAuth proxy for local development (proxy server may be unavailable) | ||
| SKIP_OAUTH_PROXY = 1 |
There was a problem hiding this comment.
Remove spaces around the equal sign.
Environment variable assignments should not have spaces around the = operator, as some parsers may not handle them correctly.
Apply this diff:
-SKIP_OAUTH_PROXY = 1
+SKIP_OAUTH_PROXY=1📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| SKIP_OAUTH_PROXY = 1 | |
| SKIP_OAUTH_PROXY=1 |
🧰 Tools
🪛 dotenv-linter (4.0.0)
[warning] 4-4: [SpaceCharacter] The line has spaces around equal sign
(SpaceCharacter)
🤖 Prompt for AI Agents
.env.development lines 4-4: the environment variable assignment has spaces
around the '=' which can break some parsers; edit the line to remove the spaces
so it uses the canonical format SKIP_OAUTH_PROXY=1 (no spaces) and save the
file.
| .use(async ({ request }, next) => { | ||
| try { | ||
| return await next(); | ||
| } catch (error) { | ||
| if (error instanceof HTTPError) { | ||
| const { status } = error.response; | ||
|
|
||
| if (status === 401 || status === 403) { | ||
| if (!isServer()) { | ||
| const currentPath = globalThis.location?.pathname || '/'; | ||
| const loginUrl = `/login?redirect=${encodeURIComponent(currentPath)}`; | ||
|
|
||
| globalThis.location?.assign(loginUrl); | ||
| } | ||
| } | ||
| } | ||
| throw error; | ||
| } | ||
| }); |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
find . -type f -name "Session.ts" | head -20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 92
🏁 Script executed:
git ls-files | grep -E "(login|auth)" | grep -E "\.(ts|tsx|js)$" | head -20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 83
🏁 Script executed:
fd -e ts -e tsx | grep -i session | head -20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 90
🏁 Script executed:
cat -n models/User/Session.tsRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 3357
🏁 Script executed:
cat -n pages/login.tsxRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 1385
🏁 Script executed:
rg -n "sessionGuard" pages/api/core.ts pages/api/core.js -A 20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 254
🏁 Script executed:
fd -e ts -e js | xargs grep -l "sessionGuard" | head -10Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 85
🏁 Script executed:
cat -n pages/api/core.tsRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 4172
🏁 Script executed:
rg -n "ownClient|client\." pages/login.tsxRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 50
🏁 Script executed:
rg -n "fetch\|axios\|ownClient" pages/login.tsx pages/api/core.ts | grep -E "(fetch|axios|ownClient)"Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 50
🏁 Script executed:
rg -n "location.assign|location.href" --type ts --type tsx | head -20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 95
🏁 Script executed:
rg -n "401|403" models/User/Session.ts pages/login.tsx pages/api/core.tsRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 141
The error re-throw after redirect is unnecessary but has minimal impact.
Line 31 throws the error even after initiating the redirect on line 27. Since location.assign() immediately begins navigation, the error propagates to calling code briefly before the page unloads. While this could cause transient console errors, the page navigation will complete and the error becomes moot. Consider not re-throwing the error after a successful redirect initiation.
Regarding infinite redirects: The login page is protected by server-side middleware (sessionGuard) in getServerSideProps and does not make client-side authenticated API calls, so it will not trigger the 401/403 error handler. This redirect scenario is not a concern for the login page specifically.
🤖 Prompt for AI Agents
In models/User/Session.ts around lines 15 to 33, the catch block re-throws the
HTTPError even after initiating a client-side redirect via
globalThis.location.assign(), which causes transient console errors; modify the
handler so that when status is 401 or 403 and a redirect is initiated (i.e.,
when not isServer()), do not re-throw the error — instead return or swallow the
error flow after calling location.assign(); in all other cases (not redirected
or non-401/403 errors) keep the current behavior and re-throw the error so
callers still receive exceptions.
