OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v4
v3
v2
v1.2.0
v1.1.0
v1.1.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4bb1283a0a'
${ noResults }
OneAuth/ui/vbase.js

302 lines
7.6 KiB
JavaScript
Raw Normal View History Unescape Escape

refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
/**
* VBase - Scoped RBAC 权限管理客户端
* 对应后端: github.com/veypi/vigo/contrib/auth.Auth 接口
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
*
* Token 基于 HttpOnly Cookie 管理JS 不可读防沙箱泄露
* 非浏览器客户端仍可通过 Authorization header 传递 token
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
*/
// 权限等级常量 (与后端一致)
export const Level = {
None: 0,
Create: 1, // 001 创建 (奇数层)
Read: 2, // 010 读取 (偶数层)
Write: 4, // 100 写入 (偶数层)
ReadWrite: 6, // 110 读写 (偶数层)
Admin: 7, // 111 管理员 (完全控制)
};
feat: 全新UI框架升级和页面重构
4 months ago
class VBase {
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
constructor(scope, baseURL, login_page, users = {}) {
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
if (!scope) throw new Error('VBase: scope is required');
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
if (!baseURL) baseURL = window.location.origin;
if (baseURL === '' || baseURL === '/') baseURL = window.location.origin;
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
this.baseURL = baseURL;
this.scope = scope;
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
this.login_page = login_page || (baseURL + '/login');
this.userKey = 'vbase_user';
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
this.users = users;
fix: 修复路由和页面加载问题
4 months ago
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
this._user = null;
try {
const cached = JSON.parse(localStorage.getItem(this.userKey));
if (cached) {
this._user = cached;
this._cachePublicUser(cached);
}
} catch (e) {}
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
this._pendingUserIDs = new Set();
this._loadingUserIDs = new Set();
this._resolvedUserIDs = new Set();
this._pendingUserFlush = null;
fix: 修复路由和页面加载问题
4 months ago
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
// 验证登录状态
this.fetchUser().catch(() => {});
fix: 修复路由和页面加载问题
4 months ago
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
// ========== Getters / Setters ==========
get user() { return this._user; }
fix: 修复路由和页面加载问题
4 months ago
set user(val) {
this._user = val;
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
if (val) {
localStorage.setItem(this.userKey, JSON.stringify(val));
} else {
localStorage.removeItem(this.userKey);
}
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
this._cachePublicUser(val);
fix: 修复路由和页面加载问题
4 months ago
}
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
// ========== API 请求 ==========
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
fix: 修复路由和页面加载问题
4 months ago
async request(method, path, data = null, headers = {}) {
const url = `${this.baseURL}${path}`;
const config = {
method,
headers: {
'Content-Type': 'application/json',
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
...headers,
},
fix: 修复路由和页面加载问题
4 months ago
};
if (data) config.body = JSON.stringify(data);
const response = await fetch(url, config);
const resData = await response.json();
if (!response.ok) {
const error = new Error(resData.message || `Request failed: ${response.status}`);
Object.assign(error, resData);
throw error;
}
if (resData.code && resData.code !== 200) {
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
const error = new Error(resData.message || 'API Error');
Object.assign(error, resData);
throw error;
fix: 修复路由和页面加载问题
4 months ago
}
return resData.data || resData;
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
// ========== 认证 ==========
/** 用户名密码登录 */
fix: 修复路由和页面加载问题
4 months ago
async login(username, password) {
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
const data = await this.request('POST', '/api/auth/login', { username, password });
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
if (data.user) {
this.user = data.user;
await this.fetchUser();
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
return true;
fix: 修复路由和页面加载问题
4 months ago
}
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
return false;
fix: 修复路由和页面加载问题
4 months ago
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** OAuth 回调 */
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
async oauthCallback(provider, code, state) {
const data = await this.request('GET', `/api/auth/callback/${provider}?code=${code}&state=${state}`);
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
if (data.user) {
this.user = data.user;
await this.fetchUser();
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
}
return data;
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** 绑定已有账号 */
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
async bindAccount(tempToken, username, password) {
const data = await this.request('POST', '/api/auth/bind', {
temp_token: tempToken,
username,
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
password,
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
});
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
if (data.user) {
this.user = data.user;
await this.fetchUser();
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
}
return data;
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** 绑定并注册 */
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
async bindRegister(tempToken, username, email) {
const data = await this.request('POST', '/api/auth/bind-register', {
temp_token: tempToken,
username,
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
email,
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
});
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
if (data.user) {
this.user = data.user;
await this.fetchUser();
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
}
return data;
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** 登出 */
fix: 修复路由和页面加载问题
4 months ago
async logout(redirect) {
try {
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
await this.request('POST', '/api/auth/logout');
fix: 修复路由和页面加载问题
4 months ago
} catch (e) {
console.warn('Logout API failed', e);
} finally {
this.clear();
feat(ui): Add OAuth callback page and improve auth flow - Add new OAuth callback page with loading states and error handling - Create reusable icon component (ico.html) for SVG icons - Remove deprecated public.html layout, merge into default - Update login page with improved third-party auth integration - Add i18n translations for OAuth-related messages - Update routes to include callback page and handle auth redirects - Enhance vbase.js with OAuth utilities and token management
3 months ago
const redirectUrl = redirect || window.location.pathname + window.location.search;
