fix: login detection with offscreen fallback (#203)

timerring · web-flow · commit a96b4254d771 · 2026-02-21T17:08:45.000+08:00
diff --git a/apps/extension/src/background.js b/apps/extension/src/background.js
@@ -263,6 +263,26 @@ async function detectCnblogsViaOffscreen() {
 
 globalThis.__coseDetectCnblogs = detectCnblogsViaOffscreen
 
+/**
+ * Xiaohongshu detection via offscreen document.
+ * Offscreen has document context so cookies are sent automatically.
+ */
+async function detectXiaohongshuViaOffscreen() {
+  try {
+    console.log('[COSE] Xiaohongshu: Sending OFFSCREEN_DETECT_XIAOHONGSHU message...')
+    const result = await sendOffscreenMessage({
+      type: 'OFFSCREEN_DETECT_XIAOHONGSHU',
+    })
+    console.log('[COSE] Xiaohongshu: Offscreen response:', JSON.stringify(result))
+    return result?.data || null
+  } catch (e) {
+    console.log('[COSE] Xiaohongshu offscreen detection failed:', e.message)
+    return null
+  }
+}
+
+globalThis.__coseDetectXiaohongshu = detectXiaohongshuViaOffscreen
+
 // 初始化动态规则：为 sinaimg 和 sspai 头像添加 CORS 头
 async function initDynamicRules() {
   try {
diff --git a/apps/extension/src/offscreen.js b/apps/extension/src/offscreen.js
@@ -41,6 +41,13 @@ chrome.runtime.onMessage.addListener((message, sender, sendResponse) => {
       .catch(err => sendResponse({ success: false, error: err.message }))
     return true
   }
+
+  if (message.type === 'OFFSCREEN_DETECT_XIAOHONGSHU') {
+    handleDetectXiaohongshu()
+      .then(result => sendResponse({ success: true, data: result }))
+      .catch(err => sendResponse({ success: false, error: err.message }))
+    return true
+  }
 })
 
 async function handleFetch(payload) {
@@ -178,3 +185,32 @@ async function handleDetectCnblogs() {
     return { loggedIn: false, error: e.message }
   }
 }
+
+
+/**
+ * Xiaohongshu detection: fetch creator API in document context.
+ * Cookies are sent automatically with credentials: 'include'.
+ */
+async function handleDetectXiaohongshu() {
+  try {
+    const resp = await fetch('https://creator.xiaohongshu.com/api/galaxy/user/info', {
+      method: 'GET',
+      credentials: 'include',
+      headers: { 'Accept': 'application/json' },
+    })
+    if (!resp.ok) return { loggedIn: false }
+
+    const data = await resp.json()
+    if (data?.success === true && data?.code === 0 && data?.data?.userId) {
+      return {
+        loggedIn: true,
+        username: data.data.userName || data.data.redId || '',
+        avatar: data.data.userAvatar || '',
+        userId: data.data.userId,
+      }
+    }
+    return { loggedIn: false }
+  } catch (e) {
+    return { loggedIn: false, error: e.message }
+  }
+}
diff --git a/packages/detection/src/platforms/xiaohongshu.js b/packages/detection/src/platforms/xiaohongshu.js
@@ -1,64 +1,90 @@
 /**
  * Xiaohongshu (Little Red Book) platform detection logic
  * Strategy:
- * 1. Check chrome.storage.local cache (7 days TTL)
- * 2. Inject script into open creator.xiaohongshu.com tab to call API
+ * 1. Check `a1` cookie on creator.xiaohongshu.com as login indicator
+ * 2. Best-effort: fetch user info via offscreen document or open tab
+ * 3. Fall back to chrome.storage.local cache for user details
  */
 export async function detectXiaohongshuUser() {
-    const platformId = 'xiaohongshu'
     try {
-        // 先检查缓存
-        const stored = await chrome.storage.local.get('xiaohongshu_user')
-        const cachedUser = stored.xiaohongshu_user
+        // 1. Check a1 cookie as login indicator (MV3 service worker compatible)
+        const a1Cookie = await chrome.cookies.get({ url: 'https://creator.xiaohongshu.com', name: 'a1' })
+        if (!a1Cookie || !a1Cookie.value) {
+            return { loggedIn: false }
+        }
 
