feat(auth): enhance authentication flow with user context and error handling

4 weeks ago · 3f12e95180
16 changed files with 87 additions and 43 deletions
--- a/app/composables/useAuth.ts
+++ b/app/composables/useAuth.ts
@ -24,10 +24,16 @@ export function useAuth() {
  const loading = ref(false);
  async function loadUser() {
-    const res = await $fetch<ApiResponse<{ user: User }>>("/api/auth/me");
+    try {
      const res = await $fetch<ApiResponse<{ user: User }>>("/api/auth/me", {
        headers: process.server ? useRequestHeaders(["cookie"]) : {},
      });
      if (res.code === 0 && res.data?.user) {
        user.value = res.data.user;
      }
    } catch {
      // 未登录时静默处理
    }
  }
  async function register(username: string, password: string, captchaToken: string, captchaCode: string) {
--- a/app/middleware/auth.global.ts
+++ b/app/middleware/auth.global.ts
@ -1,14 +1,14 @@
-const PUBLIC_PATHS = ["/", "/index", "/login", "/register"];
+const PUBLIC_PATHS = ["/", "/index"];
 const AUTH_PATHS = ["/login", "/register"];
-export default defineNuxtRouteMiddleware(async (to) => {
+export default defineNuxtRouteMiddleware((to) => {
-  if (PUBLIC_PATHS.includes(to.path)) return;
+  const { isLoggedIn } = useAuth();
-  try {
+  if (isLoggedIn.value && AUTH_PATHS.includes(to.path)) {
-    const res = await $fetch<{ code: number }>("/api/auth/me");
+    return navigateTo("/");
    if (res.code !== 0) {
      return navigateTo("/login?redirect=" + encodeURIComponent(to.fullPath));
  }
-  } catch {
+
  if (!AUTH_PATHS.includes(to.path) && !PUBLIC_PATHS.includes(to.path) && !isLoggedIn.value) {
    return navigateTo("/login?redirect=" + encodeURIComponent(to.fullPath));
  }
 });
--- a/app/pages/index/index.vue
+++ b/app/pages/index/index.vue
@ -1,10 +1,12 @@
 <script setup lang="ts">
-
+const { user, isLoggedIn } = useAuth()
 </script>
 <template>
    <div class="flex flex-col items-center justify-center min-h-screen">
        <h1 class="text-4xl font-bold mb-4">Welcome to Nuxt 3!</h1>
        <p class="text-lg text-gray-600">This is the index page.</p>
        <p>{{ isLoggedIn }}</p>
        <p>{{ user }}</p>
    </div>
 </template>
--- a/app/plugins/auth.ts
+++ b/app/plugins/auth.ts
@ -0,0 +1,4 @@
 export default defineNuxtPlugin(async () => {
  const { loadUser } = useAuth()
  await loadUser()
 })
--- a/packages/drizzle-pkg/db.sqlite
+++ b/packages/drizzle-pkg/db.sqlite
--- a/server/api/auth/captcha.post.ts
+++ b/server/api/auth/captcha.post.ts
@ -1,6 +1,6 @@
 import { createCaptcha } from "#server/service/auth";
-export default defineWrappedResponseHandler(async () => {
+export default defineWrappedResponseHandler({ auth: 'public' }, async () => {
  const result = await createCaptcha();
  return R.success(result);
 });
--- a/server/api/auth/login.post.ts
+++ b/server/api/auth/login.post.ts
@ -8,7 +8,7 @@ const loginSchema = z.object({
  captchaCode: z.string().min(1),
 });
-export default defineWrappedResponseHandler(async (event) => {
+export default defineWrappedResponseHandler({ auth: 'public' }, async (event) => {
  const body = await readBody(event);
  const parsed = loginSchema.safeParse(body);
--- a/server/api/auth/logout.post.ts
+++ b/server/api/auth/logout.post.ts
@ -1,4 +1,4 @@
-export default defineWrappedResponseHandler(async (event) => {
+export default defineWrappedResponseHandler({ auth: 'public' }, async (event) => {
  deleteCookie(event, "token", { path: "/" });
  return R.success(null);
 });
--- a/server/api/auth/me.get.ts
+++ b/server/api/auth/me.get.ts
@ -1,16 +1,5 @@
-import { getUserFromEvent } from "#server/utils/jwt";
+import { getContextUser } from "#server/utils/context";
 import { getCurrentUser } from "#server/service/auth";
 export default defineWrappedResponseHandler(async (event) => {
-  const payload = getUserFromEvent(event);
+  return R.success({ user: getContextUser(event) });
  if (!payload) {
    return R.error("未登录", null);
  }
  const user = await getCurrentUser(payload);
  if (!user) {
    return R.error("用户不存在", null);
  }
  return R.success({ user });
 });
--- a/server/api/auth/register.post.ts
+++ b/server/api/auth/register.post.ts
@ -8,7 +8,7 @@ const registerSchema = z.object({
  captchaCode: z.string().min(1),
 });
-export default defineWrappedResponseHandler(async (event) => {
+export default defineWrappedResponseHandler({ auth: 'public' }, async (event) => {
  const body = await readBody(event);
