3
0
Fork 0

fix(share): 分享注册登录漏洞完善,不允许临时toke, 登录非白名单页面。

This commit is contained in:
woody 2025-09-04 16:06:01 +08:00
parent bd55058227
commit 0a062e5ef4
4 changed files with 22 additions and 3 deletions

View File

@ -1,9 +1,7 @@
<script>
import { setToken } from '@/config/auth.js'
import { setToken, removeToken } from '@/config/auth.js'
export default {
onLaunch: function (options) {
//
if (options.query?.token) {
setToken(options.query?.token)
console.log('🌈ad', options.query?.token)
@ -20,6 +18,11 @@ export default {
'pages/pay/success',
]
if (whiteList.indexOf(options.path) !== -1) return
const isRegiestLogin = uni.getStorageSync('regiest-login')
if (isRegiestLogin === 1) {
uni.removeStorageSync('regiest-login')
removeToken()
}
this.$store.dispatch('GetInfo')
this.$store.dispatch('getCarLength')
uni.hideTabBar({})

View File

@ -78,6 +78,20 @@ module.exports = vm => {
})
}, 1500)
} else if (data.code == 500) {
if (['/member/api/member/get-info'].includes(response?.config?.url)) {
uni.showToast({
title: '登录失败',
icon: 'none',
duration: 500,
})
setTimeout(() => {
uni.reLaunch({
url: '/pages/login/index',
})
}, 500)
removeToken()
return data
}
uni.$u.toast(data.msg)
return data
} else {

View File

@ -166,6 +166,7 @@ export default {
}).then(res => {
uni.setStorageSync('username', memberCode)
setToken(res.data.access_token)
uni.removeStorageSync('regiest-login')
store.dispatch('GetInfo').then(res => {
uni.switchTab({ url: '/pages/index/index' })
})

View File

@ -82,6 +82,7 @@ export default {
})
.then(res => {
setToken(res.data.access_token, res.data.expires_in)
uni.setStorageSync('regiest-login', '1')
this.getList()
this.getCode()
})