fix(audit): P1 心跳自启动 + refreshToken body + 类型修复
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
审计修复 Batch 2 (M4-03/M7-04/M11-01):
M4-03: 心跳引擎自动启动
- chat.rs auto-init 块: engine 创建后立即 start()
- 通过 engines.get() 获取引用避免 move 后使用
M7-04: refreshToken 发送 body 修复
- SaaSClient 新增 refreshTokenValue 存储 refresh_token
- refreshToken() 发送 { refresh_token } body
- SaaSRefreshResponse 新增 refresh_token 字段
- login/register 自动存储 refresh_token
- 添加 getRefreshToken/setRefreshToken 访问器
M11-01: blocking_lock 死锁修复 (已存在)
- 确认 try_lock + Result 匹配模式已正确
This commit is contained in:
iven
@@ -133,6 +133,7 @@ export type {
|
||||
export class SaaSClient {
|
||||
private baseUrl: string;
|
||||
private token: string | null = null;
|
||||
private refreshTokenValue: string | null = null;
|
||||
|
||||
/**
|
||||
* Refresh mutex: shared Promise to prevent concurrent token refresh.
|
||||
@@ -172,6 +173,16 @@ export class SaaSClient {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
/** Set or clear the refresh token (in-memory only, never persisted) */
|
||||
setRefreshToken(token: string | null): void {
|
||||
this.refreshTokenValue = token;
|
||||
}
|
||||
|
||||
/** Get the current refresh token */
|
||||
getRefreshToken(): string | null {
|
||||
return this.refreshTokenValue;
|
||||
}
|
||||
|
||||
/** Check if the client is authenticated (token in memory or cookie-based) */
|
||||
isAuthenticated(): boolean {
|
||||
return !!this.token || this._cookieAuth;
|
||||
|
||||
Reference in New Issue
Block a user