fix(mp): auth storage 明文回退 + 首页医护跳转防重入

- auth store restore() 增加 storageGet() 回退：_es_ 加密键为空时尝试明文键（兼容 MCP 注入等场景），修复 inject_auth 后功能表面化 - Index 首页医护 reLaunch 添加 redirectingRef 防重入，避免 DevTools 中重复 reLaunch 导致卡死
2026-05-21 17:54:53 +08:00
parent b0f96258ee
commit d213afc649
2 changed files with 15 additions and 5 deletions
--- a/apps/miniprogram/src/pages/index/index.tsx
+++ b/apps/miniprogram/src/pages/index/index.tsx
@@ -1,5 +1,5 @@
 import { View, Text, Swiper, SwiperItem, Image } from '@tarojs/components';
-import { useState } from 'react';
+import { useState, useRef } from 'react';
 import Taro, { useDidShow, useDidHide } from '@tarojs/taro';
 import { safeNavigateTo } from '@/utils/navigate';
 import { useAuthStore } from '../../stores/auth';
@@ -347,12 +347,15 @@ export default function Index() {
  // 医护人员访问患者首页时，自动跳转到医生端
  // 不渲染 HomeDashboard，避免触发患者首页的 API 请求（并发叠加问题）
  const shouldRedirect = !!(user && isMedicalStaff());
+  const redirectingRef = useRef(false);

  useDidShow(() => {
-    if (shouldRedirect) {
+    if (shouldRedirect && !redirectingRef.current) {
+      redirectingRef.current = true;
      Taro.reLaunch({
        url: '/pages/pkg-doctor-core/index',
        fail: () => {
+          redirectingRef.current = false;
          console.warn('跳转医生端失败，停留患者首页');
        },
      });
--- a/apps/miniprogram/src/stores/auth.ts
+++ b/apps/miniprogram/src/stores/auth.ts
@@ -3,6 +3,13 @@ import Taro from '@tarojs/taro';
 import * as authApi from '@/services/auth';
 import { secureGet, secureSet, secureRemove } from '@/utils/secure-storage';
 import { clearRequestCache, markLoggingOut, clearLoggingOut, setCachedPatientId } from '@/services/request';
+
+// secureGet fallback: _es_ 加密键为空时尝试明文键（兼容 MCP 注入等场景）
+function storageGet(key: string): string {
+  const val = secureGet(key);
+  if (val) return val;
+  return Taro.getStorageSync(key) || '';
+}
 import { resetAllStores } from './index';

 // --- 内存缓存，避免每次 Tab 切换重复 Storage IPC + JSON.parse ---
@@ -81,19 +88,19 @@ export const useAuthStore = create<AuthState>((set, get) => ({
  restore: () => {
    // 利用内存缓存避免重复 Storage IPC + JSON.parse
    try {
-      const userData = secureGet('user_data');
+      const userData = storageGet('user_data');
      if (userData !== cachedUserJson) {
        cachedUserJson = userData;
        cachedUserObj = userData ? JSON.parse(userData) : null;
      }
-      const rolesData = secureGet('user_roles');
+      const rolesData = storageGet('user_roles');
      if (rolesData !== cachedRolesJson) {
        cachedRolesJson = rolesData;
        cachedRolesObj = rolesData ? JSON.parse(rolesData) : [];
      }
    } catch { /* secure storage 不可用时保持默认值 */ }
    try {
-      const patientStr = secureGet('current_patient');
+      const patientStr = storageGet('current_patient');
      let patientRaw = patientStr ? JSON.parse(patientStr) : null;
      const patientJson = patientRaw ? JSON.stringify(patientRaw) : '';
      if (patientJson !== cachedPatientJson) {