diff --git a/frontend/src/views/login/index.vue b/frontend/src/views/login/index.vue index 044fb7e..5690209 100644 --- a/frontend/src/views/login/index.vue +++ b/frontend/src/views/login/index.vue @@ -183,7 +183,18 @@ const handleLogin = async () => { ElMessage.success('登录成功') // 跳转到用户默认页面或指定的重定向页面 - const redirect = new URLSearchParams(window.location.search).get('redirect') || authManager.getDefaultRoute() + const defaultRoute = authManager.getDefaultRoute() + let redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute + + // 检查 redirect 目标是否有权限访问 + const userRole = authManager.getUserRole() + if (redirect && userRole) { + if ((redirect.startsWith('/admin') && userRole !== 'admin') || + (redirect.startsWith('/manager') && !['admin', 'manager'].includes(userRole)) || + (redirect.startsWith('/analysis') && !['admin', 'manager'].includes(userRole))) { + redirect = defaultRoute + } + } router.push(redirect) } else { ElMessage.error(response.message || '登录失败') @@ -249,7 +260,20 @@ const handleDingtalkLoginSuccess = async (response: any) => { // 跳转到用户角色对应的默认页面 const defaultRoute = authManager.getDefaultRoute() - const redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute + let redirect = new URLSearchParams(window.location.search).get('redirect') || defaultRoute + + // 检查 redirect 目标是否有权限访问 + const userRole = authManager.getUserRole() + if (redirect && userRole) { + // 检查是否尝试访问需要更高权限的页面 + if ((redirect.startsWith('/admin') && userRole !== 'admin') || + (redirect.startsWith('/manager') && !['admin', 'manager'].includes(userRole)) || + (redirect.startsWith('/analysis') && !['admin', 'manager'].includes(userRole))) { + console.log('[钉钉登录] redirect 目标需要更高权限,改为默认页面') + redirect = defaultRoute + } + } + console.log('[钉钉登录] 跳转到:', redirect) router.push(redirect) }