| const client_id = process.env.GITHUB_OAUTH_CLIENT_ID, | ||
| client_secret = process.env.GITHUB_OAUTH_CLIENT_SECRET; | ||
|
|
||
| if (!client_id || !client_secret) { | ||
| console.error( | ||
| '[OAuth Config Error] Missing required environment variables:\n' + | ||
| ' - GITHUB_OAUTH_CLIENT_ID\n' + | ||
| ' - GITHUB_OAUTH_CLIENT_SECRET\n' + | ||
| 'Please configure them in .env.local or environment settings.', | ||
| ); | ||
| } | ||
|
|
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat -n pages/api/core.ts | head -120Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 4172
🏁 Script executed:
rg -n "githubSigner|sessionGuard" --type tsRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 5000
🏁 Script executed:
# Check if there are any try-catch blocks or validation around githubSigner construction
grep -A 10 -B 5 "export const githubSigner" pages/api/core.tsRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 535
🏁 Script executed:
# Check if GITHUB_OAUTH_CLIENT_ID/SECRET are set anywhere in config or .env files
find . -type f \( -name ".env*" -o -name "configuration*" -o -name "config*" \) | head -20Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 107
🏁 Script executed:
cat .env .env.development 2>/dev/null | head -50Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 411
🏁 Script executed:
# Search for any actual validation or error handling around githubSigner usage before the routes
rg -n "client_id|client_secret|GITHUB_OAUTH" pages/ --type ts | grep -v node_modulesRepository: FreeCodeCamp-Chengdu/HOP
Length of output: 504
🏁 Script executed:
# Check if there are any tests or documentation about githubOAuth2 behavior
find . -name "*.test.*" -o -name "*.spec.*" | xargs grep -l "githubOAuth2\|githubSigner" 2>/dev/null | head -5Repository: FreeCodeCamp-Chengdu/HOP
Length of output: 50
Add fail-fast validation for OAuth configuration
The environment variable check correctly logs an error when GITHUB_OAUTH_CLIENT_ID or GITHUB_OAUTH_CLIENT_SECRET are missing, but githubSigner is still constructed unconditionally with non-null assertions:
const client_id = process.env.GITHUB_OAUTH_CLIENT_ID,
client_secret = process.env.GITHUB_OAUTH_CLIENT_SECRET;
if (!client_id || !client_secret) {
console.error('[OAuth Config Error] Missing required environment variables...');
}
export const githubSigner = githubOAuth2({
client_id: client_id!,
client_secret: client_secret!,
...
});Non-null assertions (!) only affect TypeScript types. At runtime, undefined will still be passed to githubOAuth2(), affecting all 40+ routes using sessionGuard (e.g., pages/login.tsx, pages/me/index.tsx, etc.), resulting in confusing OAuth failures instead of immediate feedback.
Replace the console.error with a throw:
if (!client_id || !client_secret) {
- console.error('[OAuth Config Error] Missing required environment variables...');
+ throw new Error('[OAuth Config Error] Missing GITHUB_OAUTH_CLIENT_ID or GITHUB_OAUTH_CLIENT_SECRET');
}Then remove the non-null assertions:
- client_id: client_id!,
- client_secret: client_secret!,
+ client_id,
+ client_secret,This applies to lines 92–111.
🤖 Prompt for AI Agents
In pages/api/core.ts around lines 92–111 the code only logs missing
GITHUB_OAUTH_CLIENT_ID / GITHUB_OAUTH_CLIENT_SECRET but still constructs
githubSigner using non-null assertions, allowing undefined to be passed at
runtime; change the log to a fail-fast throw (e.g., throw new Error with the
same descriptive message) when either env var is missing, and then remove the
non-null assertions when passing client_id and client_secret to githubOAuth2 so
the code never constructs the signer with undefined values.
| if (!client_id || !client_secret) { | ||
| console.error( | ||
| '[OAuth Config Error] Missing required environment variables:\n' + | ||
| ' - GITHUB_OAUTH_CLIENT_ID\n' + | ||
| ' - GITHUB_OAUTH_CLIENT_SECRET\n' + | ||
| 'Please configure them in .env.local or environment settings.', | ||
| ); | ||
| } |
There was a problem hiding this comment.
| if (!client_id || !client_secret) { | |
| console.error( | |
| '[OAuth Config Error] Missing required environment variables:\n' + | |
| ' - GITHUB_OAUTH_CLIENT_ID\n' + | |
| ' - GITHUB_OAUTH_CLIENT_SECRET\n' + | |
| 'Please configure them in .env.local or environment settings.', | |
| ); | |
| } | |
| if (!client_id || !client_secret) { | |
| throw new ReferenceError( | |
| `[OAuth Config Error] Missing required environment variables: | |
| - GITHUB_OAUTH_CLIENT_ID | |
| - GITHUB_OAUTH_CLIENT_SECRET | |
| Please configure them in .env.local or environment settings.`, | |
| ); |
| client_id, | ||
| client_secret, | ||
| rootBaseURL: useProxy ? `${ProxyBaseURL}/github.com/` : undefined, | ||
| client_id: client_id!, | ||
| client_secret: client_secret!, |
| useEffect(() => { | ||
| if (jwtPayload) sessionStore.user = jwtPayload; | ||
| }, [jwtPayload]); | ||
|
|
||
| const user = jwtPayload || sessionStore.user; | ||
|
|
||
| if (!user) return null; | ||
|
|
||
| const { name, email, avatar, mobilePhone } = user; |
There was a problem hiding this comment.
