Init frontend: Vue 3 + Vite member.ose.tw

建立完整前端架構： - 配置 Vite + Vue 3 + Element Plus + Tailwind - 實作 API 模層（axios interceptor + Bearer/Key 認證） - 狀態管理：auth store（用戶登入狀態）、permission store（權限快照 & Admin 認證） - 路由守衛：/me* 需 Bearer token，/admin* 不強制 - 完成三個頁面：登入、我的資料、我的權限快照、權限 grant/revoke 管理 - 全面錯誤處理與 UI 提示（401/403/404/503 對應訊息） Checklist 完成度： ✓ A.初始化（http.js、auth/permission store、.env） ✓ B.API 對接（/me、/me/permissions/snapshot、grant、revoke） ✓ C.頁面三組件 ✓ D.行為驗證（Token 過期、自動刷新、錯誤提示） ✓ E.交付條件（獨立刷新、錯誤 UI、loading/success 狀態） Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-29 23:26:58 +08:00
parent d1a5ad2819
commit d26762be5d
22 changed files with 3795 additions and 0 deletions
--- a/frontend/src/stores/auth.js
+++ b/frontend/src/stores/auth.js
@@ -0,0 +1,29 @@
+import { defineStore } from 'pinia'
+import { ref, computed } from 'vue'
+import { getMe } from '@/api/me'
+
+export const useAuthStore = defineStore('auth', () => {
+  const accessToken = ref(localStorage.getItem('access_token') || null)
+  const me = ref(null)
+
+  const isLoggedIn = computed(() => !!accessToken.value)
+
+  function setToken(token) {
+    accessToken.value = token
+    localStorage.setItem('access_token', token)
+  }
+
+  async function fetchMe() {
+    const res = await getMe()
+    me.value = res.data
+    return res.data
+  }
+
+  function logout() {
+    accessToken.value = null
+    me.value = null
+    localStorage.removeItem('access_token')
+  }
+
+  return { accessToken, me, isLoggedIn, setToken, fetchMe, logout }
+})
--- a/frontend/src/stores/permission.js
+++ b/frontend/src/stores/permission.js
@@ -0,0 +1,54 @@
+import { defineStore } from 'pinia'
+import { ref } from 'vue'
+import { getMyPermissionSnapshot } from '@/api/me'
+import { grantPermission, revokePermission } from '@/api/permission-admin'
+
+export const usePermissionStore = defineStore('permission', () => {
+  const snapshot = ref(null)
+  const adminClientKey = ref(sessionStorage.getItem('admin_client_key') || '')
+  const adminApiKey = ref(sessionStorage.getItem('admin_api_key') || '')
+
+  const hasAdminCreds = () => !!(adminClientKey.value && adminApiKey.value)
+
+  async function fetchMySnapshot() {
+    const res = await getMyPermissionSnapshot()
+    snapshot.value = res.data
+    return res.data
+  }
+
+  function setAdminCreds(clientKey, apiKey) {
+    adminClientKey.value = clientKey
+    adminApiKey.value = apiKey
+    sessionStorage.setItem('admin_client_key', clientKey)
+    sessionStorage.setItem('admin_api_key', apiKey)
+  }
+
+  function clearAdminCreds() {
+    adminClientKey.value = ''
+    adminApiKey.value = ''
+    sessionStorage.removeItem('admin_client_key')
+    sessionStorage.removeItem('admin_api_key')
+  }
+
+  async function grant(data) {
+    const res = await grantPermission(data)
+    return res.data
+  }
+
+  async function revoke(data) {
+    const res = await revokePermission(data)
+    return res.data
+  }
+
+  return {
+    snapshot,
+    adminClientKey,
+    adminApiKey,
+    hasAdminCreds,
+    fetchMySnapshot,
+    setAdminCreds,
+    clearAdminCreds,
+    grant,
+    revoke
+  }
+})