From 2da6933e00fb61a5b701e478a2646dadda32043c Mon Sep 17 00:00:00 2001
From: jdysya <1912377458@qq.com>
Date: Sun, 16 Feb 2025 22:51:25 +0800
Subject: [PATCH] =?UTF-8?q?fix(auth):=20=E4=BF=AE=E5=A4=8D=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E7=8A=B6=E6=80=81=E6=A3=80=E6=9F=A5=E5=92=8C=E9=80=80?=
 =?UTF-8?q?=E5=87=BA=E7=99=BB=E5=BD=95=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 优化登录状态检查逻辑，未登录时重定向到登录页
- 添加原目标页面作为登录后返回参数
- 退出登录时清除缓存，确保安全退出
- 移除文档页面的权限校验中间件
---
 doc/src/.vuepress/client.ts | 10 ++++------
 gateway/handlers/auth.go    |  5 +++++
 gateway/main.go             |  3 ---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/doc/src/.vuepress/client.ts b/doc/src/.vuepress/client.ts
index 9cbce52..beb924d 100644
--- a/doc/src/.vuepress/client.ts
+++ b/doc/src/.vuepress/client.ts
@@ -8,20 +8,18 @@ export default defineClientConfig({
     // 仅在客户端执行
     if (typeof window !== 'undefined') {
       router.beforeEach(async (to, from, next) => {
-        // 检查是否是首页
+        // 检查是否从首页访问其他页面
         if (from.fullPath === '/' && to.fullPath !== '/') {
           try {
-            // 复用 UserInfo 组件中相同的接口检查登录状态
             const response = await fetch('/api/user/info')
             if (!response.ok) {
-              // 未登录状态，使用非SPA的路由跳转方式
-              window.location.href = to.fullPath
+              // 未登录时重定向到登录页，并带上原目标页面作为参数
+              window.location.href = `/login?return_url=${encodeURIComponent(to.fullPath)}`
               return
             }
           } catch (error) {
             console.error('检查登录状态失败:', error)
-            // 发生错误时同上
-            window.location.href = to.fullPath
+            window.location.href = `/login?return_url=${encodeURIComponent(to.fullPath)}`
             return
           }
         }
diff --git a/gateway/handlers/auth.go b/gateway/handlers/auth.go
index 85688b5..64a6407 100644
--- a/gateway/handlers/auth.go
+++ b/gateway/handlers/auth.go
@@ -139,6 +139,11 @@ func Logout(c *gin.Context) {
 	// 清除session数据
 	session.Clear()
 
+	// 添加清除缓存的 HTTP 头
+	c.Header("Cache-Control", "no-cache, no-store, must-revalidate")
+	c.Header("Pragma", "no-cache")
+	c.Header("Expires", "0")
+
 	// 保存更改
 	if err := session.Save(); err != nil {
 		utils.Logger.Errorf("退出登录失败: %v", err)
diff --git a/gateway/main.go b/gateway/main.go
index 08562fa..831fee2 100644
--- a/gateway/main.go
+++ b/gateway/main.go
@@ -62,9 +62,6 @@ func main() {
 	// 文档页面路由
 	r.GET("/", handlers.ServeIndex(db))
 
-	// 权限校验中间件
-	//r.Use(middleware.AuthRequired())
-
 	// 添加路由认证中间件
 	r.Use(middleware.RouteAuthMiddleware())