Improve security
This commit is contained in:
@@ -1,8 +1,28 @@
|
||||
import './assets/main.css'
|
||||
|
||||
import axios from 'axios'
|
||||
import { createApp } from 'vue'
|
||||
import App from './App.vue'
|
||||
import router from './router'
|
||||
|
||||
// A 401 means the server has rejected the token (missing, expired, or
|
||||
// revoked via logout/token_version bump elsewhere). Drop the stale session
|
||||
// and send the user back to login rather than leaving them on a page where
|
||||
// every request silently fails.
|
||||
axios.interceptors.response.use(
|
||||
(response) => response,
|
||||
(error) => {
|
||||
if (error.response?.status === 401) {
|
||||
localStorage.removeItem('user-token')
|
||||
localStorage.removeItem('user-id')
|
||||
if (router.currentRoute.value.name !== 'login') {
|
||||
router.push({ name: 'login' })
|
||||
}
|
||||
}
|
||||
return Promise.reject(error)
|
||||
}
|
||||
)
|
||||
|
||||
const app = createApp(App)
|
||||
|
||||
app.use(router)
|
||||
|
||||
Reference in New Issue
Block a user