bd4bf00856
- 增加 CORS/CSP/安全响应头与代理信任配置 - 引入 URL 白名单与私网开关,校验上游与价格源 - 改善 API Key 处理与网关错误返回 - 管理端设置隐藏敏感字段并优化前端提示 - 增加计费熔断与相关配置示例 测试: go test ./...
106 lines
3.2 KiB
TypeScript
106 lines
3.2 KiB
TypeScript
/**
|
|
* Axios HTTP Client Configuration
|
|
* Base client with interceptors for authentication and error handling
|
|
*/
|
|
|
|
import axios, { AxiosInstance, AxiosError, InternalAxiosRequestConfig } from 'axios'
|
|
import type { ApiResponse } from '@/types'
|
|
|
|
// ==================== Axios Instance Configuration ====================
|
|
|
|
const API_BASE_URL = import.meta.env.VITE_API_BASE_URL || '/api/v1'
|
|
|
|
export const apiClient: AxiosInstance = axios.create({
|
|
baseURL: API_BASE_URL,
|
|
timeout: 30000,
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
}
|
|
})
|
|
|
|
// ==================== Request Interceptor ====================
|
|
|
|
apiClient.interceptors.request.use(
|
|
(config: InternalAxiosRequestConfig) => {
|
|
// Attach token from localStorage
|
|
const token = localStorage.getItem('auth_token')
|
|
if (token && config.headers) {
|
|
config.headers.Authorization = `Bearer ${token}`
|
|
}
|
|
return config
|
|
},
|
|
(error) => {
|
|
return Promise.reject(error)
|
|
}
|
|
)
|
|
|
|
// ==================== Response Interceptor ====================
|
|
|
|
apiClient.interceptors.response.use(
|
|
(response) => {
|
|
// Unwrap standard API response format { code, message, data }
|
|
const apiResponse = response.data as ApiResponse<unknown>
|
|
if (apiResponse && typeof apiResponse === 'object' && 'code' in apiResponse) {
|
|
if (apiResponse.code === 0) {
|
|
// Success - return the data portion
|
|
response.data = apiResponse.data
|
|
} else {
|
|
// API error
|
|
return Promise.reject({
|
|
status: response.status,
|
|
code: apiResponse.code,
|
|
message: apiResponse.message || 'Unknown error'
|
|
})
|
|
}
|
|
}
|
|
return response
|
|
},
|
|
(error: AxiosError<ApiResponse<unknown>>) => {
|
|
// Handle common errors
|
|
if (error.response) {
|
|
const { status, data } = error.response
|
|
|
|
// 401: Unauthorized - clear token and redirect to login
|
|
if (status === 401) {
|
|
const hasToken = !!localStorage.getItem('auth_token')
|
|
const url = error.config?.url || ''
|
|
const isAuthEndpoint =
|
|
url.includes('/auth/login') || url.includes('/auth/register') || url.includes('/auth/refresh')
|
|
const headers = error.config?.headers as Record<string, unknown> | undefined
|
|
const authHeader = headers?.Authorization ?? headers?.authorization
|
|
const sentAuth =
|
|
typeof authHeader === 'string'
|
|
? authHeader.trim() !== ''
|
|
: Array.isArray(authHeader)
|
|
? authHeader.length > 0
|
|
: !!authHeader
|
|
|
|
localStorage.removeItem('auth_token')
|
|
localStorage.removeItem('auth_user')
|
|
if ((hasToken || sentAuth) && !isAuthEndpoint) {
|
|
sessionStorage.setItem('auth_expired', '1')
|
|
}
|
|
// Only redirect if not already on login page
|
|
if (!window.location.pathname.includes('/login')) {
|
|
window.location.href = '/login'
|
|
}
|
|
}
|
|
|
|
// Return structured error
|
|
return Promise.reject({
|
|
status,
|
|
code: data?.code,
|
|
message: data?.message || error.message
|
|
})
|
|
}
|
|
|
|
// Network error
|
|
return Promise.reject({
|
|
status: 0,
|
|
message: 'Network error. Please check your connection.'
|
|
})
|
|
}
|
|
)
|
|
|
|
export default apiClient
|