location.href = this.login_page + '?redirect=' + encodeURIComponent(redirectUrl);
fix: 修复路由和页面加载问题
4 months ago
}
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** Token 刷新(后端自动处理,前端可主动调用) */
fix: 修复路由和页面加载问题
4 months ago
async refresh() {
try {
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
await this.request('POST', '/api/auth/refresh', {});
return true;
fix: 修复路由和页面加载问题
4 months ago
} catch (e) {
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
return false;
fix: 修复路由和页面加载问题
4 months ago
}
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** 获取当前用户信息及权限 */
fix: 修复路由和页面加载问题
4 months ago
async fetchUser() {
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
try {
const user = await this.request('GET', '/api/auth/me');
this.user = user;
return user;
} catch (e) {
this.clear();
throw e;
}
fix: 修复路由和页面加载问题
4 months ago
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
/** 清除登录状态 */
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
clear() {
this.user = null;
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
for (const id of Object.keys(this.users)) {
delete this.users[id];
}
this._pendingUserIDs.clear();
this._loadingUserIDs.clear();
this._resolvedUserIDs.clear();
this._pendingUserFlush = null;
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
// ========== 用户 ==========
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
User(id) {
if (!id) return {};
if (!this.users[id]) {
this.users[id] = {};
}
if (!this._resolvedUserIDs.has(id) && !this._loadingUserIDs.has(id)) {
this._pendingUserIDs.add(id);
if (!this._pendingUserFlush) {
this._pendingUserFlush = Promise.resolve().then(() => this._flushUserRequests());
}
}
return this.users[id];
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
}
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
// ========== 权限检查 ==========
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
Perm(code, level = Level.Read) {
fix: 修复路由和页面加载问题
4 months ago
if (!this.user) return false;
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
if (!code) return true;
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
const perms = this.user.permissions || [];
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
return this._checkPermissionLevel(perms, code, level);
}
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
refactor(auth): Migrate token delivery to HttpOnly Cookie with version-based revocation - Replace JWT in response body with HttpOnly Cookie (vb_access/vb_refresh) to prevent XSS token theft - Add Redis-based token version management with ±1 tolerance for multi-tab concurrent refresh - Implement strict refresh token rotation: version must match exactly, increment on each refresh - Simplify JWT Claims to only carry UserID + Type + Version, remove user profile fields - Remove session-based token tracking and cache blacklist in favor of version increment revocation - Remove getAuthHeaders, wrapAxios, wrapFetch, isExpired from frontend VBase client - Remove client-side token/localStorage management, frontend now relies on Cookie auto-attach - Add CookiePath config option and change default access token expiry from 24h to 15min - Update Vigo app initialization to use functional options pattern - Add empty-body cookie read fallback in refresh endpoint
3 weeks ago
PermCreate(code) { return this.Perm(code, Level.Create); }
PermRead(code) { return this.Perm(code, Level.Read); }
PermWrite(code) { return this.Perm(code, Level.Write); }
PermAdmin(code) { return this.Perm(code, Level.Admin); }
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
// ========== 内部方法 ==========
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
_checkPermissionLevel(perms, targetPermID, requiredLevel) {
for (const p of perms) {
const permID = p.permission_id || p;
const permLevel = p.level !== undefined ? p.level : Level.Read;
refactor(ui): Rebuild permission system in vbase.js with scope support - Add scope parameter to VBase constructor for multi-tenant support - Replace hasPermission with checkPerm, checkPermOnResource, checkPermAny, checkPermAll - Implement _isAdmin check for global wildcard permissions (*:*) - Add _matchPermission with wildcard support (resource:*, *:*) - Remove default 404 page from vrouter in root.html
4 months ago
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
if (permLevel === Level.Admin) {
if (permID === '*' || targetPermID.startsWith(permID + ':') || permID === targetPermID) {
return true;
}
}
fix: 修复路由和页面加载问题
4 months ago
refactor(ui): Update vbase.js to match new Scoped RBAC permission system - Replace old permission check methods with new Perm/PermCreate/PermRead/PermWrite/PermAdmin - Add Level constants export (None, Create, Read, Write, ReadWrite, Admin) - Remove role-based permission checks (hasRole, checkPermAny, checkPermAll) - Update core permission checking logic to match backend checkPermissionLevel - Remove _isAdmin helper, use Level.Admin check instead - Simplify localStorage keys (remove scope prefix from keys) - Clean up console.log in env.js
3 months ago
if (permLevel >= requiredLevel) {
if (permID === targetPermID) {
return true;
}
}
}
return false;
fix: 修复路由和页面加载问题
4 months ago
}
feat(ui): Add user cache and batch fetch in VBase - Add shared users cache object to VBase constructor - Add User(id) API for reactive user info lookup - Implement _flushUserRequests for batch POST /api/auth/users - Cache and sync current user into shared users cache - Clear users cache on logout
2 months ago
_cachePublicUser(user) {
if (!user?.id) return;
const cached = {
...user,
name: user.name || user.nickname || user.username || '',
icon: user.icon || user.avatar || '',
avatar: user.avatar || user.icon || '',
};
if (!this.users[cached.id]) {
this.users[cached.id] = {};
}
Object.assign(this.users[cached.id], cached);
this._resolvedUserIDs.add(cached.id);
this._loadingUserIDs.delete(cached.id);
}
async _flushUserRequests() {
const ids = [...this._pendingUserIDs].filter(Boolean);
this._pendingUserIDs.clear();
this._pendingUserFlush = null;
if (ids.length === 0) return;
for (const id of ids) {
this._loadingUserIDs.add(id);
}
try {
const res = await this.request('POST', '/api/auth/users', { ids });
const items = Array.isArray(res?.items) ? res.items : [];
const found = new Set();
for (const item of items) {
this._cachePublicUser(item);
found.add(item.id);
}
for (const id of ids) {
this._loadingUserIDs.delete(id);
if (!found.has(id)) {
this._resolvedUserIDs.add(id);
}
}
} catch (error) {
for (const id of ids) {
this._loadingUserIDs.delete(id);
}
console.warn('VBase: batch fetch users failed', error);
}
}
feat: 全新UI框架升级和页面重构
4 months ago
}
export default VBase;