fix(share): 分享注册登录漏洞完善，不允许临时toke， 登录非白名单页面。

App.vue

@@ -1,9 +1,7 @@
 <script>
-import { setToken } from '@/config/auth.js'
+import { setToken, removeToken } from '@/config/auth.js'
 export default {
   onLaunch: function (options) {
-    // 分享注册
-
     if (options.query?.token) {
       setToken(options.query?.token)
       console.log('🌈ad', options.query?.token)
@@ -20,6 +18,11 @@ export default {
       'pages/pay/success',
     ]
     if (whiteList.indexOf(options.path) !== -1) return
+    const isRegiestLogin = uni.getStorageSync('regiest-login')
+    if (isRegiestLogin === 1) {
+      uni.removeStorageSync('regiest-login')
+      removeToken()
+    }
     this.$store.dispatch('GetInfo')
     this.$store.dispatch('getCarLength')
     uni.hideTabBar({})

config/request.js

@@ -78,6 +78,20 @@ module.exports = vm => {
           })
         }, 1500)
       } else if (data.code == 500) {
+        if (['/member/api/member/get-info'].includes(response?.config?.url)) {
+          uni.showToast({
+            title: '登录失败',
+            icon: 'none',
+            duration: 500,
+          })
+          setTimeout(() => {
+            uni.reLaunch({
+              url: '/pages/login/index',
+            })
+          }, 500)
+          removeToken()
+          return data
+        }
         uni.$u.toast(data.msg)
         return data
       } else {

pages/pay/success.vue

@@ -166,6 +166,7 @@ export default {
       }).then(res => {
         uni.setStorageSync('username', memberCode)
         setToken(res.data.access_token)
+        uni.removeStorageSync('regiest-login')
         store.dispatch('GetInfo').then(res => {
           uni.switchTab({ url: '/pages/index/index' })
         })

pages/shareArea/hiList.vue

@@ -82,6 +82,7 @@ export default {
         })
         .then(res => {
           setToken(res.data.access_token, res.data.expires_in)
+          uni.setStorageSync('regiest-login', '1')
           this.getList()
           this.getCode()
         })