frontend/src/main.ts

import './assets/main.css'
import 'ant-design-vue/dist/reset.css'

import { createApp } from 'vue'
import { createPinia } from 'pinia'
import { createRouter, createWebHistory } from 'vue-router'
import { routes } from 'vue-router/auto-routes'

import App from './App.vue'
import { setTokenGetter } from './utils/request'
import { isAdminOnlyPath } from '@/constants/permissions'

const router = createRouter({
  history: createWebHistory(import.meta.env.BASE_URL),
  routes,
})

const pinia = createPinia()
const app = createApp(App)

app.use(pinia)
app.use(router)

// 注入 token 获取函数，使 request.ts 能读取内存中的 token（remember=false 场景）
import { useUserStore } from './stores/user'
setTokenGetter(() => useUserStore().token)

// 路由守卫
const authWhitelist = ['/login', '/register']

router.beforeEach(async (to) => {
  const { useUserStore } = await import('./stores/user')
  const userStore = useUserStore()

  // 白名单页面（登录/注册）
  if (authWhitelist.includes(to.path)) {
    if (userStore.isLoggedIn) {
      return '/'
    }
    return true
  }

  // 未登录跳转登录页
  if (!userStore.isLoggedIn) {
    return `/login?redirect=${to.fullPath}`
  }

  // 已登录但未获取用户信息
  if (!userStore.user) {
    try {
      await userStore.fetchCurrentUser()
    } catch {
      userStore.logout()
      return '/login'
    }
  }

  // 角色权限检查：非 admin 不能访问受限路由（前缀匹配）
  if (isAdminOnlyPath(to.path) && !userStore.isAdmin) {
    message.error('无权访问')
    return '/'
  }

  return true
})

app.mount('#app')
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
+								import './assets/main.css'
-											add front user register and login page
										
										
											2025-11-10 11:07:48 +08:00
+								import 'ant-design-vue/dist/reset.css'
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
 								import { createApp } from 'vue'
 								import { createPinia } from 'pinia'
-											add front user register and login page
										
										
											2025-11-10 11:07:48 +08:00
+								import { createRouter, createWebHistory } from 'vue-router'
 								import { routes } from 'vue-router/auto-routes'
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
 								import App from './App.vue'
-											Fix auth security: add request timeout, safe redirects, and memory-only token support.
										
										
											2026-03-18 14:55:37 +08:00
+								import { setTokenGetter } from './utils/request'
-											update home
										
										
											2026-04-03 15:13:24 +08:00
+								import { isAdminOnlyPath } from '@/constants/permissions'
-											add front user register and login page
										
										
											2025-11-10 11:07:48 +08:00
 								const router = createRouter({
 								  history: createWebHistory(import.meta.env.BASE_URL),
 								  routes,
 								})
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
-											frontend layout and infrastructure
										
										
											2026-03-18 13:53:36 +08:00
+								const pinia = createPinia()
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
+								const app = createApp(App)
-											frontend layout and infrastructure
										
										
											2026-03-18 13:53:36 +08:00
+								app.use(pinia)
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
+								app.use(router)
-											Fix auth security: add request timeout, safe redirects, and memory-only token support.
										
										
											2026-03-18 14:55:37 +08:00
+								// 注入 token 获取函数，使 request.ts 能读取内存中的 token（remember=false 场景）
 								import { useUserStore } from './stores/user'
 								setTokenGetter(() => useUserStore().token)
-											frontend layout and infrastructure
										
										
											2026-03-18 13:53:36 +08:00
+								// 路由守卫
 								const authWhitelist = ['/login', '/register']
 								router.beforeEach(async (to) => {
 								  const { useUserStore } = await import('./stores/user')
 								  const userStore = useUserStore()
 								  // 白名单页面（登录/注册）
 								  if (authWhitelist.includes(to.path)) {
 								    if (userStore.isLoggedIn) {
 								      return '/'
 								    }
 								    return true
 								  }
 								  // 未登录跳转登录页
 								  if (!userStore.isLoggedIn) {
 								    return `/login?redirect=${to.fullPath}`
 								  }
 								  // 已登录但未获取用户信息
 								  if (!userStore.user) {
 								    try {
 								      await userStore.fetchCurrentUser()
 								    } catch {
 								      userStore.logout()
 								      return '/login'
 								    }
 								  }
-											update home
										
										
											2026-04-03 15:13:24 +08:00
+								  // 角色权限检查：非 admin 不能访问受限路由（前缀匹配）
 								  if (isAdminOnlyPath(to.path) && !userStore.isAdmin) {
-											rbac-permission-interface-impl
										
										
											2026-03-19 08:44:32 +08:00
+								    message.error('无权访问')
 								    return '/'
 								  }
-											frontend layout and infrastructure
										
										
											2026-03-18 13:53:36 +08:00
+								  return true
 								})
-											dataflow project init commit
										
										
											2025-11-05 16:34:40 +08:00
+								app.mount('#app')