refactor: Refactor authentication method based on presence of client credentials (#5)

hkxiaoyao · web-flow · commit 9aad3dec7e99 · 2026-02-08T00:02:35.000+08:00
- Refactor authentication method based on presence of client credentials in payload.
diff --git a/web/index.html b/web/index.html
@@ -1741,7 +1741,9 @@ <h1 class="logo"><svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stro
                 try { clientData = JSON.parse(clientJson); } catch { alert(t('local.clientInvalid')); return; }
                 if (!clientData.clientId || !clientData.clientSecret) { alert(t('local.clientSecretMissing')); return; }
             }
-            const payload = { refreshToken: tokenData.refreshToken, accessToken: tokenData.accessToken || '', clientId: clientData?.clientId || '', clientSecret: clientData?.clientSecret || '', authMethod: isSocial ? 'social' : 'idc', provider: provider };
+            // 根据是否有 clientData 判断认证方式
+            const authMethod = clientData ? 'idc' : 'social';
+            const payload = { refreshToken: tokenData.refreshToken, accessToken: tokenData.accessToken || '', clientId: clientData?.clientId || '', clientSecret: clientData?.clientSecret || '', authMethod: authMethod, provider: provider };
             const res = await fetch('/admin/api/auth/credentials', { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-Admin-Password': password }, body: JSON.stringify(payload) });
             const d = await res.json();
             if (d.success) { closeModal(); loadAccounts(); loadStats(); alert(t('local.importSuccess') + ': ' + (d.account?.email || d.account?.id)); }
@@ -1754,9 +1756,10 @@ <h1 class="logo"><svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stro
                 let success = 0, failed = 0, errors = [];
                 for (const item of items) {
                     if (!item.refreshToken) { failed++; errors.push('missing refreshToken'); continue; }
-                    const provider = (item.provider || 'BuilderId').toLowerCase();
-                    const isSocial = provider === 'google' || provider === 'github' || provider === 'builderid';
-                    const payload = { refreshToken: item.refreshToken, clientId: item.clientId || '', clientSecret: item.clientSecret || '', authMethod: isSocial ? 'social' : 'idc', provider: item.provider || 'BuilderId' };
+                    // 根据是否包含 clientId/clientSecret 判断认证方式
+                    const hasClientCredentials = !!(item.clientId && item.clientSecret);
+                    const authMethod = hasClientCredentials ? 'idc' : 'social';
+                    const payload = { refreshToken: item.refreshToken, clientId: item.clientId || '', clientSecret: item.clientSecret || '', authMethod: authMethod, provider: item.provider || 'BuilderId' };
                     try {
                         const res = await fetch('/admin/api/auth/credentials', { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-Admin-Password': password }, body: JSON.stringify(payload) });
                         const d = await res.json();
