chore: redirect back to login page for deactivated users

2026-01-23 00:53:33 +00:00 · 2025-08-13 20:13:32 +08:00
parent aa86e062f1
commit bb60df8b41
4 changed files with 57 additions and 5 deletions
--- a/web/admin-spa/src/main.js
+++ b/web/admin-spa/src/main.js
@@ -5,6 +5,7 @@ import zhCn from 'element-plus/dist/locale/zh-cn.mjs'
 import 'element-plus/dist/index.css'
 import App from './App.vue'
 import router from './router'
+import { useUserStore } from './stores/user'
 import './assets/styles/main.css'
 import './assets/styles/global.css'

@@ -23,5 +24,9 @@ app.use(ElementPlus, {
  locale: zhCn
 })

+// 设置axios拦截器
+const userStore = useUserStore()
+userStore.setupAxiosInterceptors()
+
 // 挂载应用
 app.mount('#app')
--- a/web/admin-spa/src/router/index.js
+++ b/web/admin-spa/src/router/index.js
@@ -169,8 +169,18 @@ router.beforeEach(async (to, from, next) => {
  if (to.meta.requiresUserAuth) {
    if (!userStore.isAuthenticated) {
      // 尝试检查本地存储的认证信息
-      const isUserLoggedIn = await userStore.checkAuth()
-      if (!isUserLoggedIn) {
+      try {
+        const isUserLoggedIn = await userStore.checkAuth()
+        if (!isUserLoggedIn) {
+          return next('/user-login')
+        }
+      } catch (error) {
+        // If the error is about disabled account, redirect to login with error
+        if (error.message && error.message.includes('disabled')) {
+          // Import showToast to display the error
+          const { showToast } = await import('@/utils/toast')
+          showToast(error.message, 'error')
+        }
        return next('/user-login')
      }
    }
--- a/web/admin-spa/src/stores/user.js
+++ b/web/admin-spa/src/stores/user.js
@@ -1,5 +1,6 @@
 import { defineStore } from 'pinia'
 import axios from 'axios'
+import { showToast } from '@/utils/toast'

 const API_BASE = '/users'

@@ -104,8 +105,13 @@ export const useUserStore = defineStore('user', {
          return response.data.user
        }
      } catch (error) {
-        if (error.response?.status === 401) {
+        if (error.response?.status === 401 || error.response?.status === 403) {
+          // 401: Invalid/expired session, 403: Account disabled
          this.clearAuth()
+          // If it's a disabled account error, throw a specific error
+          if (error.response?.status === 403) {
+            throw new Error(error.response.data?.message || 'Your account has been disabled')
+          }
        }
        throw error
      }
@@ -184,6 +190,28 @@ export const useUserStore = defineStore('user', {
      if (this.sessionToken) {
        axios.defaults.headers.common['x-user-token'] = this.sessionToken
      }
+    },
+
+    // 🔧 设置axios拦截器
+    setupAxiosInterceptors() {
+      // Response interceptor to handle disabled user responses globally
+      axios.interceptors.response.use(
+        (response) => response,
+        (error) => {
+          if (error.response?.status === 403) {
+            const message = error.response.data?.message
+            if (message && (message.includes('disabled') || message.includes('Account disabled'))) {
+              this.clearAuth()
+              showToast(message, 'error')
+              // Redirect to login page
+              if (window.location.pathname !== '/user-login') {
+                window.location.href = '/user-login'
+              }
+            }
+          }
+          return Promise.reject(error)
+        }
+      )
    }
  }
 })