@@ -257,7 +257,7 @@ export const authController = {
|
||||
},
|
||||
|
||||
// 用户登出
|
||||
async logout(req: Request, res: Response) {
|
||||
async logout(req: AuthRequest, res: Response) {
|
||||
const token = req.headers.authorization?.substring(7);
|
||||
|
||||
if (token) {
|
||||
@@ -267,26 +267,18 @@ export const authController = {
|
||||
});
|
||||
}
|
||||
|
||||
// Create audit log (if we have user info from token)
|
||||
try {
|
||||
if (token) {
|
||||
const decoded = jwt.verify(token, "pandora") as any;
|
||||
if (decoded && decoded.userId) {
|
||||
await prisma.auditLog.create({
|
||||
data: {
|
||||
userId: decoded.userId,
|
||||
action: 'USER_LOGOUT',
|
||||
resource: 'user',
|
||||
resourceId: decoded.userId,
|
||||
ipAddress: (req.headers['x-forwarded-for'] as string) || req.socket.remoteAddress || null,
|
||||
userAgent: req.get('User-Agent') ?? null,
|
||||
}
|
||||
});
|
||||
// Create audit log
|
||||
if (req.user) {
|
||||
await prisma.auditLog.create({
|
||||
data: {
|
||||
userId: req.user.id,
|
||||
action: 'USER_LOGOUT',
|
||||
resource: 'user',
|
||||
resourceId: req.user.id,
|
||||
ipAddress: (req.headers['x-forwarded-for'] as string) || req.socket.remoteAddress || null,
|
||||
userAgent: req.get('User-Agent') ?? null,
|
||||
}
|
||||
}
|
||||
} catch (error) {
|
||||
// Token无效,不记录审计日志
|
||||
console.log('登出时token无效,跳过审计日志记录');
|
||||
});
|
||||
}
|
||||
|
||||
res.json({ message: '登出成功' });
|
||||
|
||||
@@ -27,7 +27,7 @@ router.post('/login', [
|
||||
], authController.login);
|
||||
|
||||
// Logout
|
||||
router.post('/logout', authController.logout);
|
||||
router.post('/logout', authMiddleware, authController.logout);
|
||||
|
||||
// Get current user
|
||||
router.get('/me', authMiddleware, authController.getCurrentUser);
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { createRouter, createWebHistory, type RouteRecordRaw, type NavigationGuardNext, type RouteLocationNormalized } from 'vue-router'
|
||||
import type { RouteRecordRaw, NavigationGuardNext, RouteLocationNormalized } from 'vue-router'
|
||||
import { createRouter, createWebHistory } from 'vue-router'
|
||||
import { useAuthStore } from '@/stores/auth'
|
||||
import { adminAuth } from '@/utils/auth'
|
||||
|
||||
@@ -75,6 +76,11 @@ router.beforeEach(async (
|
||||
document.title = `${title} - AI`
|
||||
|
||||
const authStore = useAuthStore()
|
||||
// 用户已登录,重定向到dashboard
|
||||
if (to.path === '/' && authStore.isLoggedIn) {
|
||||
next({ name: 'Dashboard' })
|
||||
return
|
||||
}
|
||||
|
||||
// 检查是否需要用户认证
|
||||
if (to.meta.requiresAuth) {
|
||||
@@ -92,12 +98,6 @@ router.beforeEach(async (
|
||||
}
|
||||
}
|
||||
|
||||
// 用户已登录且访问首页,重定向到dashboard
|
||||
if (to.path === '/' && authStore.isLoggedIn) {
|
||||
next({ name: 'Dashboard' })
|
||||
return
|
||||
}
|
||||
|
||||
next()
|
||||
})
|
||||
|
||||
|
||||
@@ -41,11 +41,6 @@ api.interceptors.response.use(
|
||||
},
|
||||
(error) => {
|
||||
if (error.response?.status === 401) {
|
||||
// 如果是登出请求,不要自动重定向
|
||||
if (error.config?.url?.includes('/auth/logout')) {
|
||||
return Promise.reject(error)
|
||||
}
|
||||
|
||||
// Token过期或无效,清除所有认证状态
|
||||
userAuth.logout()
|
||||
adminAuth.logout()
|
||||
|
||||
@@ -202,7 +202,7 @@ const loadUserAccounts = async () => {
|
||||
onMounted(async () => {
|
||||
try {
|
||||
// 初始化认证状态
|
||||
await authStore.initAuth()
|
||||
authStore.initAuth()
|
||||
|
||||
// 确保用户已登录
|
||||
if (!authStore.isLoggedIn) {
|
||||
@@ -222,8 +222,6 @@ onMounted(async () => {
|
||||
router.push('/')
|
||||
return
|
||||
}
|
||||
// 其他错误,继续尝试加载账号
|
||||
console.warn('获取用户信息失败,但继续加载账号:', error)
|
||||
}
|
||||
|
||||
// 加载用户账号
|
||||
|
||||
Reference in New Issue
Block a user