@flun/html-template 4.4.1 → 4.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/customize/account.js +15 -3
- package/f-CHANGELOG.md +4 -4
- package/package.json +1 -1
package/customize/account.js
CHANGED
|
@@ -241,16 +241,28 @@ export const accountRouter = app => {
|
|
|
241
241
|
if (publicPaths.some(p => req.path.startsWith(p))) return next();
|
|
242
242
|
if (!req.session.userId) {
|
|
243
243
|
if (req.path.startsWith('/api/')) return res.status(401).json({ message: '请先登录' });
|
|
244
|
-
|
|
244
|
+
req.session.returnTo = req.originalUrl;
|
|
245
|
+
return res.redirect('/login');
|
|
245
246
|
}
|
|
246
247
|
|
|
248
|
+
const currentUser = getCurrentUser(req);
|
|
249
|
+
if (!currentUser) {
|
|
250
|
+
req.session.destroy(() => {
|
|
251
|
+
if (req.path.startsWith('/api/')) return res.status(401).json({ message: '用户不存在或已失效' });
|
|
252
|
+
return res.redirect('/login');
|
|
253
|
+
});
|
|
254
|
+
return;
|
|
255
|
+
}
|
|
256
|
+
|
|
257
|
+
const { user } = currentUser;
|
|
247
258
|
// 检查密码是否在本次登录后被修改
|
|
248
|
-
const { user } = getCurrentUser(req);
|
|
249
259
|
if (user?.passwordChangedAt) {
|
|
250
260
|
const sessionLoginTime = req.session.loginTime || 0;
|
|
251
261
|
if (user.passwordChangedAt > sessionLoginTime) {
|
|
252
262
|
req.session.destroy(() => {
|
|
253
|
-
if (req.path.startsWith('/api/'))
|
|
263
|
+
if (req.path.startsWith('/api/')) {
|
|
264
|
+
return res.status(401).json({ message: '密码已修改,请重新登录' });
|
|
265
|
+
}
|
|
254
266
|
return res.redirect('/login');
|
|
255
267
|
});
|
|
256
268
|
return;
|
package/f-CHANGELOG.md
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
# 变更日志
|
|
2
|
+
## [4.4.2] - 2026-05-31 15:08
|
|
3
|
+
### 修复
|
|
4
|
+
- 修复全局中间件中 `getCurrentUser(req)` 返回 `null` 时解构报错导致服务崩溃的问题,增加空值判断并自动清理无效登录态;
|
|
2
5
|
## [4.4.1] - 2026-05-31 14:39
|
|
3
6
|
### 优化
|
|
4
7
|
- 删除了 customize/routes.js 文件中上一次优化造成的冗余路由;
|
|
5
8
|
## [4.4.0] - 2026-05-31 14:25
|
|
6
9
|
### 优化
|
|
7
|
-
- 修改辅助功能(在线编辑css文件)中预览逻辑:删除单预览按钮,增加上、下、左、右和单页面预览按钮,及相关逻辑的全面优化,让体验更好;
|
|
8
|
-
## [4.3.1] - 2026-05-30 11:42
|
|
9
|
-
### 优化
|
|
10
|
-
- https启用成功后,不在打印证书路径,只给出成功提示;
|
|
10
|
+
- 修改辅助功能(在线编辑css文件)中预览逻辑:删除单预览按钮,增加上、下、左、右和单页面预览按钮,及相关逻辑的全面优化,让体验更好;
|