refactor(auth): migrate fully to HTTP-only cookie sessions

Remove client-side token storage and Authorization header injection Backend login now only returns user data, omitting the session token Remove Authorization from backend CORS allowed headers Clean up obsolete VITE_* environment variable fallbacks Update Modal component to use Vue useId() instead of Math.random()
2026-05-06 17:15:46 +08:00
parent f26cfdc830
commit fa656a8d02
24 changed files with 123 additions and 357 deletions
--- a/docker-compose.debug.yml
+++ b/docker-compose.debug.yml
@@ -81,8 +81,6 @@ services:
      NUXT_PUBLIC_API_BASE_URL: ${NUXT_PUBLIC_API_BASE_URL:-http://localhost:20016}
      NUXT_SERVER_API_BASE_URL: ${NUXT_SERVER_API_BASE_URL:-http://backend:3001}
      NUXT_PUBLIC_SITE_URL: ${NUXT_PUBLIC_SITE_URL:-http://localhost:20015}
-      VITE_API_BASE_URL: ${VITE_API_BASE_URL:-http://localhost:20016}
-      VITE_SITE_URL: ${VITE_SITE_URL:-http://localhost:20015}
    ports:
      - "20015:20015"
    volumes: