Refactor authentication middleware to remove dependency on Pinia, implementing direct API calls for authentication status checks. Update member API documentation to escape JWT token placeholder for clarity. Update session and user data formats for improved security and consistency.

2026-01-07 17:26:22 +01:00
parent 673c34ac9d
commit 371fef25d7
4 changed files with 17 additions and 18 deletions
--- a/middleware/auth.global.js
+++ b/middleware/auth.global.js
@@ -1,21 +1,20 @@
 export default defineNuxtRouteMiddleware(async (to, _from) => {
  // Only run on client-side
  if (process.server) return
  const authStore = useAuthStore()
  // Check if route requires authentication
-  const requiresAuth = to.meta.middleware === 'auth'
+  const mw = to.meta.middleware
  const requiresAuth =
    mw === 'auth' || (Array.isArray(mw) && mw.includes('auth'))
  if (requiresAuth) {
-    // Check auth status if not already checked
+    // Nicht auf Pinia angewiesen sein (sonst "no active Pinia" in manchen Nuxt-Lifecycle-Phasen)
-    if (!authStore.isLoggedIn) {
+    try {
-      await authStore.checkAuth()
+      const { data: auth } = await useFetch('/api/auth/status')
      if (!auth.value || !auth.value.isLoggedIn) {
        const redirect = encodeURIComponent(to.fullPath || to.path || '/')
        return navigateTo(`/login?redirect=${redirect}`)
      }
-
+    } catch (_e) {
-    // Redirect to login if not authenticated
+      const redirect = encodeURIComponent(to.fullPath || to.path || '/')
-    if (!authStore.isLoggedIn) {
+      return navigateTo(`/login?redirect=${redirect}`)
      return navigateTo('/login')
    }
  }
 })
--- a/pages/mitgliederbereich/api.vue
+++ b/pages/mitgliederbereich/api.vue
@@ -540,7 +540,7 @@ curl -X POST http://localhost:3100/api/auth/login \
 # Mitglied hinzufügen mit Token
 curl -X POST http://localhost:3100/api/members \
-  -H "Authorization: Bearer <your-jwt-token>" \
+  -H "Authorization: Bearer &lt;your-jwt-token&gt;" \
  -H "Content-Type: application/json" \
  -d '{
    "firstName": "Max",
@@ -552,7 +552,7 @@ curl -X POST http://localhost:3100/api/members \
 # Bulk-Import von Mitgliedern
 curl -X POST http://localhost:3100/api/members/bulk \
-  -H "Authorization: Bearer <your-jwt-token>" \
+  -H "Authorization: Bearer &lt;your-jwt-token&gt;" \
  -H "Content-Type: application/json" \
  -d '{
    "members": [
