fix: 修复多角色找茬测试 V2 发现的 11 个问题
P0 (CRITICAL): - C1: 统计 API 全部改为 safe_aggregate 容错,防止单个子查询崩溃导致 500 - C2: Token 刷新增加用户身份验证,防止并发场景下身份切换 - C3: 患者端线下活动接口添加患者档案验证,防止 Doctor/HM 越权访问 P1 (HIGH): - H1: 操作记录用 EntityName 组件解析用户名,不再显示截断 UUID - H4: 告警标题添加中英文映射 (translateAlertTitle) - H5: 告警面板补全 message import + 修复 hooks 顺序 - H8: 咨询消息发送按钮添加 AuthButton 权限控制 - H9: routeConfig 日常监测权限码改为 health.daily-monitoring.* P2 (MEDIUM): - M4: 咨询类型映射补全 online/phone/doctor/follow_up 中文标签 DTO: LabReportStatisticsResp, AppointmentStatisticsResp, VitalSignsReportRateResp 添加 Default derive
This commit is contained in:
iven
@@ -1,5 +1,5 @@
|
||||
import axios from 'axios';
|
||||
import { message as antMessage } from 'antd';
|
||||
import axios from "axios";
|
||||
import { message as antMessage } from "antd";
|
||||
|
||||
// 请求缓存:短时间内相同请求复用结果
|
||||
interface CacheEntry {
|
||||
@@ -10,26 +10,30 @@ interface CacheEntry {
|
||||
const requestCache = new Map<string, CacheEntry>();
|
||||
const CACHE_TTL = 5000; // 5 秒缓存
|
||||
|
||||
function getCacheKey(config: { url?: string; params?: unknown; method?: string }): string {
|
||||
return `${config.method || 'get'}:${config.url || ''}:${JSON.stringify(config.params || {})}`;
|
||||
function getCacheKey(config: {
|
||||
url?: string;
|
||||
params?: unknown;
|
||||
method?: string;
|
||||
}): string {
|
||||
return `${config.method || "get"}:${config.url || ""}:${JSON.stringify(config.params || {})}`;
|
||||
}
|
||||
|
||||
const defaultAdapter = axios.getAdapter(axios.defaults.adapter);
|
||||
|
||||
const client = axios.create({
|
||||
baseURL: '/api/v1',
|
||||
baseURL: "/api/v1",
|
||||
timeout: 10000,
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
headers: { "Content-Type": "application/json" },
|
||||
adapter: (config) => {
|
||||
// GET 请求检查缓存
|
||||
if (config.method === 'get' && config.url) {
|
||||
if (config.method === "get" && config.url) {
|
||||
const key = getCacheKey(config);
|
||||
const entry = requestCache.get(key);
|
||||
if (entry && Date.now() - entry.timestamp < CACHE_TTL) {
|
||||
return Promise.resolve({
|
||||
data: entry.data,
|
||||
status: 200,
|
||||
statusText: 'OK (cached)',
|
||||
statusText: "OK (cached)",
|
||||
headers: {} as any,
|
||||
config,
|
||||
});
|
||||
@@ -40,11 +44,15 @@ const client = axios.create({
|
||||
});
|
||||
|
||||
// Decode JWT payload without external library
|
||||
function decodeJwtPayload(token: string): { exp?: number } | null {
|
||||
function decodeJwtPayload(
|
||||
token: string,
|
||||
): { exp?: number; sub?: string } | null {
|
||||
try {
|
||||
const parts = token.split('.');
|
||||
const parts = token.split(".");
|
||||
if (parts.length !== 3) return null;
|
||||
const payload = JSON.parse(atob(parts[1].replace(/-/g, '+').replace(/_/g, '/')));
|
||||
const payload = JSON.parse(
|
||||
atob(parts[1].replace(/-/g, "+").replace(/_/g, "/")),
|
||||
);
|
||||
return payload;
|
||||
} catch {
|
||||
return null;
|
||||
@@ -60,26 +68,38 @@ function isTokenExpiringSoon(token: string): boolean {
|
||||
|
||||
// Request interceptor: attach access token + proactive refresh
|
||||
client.interceptors.request.use(async (config) => {
|
||||
const token = localStorage.getItem('access_token');
|
||||
const token = localStorage.getItem("access_token");
|
||||
if (token) {
|
||||
// If token is about to expire, proactively refresh before sending the request
|
||||
