Kingsmai/pokopiawiki.tootaio.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): migrate fully to HTTP-only cookie sessions

Browse Source 
Remove client-side token storage and Authorization header injection
Backend login now only returns user data, omitting the session token
Remove Authorization from backend CORS allowed headers
Clean up obsolete VITE_* environment variable fallbacks
Update Modal component to use Vue useId() instead of Math.random()
This commit is contained in:
xiaomai
2026-05-06 17:15:46 +08:00
parent f26cfdc830
commit fa656a8d02
24 changed files with 123 additions and 357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
frontend/src/views/DishView.vue
View File

@@ -13,7 +13,6 @@ import TranslationFields from '../components/TranslationFields.vue';
import { iconAdd, iconCancel, iconDelete, iconDish, iconEdit, iconItem, iconSave } from '../icons';
import {
api,
getAuthToken,
type AuthUser,
type Dish,
type DishCategory,
@@ -301,12 +300,10 @@ async function loadEditorOptions() {
async function loadPage() {
loading.value = true;
if (getAuthToken()) {
try {
currentUser.value = (await api.me()).user;
} catch {
currentUser.value = null;
}
try {
currentUser.value = (await api.me()).user;
} catch {
currentUser.value = null;
}
await Promise.all([initialCategoriesLoaded.value ? Promise.resolve() : loadDish(), loadEditorOptions()]);
}