| useEffect(() => { | |
| if (jwtPayload) sessionStore.user = jwtPayload; | |
| }, [jwtPayload]); | |
| const user = jwtPayload || sessionStore.user; | |
| if (!user) return null; | |
| const { name, email, avatar, mobilePhone } = user; | |
| useEffect(() => { | |
| sessionStore.getProfile(); | |
| }); | |
| const { name, email, avatar, mobilePhone } = sessionStore.user || jwtPayload; |
sessionGuard 中间件在登陆成功之前不会让当前页渲染。
| <Dropdown.Item href="/me">{t('profile')}</Dropdown.Item> | ||
| <Dropdown.Item href={`/user/${user.id}`}>{t('home_page')}</Dropdown.Item> |
|
|
||
| this.initSession(); | ||
| } | ||
|
|
||
| async initSession() { | ||
| if (!JWT) return; | ||
|
|
||
| try { | ||
| await sessionStore.getProfile(); | ||
| } catch (error) { | ||
| console.error('Session restore failed:', error); | ||
| sessionStore.signOut(); | ||
| } |
There was a problem hiding this comment.
不要在每个页面上检测登录状态,会拖慢很多不需要登录态的公开页面。哪个页面需要,哪个页面自己检查登录态。
There was a problem hiding this comment.
sessionGuard 中间件的设计就是 —— 基于 OAuth 登录机制,完全不需要自己写登录页。哪个页面需要登录态,哪个页面声明 sessionGuard 中间件,剩下的中间件自动处理,是 AOP(面向切面、”装饰模式“)编程思想在 Next.js SSR 的应用。
| # API Host | ||
| NEXT_PUBLIC_API_HOST=https://openhackathon-service.onrender.com |
There was a problem hiding this comment.
| # API Host | |
| NEXT_PUBLIC_API_HOST=https://openhackathon-service.onrender.com |
公开变量在 .env(已被 Git 托管)
| 3. Fill in: | ||
| - **Application name**: HOP Local Dev | ||
| - **Homepage URL**: `http://localhost:3000` | ||
| - **Authorization callback URL**: `http://localhost:3000/login` |
There was a problem hiding this comment.
| - **Authorization callback URL**: `http://localhost:3000/login` | |
| - **Authorization callback URL**: `http://localhost:3000` |
写死子路径会让 sessionGuard 给任意页面提供 OAuth 登录的能力彻底废掉……
| .use(async ({ request }, next) => { | ||
| try { | ||
| return await next(); | ||
| } catch (error) { | ||
| if (error instanceof HTTPError) { | ||
| const { status } = error.response; | ||
|
|
||
| if (status === 401 || status === 403) { | ||
| if (!isServer()) { | ||
| const currentPath = globalThis.location?.pathname || '/'; | ||
| const loginUrl = `/login?redirect=${encodeURIComponent(currentPath)}`; | ||
|
|
||
| globalThis.location?.assign(loginUrl); | ||
| } | ||
| } | ||
| } | ||
| throw error; | ||
| } | ||
| }); |
There was a problem hiding this comment.
- 只有
401未登录状态才表示用户 JWT 失效,403只是某个资源当前用户无权访问 - 所有客户端网络请求错误的兜底错误处理应在全局事件回调,网络中间件只处理纯数据逻辑,有何错误应由上层调用方判断,Axios 拦截器那种从底层截胡的思维要不得:
Lines 40 to 48 in b962bc8
| # Skip OAuth proxy for local development (proxy server may be unavailable) | ||
| SKIP_OAUTH_PROXY = 1 |
There was a problem hiding this comment.
| # Skip OAuth proxy for local development (proxy server may be unavailable) | |
| SKIP_OAUTH_PROXY = 1 |
不要跳过代理,它是为了中国大多数电脑即使挂梯子也无法让 Node.js 稳定访问 GitHub OAuth 接口而架设的。只是从“闭源社”迁回时没部署我们自己的测试服,但现在我搞好了。
Checklist:
Summary by CodeRabbit
New Features
Documentation
Improvements
✏️ Tip: You can customize this high-level summary in your review settings.