remove usage of local storage for checking state in spa exp

spa/src/services/oauth-manager/index.ts

@@ -2,11 +2,11 @@ import Api from "../../api";
 import { AxiosError } from "axios";
 import { popup, reportError } from "../../utils";
 
-const STATE_KEY = "oauth-localStorage-state";
-
 let username: string | undefined;
 let email: string | undefined;
 
+let oauthState: string | undefined;
+
 async function checkValidity(): Promise<boolean | AxiosError> {
 	if (!Api.token.hasGitHubToken()) return false;
 
@@ -25,7 +25,7 @@ async function checkValidity(): Promise<boolean | AxiosError> {
 async function authenticateInGitHub(onWinClosed: () => void): Promise<void> {
 	const res = await Api.auth.generateOAuthUrl();
 	if (res.data.redirectUrl && res.data.state) {
-		window.localStorage.setItem(STATE_KEY, res.data.state);
+		oauthState = res.data.state;
 		const win = popup(res.data.redirectUrl);
 		if (win) {
 			const winCloseCheckHandler = setInterval(() => {
@@ -39,10 +39,12 @@ async function authenticateInGitHub(onWinClosed: () => void): Promise<void> {
 }
 
 async function finishOAuthFlow(code: string, state: string): Promise<boolean | AxiosError> {
+
 	if (!code && !state) return false;
 
-	const prevState = window.localStorage.getItem(STATE_KEY);
-	window.localStorage.removeItem(STATE_KEY);
+	const prevState = oauthState;
+	oauthState = undefined;
+
 	if (state !== prevState) return false;
 
 	try {