if (isTokenExpiringSoon(token)) {
|
||||
const refreshToken = localStorage.getItem('refresh_token');
|
||||
const refreshToken = localStorage.getItem("refresh_token");
|
||||
if (refreshToken && !isRefreshing) {
|
||||
isRefreshing = true;
|
||||
try {
|
||||
const { data } = await axios.post('/api/v1/auth/refresh', {
|
||||
const { data } = await axios.post("/api/v1/auth/refresh", {
|
||||
refresh_token: refreshToken,
|
||||
});
|
||||
const newAccess = data.data.access_token;
|
||||
const newRefresh = data.data.refresh_token;
|
||||
localStorage.setItem('access_token', newAccess);
|
||||
localStorage.setItem('refresh_token', newRefresh);
|
||||
|
||||
// 验证新 token 的用户身份一致
|
||||
const currentUserSub = decodeJwtPayload(token)?.sub;
|
||||
const newTokenSub = decodeJwtPayload(newAccess)?.sub;
|
||||
if (currentUserSub && newTokenSub && currentUserSub !== newTokenSub) {
|
||||
localStorage.removeItem("access_token");
|
||||
localStorage.removeItem("refresh_token");
|
||||
localStorage.removeItem("user");
|
||||
window.location.hash = "/login";
|
||||
return Promise.reject(new Error("身份验证失败,请重新登录"));
|
||||
}
|
||||
|
||||
localStorage.setItem("access_token", newAccess);
|
||||
localStorage.setItem("refresh_token", newRefresh);
|
||||
processQueue(null, newAccess);
|
||||
config.headers.Authorization = `Bearer ${newAccess}`;
|
||||
return config;
|
||||
} catch {
|
||||
processQueue(new Error('refresh failed'), null);
|
||||
processQueue(new Error("refresh failed"), null);
|
||||
// Continue with old token, let 401 handler deal with it
|
||||
} finally {
|
||||
isRefreshing = false;
|
||||
@@ -96,7 +116,7 @@ client.interceptors.request.use(async (config) => {
|
||||
client.interceptors.response.use(
|
||||
(response) => {
|
||||
// 缓存 GET 响应
|
||||
if (response.config.method === 'get' && response.config.url) {
|
||||
if (response.config.method === "get" && response.config.url) {
|
||||
const key = getCacheKey(response.config);
|
||||
requestCache.set(key, { data: response.data, timestamp: Date.now() });
|
||||
}
|
||||
@@ -104,7 +124,11 @@ client.interceptors.response.use(
|
||||
},
|
||||
async (error) => {
|
||||
const originalRequest = error.config;
|
||||
if (error.response?.status === 401 && !originalRequest._retry && !originalRequest.url?.includes('/auth/login')) {
|
||||
if (
|
||||
error.response?.status === 401 &&
|
||||
!originalRequest._retry &&
|
||||
!originalRequest.url?.includes("/auth/login")
|
||||
) {
|
||||
if (isRefreshing) {
|
||||
return new Promise((resolve, reject) => {
|
||||
failedQueue.push({ resolve, reject });
|
||||
@@ -118,18 +142,33 @@ client.interceptors.response.use(
|
||||
isRefreshing = true;
|
||||
|
||||
try {
|
||||
const refreshToken = localStorage.getItem('refresh_token');
|
||||
if (!refreshToken) throw new Error('No refresh token');
|
||||
const refreshToken = localStorage.getItem("refresh_token");
|
||||
if (!refreshToken) throw new Error("No refresh token");
|
||||
|
||||
const { data } = await axios.post('/api/v1/auth/refresh', {
|
||||
const { data } = await axios.post("/api/v1/auth/refresh", {
|
||||
refresh_token: refreshToken,
|
||||
});
|
||||
|
||||
const newAccessToken = data.data.access_token;
|
||||
const newRefreshToken = data.data.refresh_token;
|
||||
|
||||
localStorage.setItem('access_token', newAccessToken);
|
||||
localStorage.setItem('refresh_token', newRefreshToken);
|
