import { defineStore } from 'pinia' import { ref, computed } from 'vue' import type { User } from '@/types/auth' import { UserRole } from '@/types/auth' import { authAPI, permissionAPI, STORAGE_KEYS } from '@/services/api' import type { PagePermission } from '@/types/auth' export const useAuthStore = defineStore('auth', () => { const user = ref(null) const isLoading = ref(true) const userPermissions = ref([]) const isAuthenticated = computed(() => !!user.value) const loadUserPermissions = async (userId?: string) => { const targetUserId = userId || user.value?.id if (!targetUserId) return try { const response = await permissionAPI.getUserPermissions(targetUserId) if (response.success) { userPermissions.value = response.data || [] } } catch { userPermissions.value = [] } } const checkAuthStatus = async () => { try { const storedUser = localStorage.getItem(STORAGE_KEYS.USER) const token = localStorage.getItem(STORAGE_KEYS.TOKEN) if (storedUser && token) { const userData = JSON.parse(storedUser) user.value = userData try { const response = await authAPI.getCurrentUser() if (response.success) { user.value = response.data await loadUserPermissions() } else { try { const refreshResponse = await authAPI.refreshToken() if (refreshResponse.success && refreshResponse.data?.token) { localStorage.setItem(STORAGE_KEYS.TOKEN, refreshResponse.data.token) const userResponse = await authAPI.getCurrentUser() if (userResponse.success) { user.value = userResponse.data await loadUserPermissions() } } } catch { localStorage.removeItem(STORAGE_KEYS.USER) localStorage.removeItem(STORAGE_KEYS.TOKEN) user.value = null userPermissions.value = [] } } } catch { localStorage.removeItem(STORAGE_KEYS.USER) localStorage.removeItem(STORAGE_KEYS.TOKEN) user.value = null userPermissions.value = [] } } else { user.value = null userPermissions.value = [] } } catch { localStorage.removeItem(STORAGE_KEYS.USER) localStorage.removeItem(STORAGE_KEYS.TOKEN) user.value = null userPermissions.value = [] } finally { isLoading.value = false } } const login = async (credentials: { username: string; password: string }) => { isLoading.value = true try { const response = await authAPI.login(credentials) if (response.success && response.data) { const { user: userData, token } = response.data localStorage.setItem(STORAGE_KEYS.USER, JSON.stringify(userData)) localStorage.setItem(STORAGE_KEYS.TOKEN, token) user.value = userData await loadUserPermissions(userData.id) } else { throw new Error(response.message || '登录失败') } } finally { isLoading.value = false } } const logout = () => { localStorage.removeItem(STORAGE_KEYS.USER) localStorage.removeItem(STORAGE_KEYS.TOKEN) user.value = null userPermissions.value = [] } const hasPermission = (requiredRole: UserRole | string): boolean => { if (!user.value) return false if (typeof requiredRole === 'string') { if (Object.values(UserRole).includes(requiredRole as UserRole)) { const roleHierarchy: Record = { [UserRole.ADMIN]: 3, [UserRole.USER]: 2, [UserRole.VIEWER]: 1 } return (roleHierarchy[user.value.role] || 0) >= (roleHierarchy[requiredRole as UserRole] || 0) } else { return checkPagePermission(requiredRole) } } const roleHierarchy: Record = { [UserRole.ADMIN]: 3, [UserRole.USER]: 2, [UserRole.VIEWER]: 1 } return (roleHierarchy[user.value.role] || 0) >= (roleHierarchy[requiredRole] || 0) } const checkPagePermission = (pagePath: string): boolean => { if (!user.value) return false if (user.value.role === UserRole.ADMIN) return true return userPermissions.value.some(permission => pagePath.startsWith(permission.path)) } return { user, isLoading, isAuthenticated, userPermissions, checkAuthStatus, login, logout, hasPermission, checkPagePermission, loadUserPermissions } })