-        if (cachedUser && cachedUser.loggedIn) {
-            const cacheAge = Date.now() - (cachedUser.cachedAt || 0)
-            const maxAge = 7 * 24 * 60 * 60 * 1000 // 7 days
-            if (cacheAge < maxAge) {
-                console.log(`[COSE] xiaohongshu 从缓存读取:`, cachedUser.username)
-                return { loggedIn: true, username: cachedUser.username || '', avatar: cachedUser.avatar || '' }
-            } else {
-                await chrome.storage.local.remove('xiaohongshu_user')
+        // Logged in — now try to get user details
+
+        // 2a. Try offscreen fetch (document context, cookies sent automatically)
+        try {
+            const offscreenDetect = globalThis.__coseDetectXiaohongshu
+            if (offscreenDetect) {
+                const offResult = await offscreenDetect()
+                if (offResult && offResult.loggedIn) {
+                    // Update cache
+                    const userInfo = { ...offResult, cachedAt: Date.now() }
+                    await chrome.storage.local.set({ xiaohongshu_user: userInfo })
+                    return { loggedIn: true, username: offResult.username || '', avatar: offResult.avatar || '' }
+                }
             }
+        } catch (e) {
+            console.log('[COSE] xiaohongshu offscreen detection failed:', e.message)
         }
 
-        // 缓存无效，尝试在已打开的小红书页面中检测
-        const tabs = await chrome.tabs.query({ url: 'https://creator.xiaohongshu.com/*' })
-        if (tabs.length > 0) {
-            const results = await chrome.scripting.executeScript({
-                target: { tabId: tabs[0].id },
-                func: async () => {
-                    try {
-                        const response = await fetch('https://creator.xiaohongshu.com/api/galaxy/user/info', {
-                            method: 'GET',
-                            credentials: 'include',
-                            headers: { 'Accept': 'application/json' }
-                        })
-                        if (!response.ok) return null
-                        const data = await response.json()
-                        if (data?.success === true && data?.code === 0 && data?.data?.userId) {
-                            return {
-                                loggedIn: true,
-                                username: data.data.userName || data.data.redId || '',
-                                avatar: data.data.userAvatar || '',
-                                userId: data.data.userId
+        // 2b. Try open tab injection
+        try {
+            const tabs = await chrome.tabs.query({ url: 'https://creator.xiaohongshu.com/*' })
+            if (tabs.length > 0) {
+                const results = await chrome.scripting.executeScript({
+                    target: { tabId: tabs[0].id },
+                    func: async () => {
+                        try {
+                            const response = await fetch('https://creator.xiaohongshu.com/api/galaxy/user/info', {
+                                method: 'GET',
+                                credentials: 'include',
+                                headers: { 'Accept': 'application/json' }
+                            })
+                            if (!response.ok) return null
+                            const data = await response.json()
+                            if (data?.success === true && data?.code === 0 && data?.data?.userId) {
+                                return {
+                                    loggedIn: true,
+                                    username: data.data.userName || data.data.redId || '',
+                                    avatar: data.data.userAvatar || '',
+                                    userId: data.data.userId
+                                }
                             }
-                        }
-                        return null
-                    } catch (e) { return null }
+                            return null
+                        } catch (e) { return null }
+                    }
+                })
+                const result = results?.[0]?.result
+                if (result && result.loggedIn) {
+                    const userInfo = { ...result, cachedAt: Date.now() }
+                    await chrome.storage.local.set({ xiaohongshu_user: userInfo })
+                    return { loggedIn: true, username: userInfo.username || '', avatar: userInfo.avatar || '' }
                 }
-            })
+            }
+        } catch (e) {
+            console.log('[COSE] xiaohongshu tab detection failed:', e.message)
+        }
 
-            const result = results?.[0]?.result
-            if (result && result.loggedIn) {
-                const userInfo = { ...result, cachedAt: Date.now() }
-                await chrome.storage.local.set({ xiaohongshu_user: userInfo })
-                return { loggedIn: true, username: userInfo.username || '', avatar: userInfo.avatar || '' }
+        // 2c. Fall back to cache for user details
+        const stored = await chrome.storage.local.get('xiaohongshu_user')
+        const cachedUser = stored.xiaohongshu_user
+        if (cachedUser && cachedUser.username) {
+            const cacheAge = Date.now() - (cachedUser.cachedAt || 0)
+            const maxAge = 7 * 24 * 60 * 60 * 1000 // 7 days
+            if (cacheAge < maxAge) {
+                console.log('[COSE] xiaohongshu 从缓存读取:', cachedUser.username)
+                return { loggedIn: true, username: cachedUser.username || '', avatar: cachedUser.avatar || '' }
             }
         }
-        return { loggedIn: false }
+
+        // Cookie exists but couldn't get user details — still logged in
+        return { loggedIn: true, username: '', avatar: '' }
     } catch (e) {
-        console.log(`[COSE] xiaohongshu 检测失败:`, e.message)
+        console.log('[COSE] xiaohongshu 检测失败:', e.message)
         return { loggedIn: false }
     }
 }