||||
// 验证新 token 的用户身份与当前用户一致,防止并发场景下身份切换
|
||||
const currentToken = localStorage.getItem("access_token");
|
||||
const currentUserSub = currentToken
|
||||
? decodeJwtPayload(currentToken)?.sub
|
||||
: null;
|
||||
const newTokenSub = decodeJwtPayload(newAccessToken)?.sub;
|
||||
if (currentUserSub && newTokenSub && currentUserSub !== newTokenSub) {
|
||||
// 身份不一致,强制登出
|
||||
localStorage.removeItem("access_token");
|
||||
localStorage.removeItem("refresh_token");
|
||||
localStorage.removeItem("user");
|
||||
window.location.hash = "/login";
|
||||
return Promise.reject(new Error("身份验证失败,请重新登录"));
|
||||
}
|
||||
|
||||
localStorage.setItem("access_token", newAccessToken);
|
||||
localStorage.setItem("refresh_token", newRefreshToken);
|
||||
|
||||
processQueue(null, newAccessToken);
|
||||
|
||||
@@ -137,9 +176,9 @@ client.interceptors.response.use(
|
||||
return client(originalRequest);
|
||||
} catch (refreshError) {
|
||||
processQueue(refreshError, null);
|
||||
localStorage.removeItem('access_token');
|
||||
localStorage.removeItem('refresh_token');
|
||||
window.location.hash = '/login';
|
||||
localStorage.removeItem("access_token");
|
||||
localStorage.removeItem("refresh_token");
|
||||
window.location.hash = "/login";
|
||||
return Promise.reject(refreshError);
|
||||
} finally {
|
||||
isRefreshing = false;
|
||||
@@ -147,7 +186,7 @@ client.interceptors.response.use(
|
||||
}
|
||||
|
||||
return Promise.reject(error);
|
||||
}
|
||||
},
|
||||
);
|
||||
|
||||
// 全局错误提示(仅对未被组件处理的错误显示)
|
||||
@@ -156,12 +195,14 @@ function showGlobalError(msg: string) {
|
||||
// 防止短时间内弹出大量相同提示
|
||||
if (globalErrorTimer) return;
|
||||
antMessage.error(msg, 3);
|
||||
globalErrorTimer = setTimeout(() => { globalErrorTimer = null; }, 3000);
|
||||
globalErrorTimer = setTimeout(() => {
|
||||
globalErrorTimer = null;
|
||||
}, 3000);
|
||||
}
|
||||
|
||||
// 全局错误拦截 — 在响应拦截器之后、组件 catch 之前执行
|
||||
// 组件可通过 axios config 中设置 skipGlobalError: true 来抑制全局提示
|
||||
declare module 'axios' {
|
||||
declare module "axios" {
|
||||
interface InternalAxiosRequestConfig {
|
||||
skipGlobalError?: boolean;
|
||||
}
|
||||
@@ -174,16 +215,16 @@ client.interceptors.response.use(
|
||||
return Promise.reject(error);
|
||||
}
|
||||
if (!error.response) {
|
||||
showGlobalError('网络连接异常,请检查网络');
|
||||
showGlobalError("网络连接异常,请检查网络");
|
||||
} else if (error.response.status === 403) {
|
||||
// 403 通常是权限不足,不全局提示 — 组件层通过 AuthButton 已隐藏操作入口
|
||||
} else if (error.response.status === 404) {
|
||||
// 404 通常由组件自行处理(如跳转),不全局提示
|
||||
} else if (error.response.status >= 500) {
|
||||
showGlobalError('服务器异常,请稍后重试');
|
||||
showGlobalError("服务器异常,请稍后重试");
|
||||
}
|
||||
return Promise.reject(error);
|
||||
}
|
||||
},
|
||||
);
|
||||
|
||||
let isRefreshing = false;
|
||||
@@ -206,9 +247,10 @@ export function clearApiCache() {
|
||||
}
|
||||
|
||||
// 通用错误处理:提取后端错误消息并展示
|
||||
export function handleApiError(err: unknown, fallback = '操作失败'): string {
|
||||
export function handleApiError(err: unknown, fallback = "操作失败"): string {
|
||||
const msg =
|
||||
(err as { response?: { data?: { message?: string } } })?.response?.data?.message || fallback;
|
||||
(err as { response?: { data?: { message?: string } } })?.response?.data
|
||||
?.message || fallback;
|
||||
antMessage.error(msg);
|
||||
return msg;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user