imacat/lucia-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compute refresh token expiry fresh on each sign-in

Browse Source 
The expiry date was computed once at store init time and went stale
in long-running SPA sessions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
依瑪貓
2026-03-07 17:49:14 +08:00
parent ba7c1c7cd0
commit 5b3130ea9c
2 changed files with 3 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/stores/login.ts
View File

@@ -30,7 +30,6 @@ export const useLoginStore = defineStore('loginStore', {
userData: {},
isLoggedIn: false,
rememberedReturnToUrl: "",
expired: (() => { const d = new Date(); d.setMonth(d.getMonth() + 6); return d.getTime(); })(), // 設定 Refresh Token 的到期日為半年後
}),
actions: {
/**
@@ -51,7 +50,9 @@ export const useLoginStore = defineStore('loginStore', {
const refresh_token = response.data.refresh_token;
// 將 token 儲存在 cookie
setCookieWithoutExpiration("luciaToken", accessToken);
setCookie("luciaRefreshToken", refresh_token, Math.ceil((this.expired - Date.now()) / (24 * 60 * 60 * 1000)));
const expiryDate = new Date();
expiryDate.setMonth(expiryDate.getMonth() + 6);
setCookie("luciaRefreshToken", refresh_token, Math.ceil((expiryDate.getTime() - Date.now()) / (24 * 60 * 60 * 1000)));
this.isLoggedIn = true;
setCookie("isLuciaLoggedIn", "true");