From 58f3bf99dc2ef9c2cb57afea2365855f9b23d618 Mon Sep 17 00:00:00 2001 From: mtvpls Date: Tue, 27 Jan 2026 20:43:19 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=88=B7=E6=96=B0token?= =?UTF-8?q?=E5=A4=B1=E6=95=88=E6=97=A0=E9=99=90=E9=87=8D=E5=AE=9A=E5=90=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/lib/db.client.ts | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/src/lib/db.client.ts b/src/lib/db.client.ts index 4d67aa2..3703572 100644 --- a/src/lib/db.client.ts +++ b/src/lib/db.client.ts @@ -527,6 +527,16 @@ async function fetchWithAuth( if (res.status === 401) { const text = await res.clone().text(); if (text === 'Access token expired') { + // 检查是否是登录相关的接口,如果是则不刷新 + if ( + url.includes('/api/login') || + url.includes('/api/register') || + url.includes('/api/auth/oidc') || + url.includes('/api/auth/refresh') + ) { + throw new Error('用户未授权'); + } + // 尝试刷新 token const refreshRes = await fetch('/api/auth/refresh', { method: 'POST', @@ -541,19 +551,22 @@ async function fetchWithAuth( // 如果刷新后仍然是 401,或者是其他 401 错误,跳转登录 if (res.status === 401) { - // 调用 logout 接口 - try { - await fetch('/api/logout', { - method: 'POST', - headers: { 'Content-Type': 'application/json' }, - }); - } catch (error) { - console.error('注销请求失败:', error); + // 检查当前页面是否已经是登录页,避免重复跳转 + if (typeof window !== 'undefined' && !window.location.pathname.startsWith('/login')) { + // 调用 logout 接口 + try { + await fetch('/api/logout', { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + }); + } catch (error) { + console.error('注销请求失败:', error); + } + const currentUrl = window.location.pathname + window.location.search; + const loginUrl = new URL('/login', window.location.origin); + loginUrl.searchParams.set('redirect', currentUrl); + window.location.href = loginUrl.toString(); } - const currentUrl = window.location.pathname + window.location.search; - const loginUrl = new URL('/login', window.location.origin); - loginUrl.searchParams.set('redirect', currentUrl); - window.location.href = loginUrl.toString(); throw new Error('用户未授权,已跳转到登录页面'); } }