Refactor authentication redirection logic

- Introduce a new `auth-redirect` module to manage safe return paths for login and redirection.
- Update the login page to utilize `readReturnToFromLocation` for redirecting users post-login.
- Modify the `AuthGate` component to use `loginPathWithReturnTo` for redirecting unauthorized users, enhancing security and user experience.
- Adjust API request handling to incorporate the new redirection logic, ensuring users are directed to the appropriate login page with return paths.
This commit is contained in:
Xin Wang
2026-07-10 10:44:33 +08:00
parent 3ed9e1b388
commit 0fa02cc563
4 changed files with 32 additions and 5 deletions

View File

@@ -5,6 +5,8 @@
* 注意:api_key 读取时后端永远打码,写回打码占位符表示"不改 key"(写时哨兵)。
*/
import { loginPathWithReturnTo } from "@/lib/auth-redirect";
export const API_BASE =
process.env.NEXT_PUBLIC_API_BASE_URL ?? "http://localhost:8000";
@@ -20,7 +22,9 @@ async function request<T>(path: string, init?: RequestInit): Promise<T> {
typeof window !== "undefined" &&
!path.startsWith("/api/auth/")
) {
window.location.href = "/login";
window.location.href = loginPathWithReturnTo(
window.location.pathname + window.location.search,
);
}
if (!res.ok) {
let detail = `请求失败 (${res.status})`;