diff --git a/backend/src/controllers/authController.ts b/backend/src/controllers/authController.ts index f546d41..b132799 100644 --- a/backend/src/controllers/authController.ts +++ b/backend/src/controllers/authController.ts @@ -239,7 +239,7 @@ export const authController = { }, // 用户登出 - async logout(req: AuthRequest, res: Response) { + async logout(req: Request, res: Response) { const token = req.headers.authorization?.substring(7); if (token) { @@ -249,18 +249,26 @@ export const authController = { }); } - // Create audit log - if (req.user) { - await prisma.auditLog.create({ - data: { - userId: req.user.id, - action: 'USER_LOGOUT', - resource: 'user', - resourceId: req.user.id, - ipAddress: (req.headers['x-forwarded-for'] as string) || req.socket.remoteAddress || null, - userAgent: req.get('User-Agent') ?? null, + // Create audit log (if we have user info from token) + try { + if (token) { + const decoded = jwt.verify(token, "pandora") as any; + if (decoded && decoded.userId) { + await prisma.auditLog.create({ + data: { + userId: decoded.userId, + action: 'USER_LOGOUT', + resource: 'user', + resourceId: decoded.userId, + ipAddress: (req.headers['x-forwarded-for'] as string) || req.socket.remoteAddress || null, + userAgent: req.get('User-Agent') ?? null, + } + }); } - }); + } + } catch (error) { + // Token无效,不记录审计日志 + console.log('登出时token无效,跳过审计日志记录'); } res.json({ message: '登出成功' }); diff --git a/backend/src/routes/auth.ts b/backend/src/routes/auth.ts index 47f40aa..eec8c85 100644 --- a/backend/src/routes/auth.ts +++ b/backend/src/routes/auth.ts @@ -27,7 +27,7 @@ router.post('/login', [ ], authController.login); // Logout -router.post('/logout', authMiddleware, authController.logout); +router.post('/logout', authController.logout); // Get current user router.get('/me', authMiddleware, authController.getCurrentUser); diff --git a/frontend/src/router/index.ts b/frontend/src/router/index.ts index efb7df7..5ecf804 100644 --- a/frontend/src/router/index.ts +++ b/frontend/src/router/index.ts @@ -1,5 +1,4 @@ -import type { RouteRecordRaw, NavigationGuardNext, RouteLocationNormalized } from 'vue-router' -import { createRouter, createWebHistory } from 'vue-router' +import { createRouter, createWebHistory, type RouteRecordRaw, type NavigationGuardNext, type RouteLocationNormalized } from 'vue-router' import { useAuthStore } from '@/stores/auth' import { adminAuth } from '@/utils/auth' @@ -76,12 +75,7 @@ router.beforeEach(async ( document.title = `${title} - AI` const authStore = useAuthStore() - // 用户已登录,重定向到dashboard - if (to.path === '/' && authStore.isLoggedIn) { - next({ name: 'Dashboard' }) - return - } - + // 检查是否需要用户认证 if (to.meta.requiresAuth) { if (!authStore.isLoggedIn) { @@ -98,6 +92,12 @@ router.beforeEach(async ( } } + // 用户已登录且访问首页,重定向到dashboard + if (to.path === '/' && authStore.isLoggedIn) { + next({ name: 'Dashboard' }) + return + } + next() }) diff --git a/frontend/src/utils/api.ts b/frontend/src/utils/api.ts index cea9a69..91746f8 100644 --- a/frontend/src/utils/api.ts +++ b/frontend/src/utils/api.ts @@ -41,6 +41,11 @@ api.interceptors.response.use( }, (error) => { if (error.response?.status === 401) { + // 如果是登出请求,不要自动重定向 + if (error.config?.url?.includes('/auth/logout')) { + return Promise.reject(error) + } + // Token过期或无效,清除所有认证状态 userAuth.logout() adminAuth.logout() diff --git a/frontend/src/views/Dashboard.vue b/frontend/src/views/Dashboard.vue index 4af81bb..67f7882 100644 --- a/frontend/src/views/Dashboard.vue +++ b/frontend/src/views/Dashboard.vue @@ -202,7 +202,7 @@ const loadUserAccounts = async () => { onMounted(async () => { try { // 初始化认证状态 - authStore.initAuth() + await authStore.initAuth() // 确保用户已登录 if (!authStore.isLoggedIn) { @@ -222,6 +222,8 @@ onMounted(async () => { router.push('/') return } + // 其他错误,继续尝试加载账号 + console.warn('获取用户信息失败,但继续加载账号:', error) } // 加载用户账号