diff --git a/src/lib/middleware-auth.ts b/src/lib/middleware-auth.ts index 715a884..eee121c 100644 --- a/src/lib/middleware-auth.ts +++ b/src/lib/middleware-auth.ts @@ -43,14 +43,6 @@ export async function refreshAccessToken( } const now = Date.now(); - const authData = { - username, - role, - timestamp: now, // 新的 Access Token 时间戳 - tokenId, - refreshToken, - refreshExpires - }; // 生成新的签名 const dataToSign = JSON.stringify({ @@ -64,7 +56,15 @@ export async function refreshAccessToken( process.env.PASSWORD || '' ); - authData.signature = signature; + const authData = { + username, + role, + timestamp: now, // 新的 Access Token 时间戳 + tokenId, + refreshToken, + refreshExpires, + signature + }; console.log(`Refreshed access token for ${username}`); diff --git a/src/middleware.ts b/src/middleware.ts index 328610d..3b4dd3d 100644 --- a/src/middleware.ts +++ b/src/middleware.ts @@ -39,7 +39,7 @@ export async function middleware(request: NextRequest) { // 其他模式:验证签名和时间戳,支持自动续期 // 检查是否有用户名(非localStorage模式下密码不存储在cookie中) - if (!authInfo.username || !authInfo.signature || !authInfo.timestamp) { + if (!authInfo.username || !authInfo.role || !authInfo.signature || !authInfo.timestamp) { return handleAuthFailure(request, pathname); }