fix: accept access token response
This commit is contained in:
@@ -306,6 +306,6 @@
|
||||
- 页面范围:`register.html`、`login.html`、`profile.html`、`profile-data.html`
|
||||
- 接口范围:`/genealogy/pc/auth/register`、`/genealogy/pc/auth/login`、`/genealogy/pc/auth/login/sms`、`/genealogy/pc/auth/profile`、`/genealogy/pc/auth/logout`
|
||||
- 地址契约:运行时唯一来源为 `config.js`;当前开发和生产地址均为 `http://182.61.18.23:8080`。
|
||||
- 流程结果:注册成功清除 token 并跳转 `login.html`;密码和短信登录必须取得 token 后跳转 `profile.html`;个人资料无 token 或收到 HTTP/业务 `401` 时清 token 并跳转 `index.html`;确认退出无论接口结果都清 token 并跳转 `index.html`。
|
||||
- 流程结果:注册成功清除 token 并跳转 `login.html`;当前登录响应从 `data.access_token` 取 JWT,且兼容 `token`、`accessToken`、`tokenValue` 后跳转 `profile.html`;个人资料无 token 或收到 HTTP/业务 `401` 时清 token 并跳转 `index.html`;确认退出无论接口结果都清 token 并跳转 `index.html`。
|
||||
- 修改文件:`tests/config.test.js`、`tests/utils.test.js`、`utils/ApiClient.js`、`tests/api-client.test.js`、`public/js/profile-pages.js`、`public/js/profile-common.js`、`profile.html`、`tests/profile-pages.test.js`、`tests/profile-logout-structure.test.js`。
|
||||
- 验证结果:`node tests/config.test.js`、`node tests/utils.test.js`、`node tests/api-client.test.js`、`node tests/auth-pages.test.js`、`node tests/profile-pages.test.js`、`node tests/profile-logout-structure.test.js`、`node --check utils/ApiClient.js`、`node --check public/js/profile-pages.js`、`node --check public/js/profile-common.js` 和全量 Node 测试均通过。
|
||||
|
||||
@@ -16,7 +16,7 @@ Complete the PC journey from registration through login and personal-profile ret
|
||||
|
||||
`utils/ApiClient.js` owns token persistence under `genealogy_auth_token`.
|
||||
|
||||
1. Successful password login and SMS login must receive a nonempty response token, persist it, and then allow navigation to `profile.html`.
|
||||
1. Successful password login and SMS login must receive a nonempty response token, persist it, and then allow navigation to `profile.html`. The current backend response uses `data.access_token`; the client also accepts `token`, `accessToken`, and `tokenValue` for declared compatibility.
|
||||
2. A login response without a token is an authentication failure. The login page remains in place and no profile navigation occurs.
|
||||
3. Successful registration removes any existing token and navigates to `login.html`. Registration never persists a response token.
|
||||
4. A failed registration leaves existing token storage unchanged.
|
||||
|
||||
@@ -178,6 +178,23 @@ async function run() {
|
||||
);
|
||||
assert.strictEqual(missingTokenStore.getItem('token-key'), null);
|
||||
|
||||
const snakeTokenStore = createStore();
|
||||
const snakeTokenClient = GenealogyApi.createClient({
|
||||
baseUrl: 'http://182.61.18.23:8080',
|
||||
clientId: 'client-x',
|
||||
tenantId: 'tenant-x',
|
||||
tokenKey: 'token-key',
|
||||
tokenStore: snakeTokenStore,
|
||||
axiosInstance: {
|
||||
request: async () => ({
|
||||
status: 200,
|
||||
data: { code: 200, data: { access_token: 'snake-token' } }
|
||||
})
|
||||
}
|
||||
});
|
||||
await snakeTokenClient.login({ phone: '13800000000', password: 'md5' });
|
||||
assert.strictEqual(snakeTokenStore.getItem('token-key'), 'snake-token');
|
||||
|
||||
store.setItem('token-key', 'logout-token');
|
||||
await client.logout();
|
||||
assert.strictEqual(calls[9].url, '/genealogy/pc/auth/logout');
|
||||
|
||||
+1
-1
@@ -52,7 +52,7 @@
|
||||
function getTokenFromResponse(data) {
|
||||
// 登录响应兼容后端已声明的多种 token 字段。
|
||||
if (!data) return '';
|
||||
return data.token || data.accessToken || data.tokenValue || '';
|
||||
return data.token || data.accessToken || data.access_token || data.tokenValue || '';
|
||||
}
|
||||
|
||||
function requireLoginToken(data) {
|
||||
|
||||
Reference in New Issue
Block a user