Kingsmai/pokopiawiki.tootaio.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): migrate fully to HTTP-only cookie sessions

Browse Source 
Remove client-side token storage and Authorization header injection
Backend login now only returns user data, omitting the session token
Remove Authorization from backend CORS allowed headers
Clean up obsolete VITE_* environment variable fallbacks
Update Modal component to use Vue useId() instead of Math.random()
This commit is contained in:
xiaomai
2026-05-06 17:15:46 +08:00
parent f26cfdc830
commit fa656a8d02
24 changed files with 123 additions and 357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
frontend/src/views/PokemonList.vue
View File

@@ -10,7 +10,7 @@ import PageHeader from '../components/PageHeader.vue';
import Skeleton from '../components/Skeleton.vue';
import TagsSelect from '../components/TagsSelect.vue';
import { iconAdd } from '../icons';
import { api, getAuthToken, type AuthUser, type ListPage, type Options, type Pokemon } from '../services/api';
import { api, type AuthUser, type ListPage, type Options, type Pokemon } from '../services/api';
import PokemonEdit from './PokemonEdit.vue';
const props = defineProps<{
@@ -158,12 +158,10 @@ function pokemonCardImage(item: Pokemon) {
}
onMounted(async () => {
if (getAuthToken()) {
try {
currentUser.value = (await api.me()).user;
} catch {
currentUser.value = null;
}
try {
currentUser.value = (await api.me()).user;
} catch {
currentUser.value = null;
}
if (!options.value) {
try {