fix: auth logout, Nginx configs, missing dependency, CORS
- auth: logout endpoint now accepts refresh_token (was admin_id which frontend can't know) — added logout_by_token() to AuthService - api.js: sendBeacon uses Blob with application/json content-type (was sending text/plain which FastAPI couldn't parse) - Nginx: fixed SPA fallback to 404 (not SPA), added install.php PHP-FPM handler, added production HTTPS config for api.synaglobal.vip - requirements: added cryptography==44.0.0 (used by crypto.py but was missing from requirements.txt) - models: removed unused Fernet import from domain models - CORS: added http://api.synaglobal.vip origin Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+5
-2
@@ -29,7 +29,7 @@ class RefreshRequest(BaseModel):
|
||||
|
||||
|
||||
class LogoutRequest(BaseModel):
|
||||
admin_id: int
|
||||
refresh_token: Optional[str] = None
|
||||
|
||||
|
||||
class TotpSetupRequest(BaseModel):
|
||||
@@ -85,7 +85,10 @@ async def logout(
|
||||
service: AuthService = Depends(get_auth_service),
|
||||
):
|
||||
"""Invalidate refresh token (client should also discard access token)"""
|
||||
result = await service.logout(payload.admin_id)
|
||||
if payload.refresh_token:
|
||||
result = await service.logout_by_token(payload.refresh_token)
|
||||
else:
|
||||
return {"success": True, "message": "已登出"}
|
||||
return result
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user