  const parsed = registerSchema.safeParse(body);
--- a/server/api/file/upload.post.ts
+++ b/server/api/file/upload.post.ts
@ -12,7 +12,7 @@ interface IFile {
  size: number;
 }
-export default defineWrappedResponseHandler(async (event) => {
+export default defineWrappedResponseHandler({ auth: 'optional' }, async (event) => {
  try {
    // 存储目录
    const uploadDir = path.join(process.cwd(), 'public/assets');
--- a/server/api/hello.get.ts
+++ b/server/api/hello.get.ts
@ -1,8 +1,7 @@
 import { getUsers } from "../service/auth"
 import { compare, hash } from "bcryptjs";
-export default defineWrappedResponseHandler(async (event) => {
+export default defineWrappedResponseHandler({ auth: 'public' }, async (event) => {
  compare
  const users = await getUsers()
  return R.success({
    hello: "aa",
--- a/server/api/pic/random.get.ts
+++ b/server/api/pic/random.get.ts
@ -19,15 +19,11 @@ const handler = eventHandler(async (event: H3Event) => {
        return "error"
    }
    if (Reflect.has(query, "miaomc")) {
        // return await $fetch("https://api.miaomc.cn/image/get", { method: "get", mode: "cors" })
        event.node.res.statusCode = 302;
        event.node.res.setHeader("location", "https://api.miaomc.cn/image/get");
        return;
    }
    if (Reflect.has(query, "r10086")) {
    //     return `<!DOCTYPE html><html lang="zh"><head><meta charset="utf-8"><title>选择</title></head>
    // <body><script>location.href="https://api.r10086.com/樱道随机图片api接口.php?图片系列=动漫综合1"</script></body>
    // </html>`;
        return await sendRedirect(
            event,
            encodeURI("https://api.r10086.com/樱道随机图片api接口.php?图片系列=动漫综合1"),
@ -37,7 +33,7 @@ const handler = eventHandler(async (event: H3Event) => {
    if (Reflect.has(query, "favicon")) {
        const avatarPath = resolve("public", "favicon.ico")
        event.node.res.setHeader("Content-Type", "image/jpeg");
-        return fs.readFile(avatarPath) //fs.createReadStream(avatarPath);
+        return fs.readFile(avatarPath)
    }
    return `<!DOCTYPE html><html lang="zh"><head><meta charset="utf-8"><title>选择</title></head>
    <body>
--- a/server/types/index.d.ts
+++ b/server/types/index.d.ts
@ -0,0 +1,9 @@
 import type { getCurrentUser } from "#server/service/auth";
 type CurrentUser = Exclude<Awaited<ReturnType<typeof getCurrentUser>>, null>;
 declare module "h3" {
  interface H3EventContext {
    user?: CurrentUser;
  }
 }
--- a/server/utils/context.ts
+++ b/server/utils/context.ts
@ -0,0 +1,18 @@
 import type { H3Event } from "h3";
 import type { getCurrentUser } from "#server/service/auth";
 type CurrentUser = Exclude<Awaited<ReturnType<typeof getCurrentUser>>, null>;
 /**
 * 设置当前登录用户到 event.context
 */
 export function setContextUser(event: H3Event, user: CurrentUser): void {
  (event.context as Record<string, unknown>).user = user;
 }
 /**
 * 从 event.context 获取当前登录用户
 */
 export function getContextUser(event: H3Event): CurrentUser | undefined {
  return (event.context as Record<string, unknown>).user as CurrentUser | undefined;
 }
--- a/server/utils/handler.ts
+++ b/server/utils/handler.ts
@ -1,11 +1,14 @@
 import log4js from "logger";
 import { getUserFromEvent } from "#server/utils/jwt";
 import { getCurrentUser } from "#server/service/auth";
 import { setContextUser } from "#server/utils/context";
 interface IConfig {
-
+  auth?: 'required' | 'public' | 'optional';
 }
 const defaultConfig: IConfig = {
-
+  auth: 'required',
 }
 const logger = log4js.getLogger("ERROR");
@ -21,6 +24,24 @@ export const defineWrappedResponseHandler = <T extends EventHandlerRequest, D>(
    const config = Object.assign({ ...defaultConfig }, typeof handlerOrConfig === 'object' ? handlerOrConfig : {});
    return defineEventHandler<T>(async (event) => {
        // ---- auth guard ----
        if (config.auth !== 'public') {
            const payload = getUserFromEvent(event);
            if (config.auth === 'required' && !payload) {
                return R.error("未登录", null);
            }
            if (payload) {
                const user = await getCurrentUser(payload);
                if (config.auth === 'required' && !user) {
                    return R.error("用户不存在", null);
                }
                if (user) {
                    setContextUser(event, user);
                }
            }
        }
        // ---- end auth guard ----
        const response = await handler(event)
        return response
    })