1.3

2026-06-13 08:37:28 +08:00
parent ddc90e4b0d
commit ebcfb0c258
5 changed files with 204 additions and 51 deletions
@@ -1,5 +1,4 @@
-import axios from 'axios'
-import type { AxiosInstance } from 'axios'
+import axios, { type AxiosInstance } from 'axios'

 const API_BASE = import.meta.env.VITE_API_BASE_URL || 'http://localhost:8000'

@@ -18,30 +17,55 @@ api.interceptors.request.use((config) => {
  return config
 })

+// 防止并发刷新
+let refreshPromise: Promise<any> | null = null
+
 // 响应拦截器：处理 401 自动刷新
 api.interceptors.response.use(
  (response) => response,
  async (error) => {
    const originalRequest = error.config
+
    if (error.response?.status === 401 && !originalRequest._retry) {
      originalRequest._retry = true
+
      const refreshToken = localStorage.getItem('refresh_token')
-      if (refreshToken) {
-        try {
-          const { data } = await axios.post(`${API_BASE}/api/v1/auth/refresh`, {
+      if (!refreshToken) {
+        // 没有 refresh token，直接跳转登录
+        localStorage.removeItem('access_token')
+        localStorage.removeItem('refresh_token')
+        window.location.href = '/login'
+        return Promise.reject(error)
+      }
+
+      try {
+        // 如果已经有正在进行的刷新请求，复用它
+        if (!refreshPromise) {
+          refreshPromise = axios.post(`${API_BASE}/api/v1/auth/refresh`, {
            refresh_token: refreshToken,
          })
-          localStorage.setItem('access_token', data.access_token)
-          localStorage.setItem('refresh_token', data.refresh_token)
-          originalRequest.headers.Authorization = `Bearer ${data.access_token}`
-          return api(originalRequest)
-        } catch {
-          localStorage.removeItem('access_token')
-          localStorage.removeItem('refresh_token')
-          window.location.href = '/login'
        }
+
+        const { data } = await refreshPromise
+        refreshPromise = null
+
+        // 更新 token
+        localStorage.setItem('access_token', data.access_token)
+        localStorage.setItem('refresh_token', data.refresh_token)
+
+        // 重试原请求
+        originalRequest.headers.Authorization = `Bearer ${data.access_token}`
+        return api(originalRequest)
+      } catch (refreshError) {
+        refreshPromise = null
+        // 刷新失败，清除 token 并跳转登录
+        localStorage.removeItem('access_token')
+        localStorage.removeItem('refresh_token')
+        window.location.href = '/login'
+        return Promise.reject(refreshError)
      }
    }
+
    return Promise.reject(error)
  },
 )