wangdl 176593a8c2
All checks were successful
Deploy Admin Frontend / build-and-deploy (push) Successful in 12s
feat: Token 安全升级 — localStorage 迁移至 httpOnly cookie
- api-client: withCredentials: true,移除 Authorization header 注入
- api-client: 401 刷新改为 cookie 模式,无需前端传 refreshToken
- token.ts: 废弃 localStorage token 读写,保留 admin user 缓存
- use-auth-query: 移除 setTokens/clearTokens 调用
- auth.ts: logout 不再传 refreshToken(cookie 标识会话)

Breaking: 需要后端同步部署(登录/刷新 Set-Cookie + 守卫读 cookie)

Co-Authored-By: Claude <noreply@anthropic.com>
2026-07-04 11:18:02 +08:00
..