--- a/server/data/sessions.json
+++ b/server/data/sessions.json
--- a/server/data/users.json
+++ b/server/data/users.json
@@ -1 +1 @@
-CyRDzIKS5Ou7WW0Ri1r4G7yGBFv1MwyJUsdJYNUI2gx7KJ5Mr4d8JBe4YQ+vQlpFw/ZEhrBLXjsKwbEIMlmO/xZWln9TsE/1s9rwCd9WoCWrXOlSqQc6kWP6xJuoy0tXRBCGfEPqoIg/x/G/QsN0kIdnWPETOqOd9p9nc/OsmbhXHTGIUa2KKDNsk5JMJVRI1IUt8CzdpXQUQpbSBA8AgBV7sUiePWXlbqxfoWC7leV8oRWcgTz1Y0hKVB/yczjPUQP7hEI7GZ9O/2fysrTRPa5JtmwQ4CbfXe1wWANmxrIsUf1n/+yogcVfkG+Ld6YjhCnh1hmDQFEh7RkSB8J9uknvlrk/uXsnwRP55jBeum0ujsOaxisagJ1oniCVg27r2+fx0qiAIQDv5pVDp+EWkDMo4Wkw4qis6HwA46hy4ex22O4As550xhnomHq/Rtk6mO20Srlt+7dbUcopvVZn/ekXzL8ovzYFHA978B63m2Vt6m7wYdGduSjUChzXXcRUJwF2JKnOiSym2/zQ9EJi8UFBMgSaXAku9PakLUWI13VInKItLCX/Ib9ADWMLiViDmzW3dYHKxENdBeo8tD4vGExEY7+5x+Ari6zIGhcoYt8MRyGMGdrqSYTLCnlRnzgeHqN2JTyiYns8fCNUuV7aa31x5GgzD/Bpc1JJG+o6DYAva1GBLaaCTLTpuuDNC6V32cJECjzQaQKm8hhIg9OWjpApxhvx/0aiVs2Yne63Ot8183YAdfpX6QCD2F89hqQi6LjBxzC8vYi+2MWTdw4ZdkIRhrROe0/gxOWvecmrpyM=
+v2:hKWeGFjGrwePQTJW4sCZBBrfS3+jNZV04Zr+XZ2rp4sluDgytyeN1nDRRma355I6cu0a1l5zTHDsWp0NfXXrxsVGT6co/TJyv9p26YyC39wTxTyKF5CZyC+IgznJOAMDQH5ZY3i68jtRyXIrFUmNpIZA9J2FTOMSiffBeAM3/h9Q0FcOmQafJ3OfNNx7YWT92J/xk4lSTY2vt0qJcWsma4sB6pzRF+QY7nZsMaiGoyUWSzi9Thg1k+nEJzWr9w9VXTpAz3455VLJ4HZdTgck5JpgXp8s9+fyHqwIvUoRKEMxr3//KZwsK1gt9TSxgtAL/2N+twvpIe80wJuDZomEY2LCloee9ND1yQ0GKBWnkX8+uxp0mXtQ8gR2p84UEyzllKUYGyqkAYsgAOr5sjEVkmFG2Sb7F0kkNrcDLfOHj7Qx0OQ8VPOW8Q3QwbuhDAvd6DSQX5oKUEyb98OP8cS3IGLfsfQzdA60Vvs40X4wSoiHLOHBDlpX/+MBhk2V3vHI6VyyKLnoCdBuEs1Jx62MadupUgY0LbQHNKsyTDL8tpEYHJVZvCLLTFE2cppptWtnpXIMhoY6yAS/yWg9amIAdTiOKT+2jlo0pi6zbFeyE02BjaPBOPZER4uij29pOZVDD432vmpgVsh9McHzrRiRG9xc64o0dh0zMwtckEB+tp9Cq6Dq7xXzjKlchX0PkaW3BrG702B4MmERlgN/VO51QBKY3r5bSJblMjijjPrpCuvrLDFMbXtHpYDojTisYv8wbnlCkEHEO26mn1OjFx3uYnGNtoLkSp67+gEToXR+u7att2/KkIvEng==
		`@@ -1 +1 @@`
			CyRDzIKS5Ou7WW0Ri1r4G7yGBFv1MwyJUsdJYNUI2gx7KJ5Mr4d8JBe4YQ+vQlpFw/ZEhrBLXjsKwbEIMlmO/xZWln9TsE/1s9rwCd9WoCWrXOlSqQc6kWP6xJuoy0tXRBCGfEPqoIg/x/G/QsN0kIdnWPETOqOd9p9nc/OsmbhXHTGIUa2KKDNsk5JMJVRI1IUt8CzdpXQUQpbSBA8AgBV7sUiePWXlbqxfoWC7leV8oRWcgTz1Y0hKVB/yczjPUQP7hEI7GZ9O/2fysrTRPa5JtmwQ4CbfXe1wWANmxrIsUf1n/+yogcVfkG+Ld6YjhCnh1hmDQFEh7RkSB8J9uknvlrk/uXsnwRP55jBeum0ujsOaxisagJ1oniCVg27r2+fx0qiAIQDv5pVDp+EWkDMo4Wkw4qis6HwA46hy4ex22O4As550xhnomHq/Rtk6mO20Srlt+7dbUcopvVZn/ekXzL8ovzYFHA978B63m2Vt6m7wYdGduSjUChzXXcRUJwF2JKnOiSym2/zQ9EJi8UFBMgSaXAku9PakLUWI13VInKItLCX/Ib9ADWMLiViDmzW3dYHKxENdBeo8tD4vGExEY7+5x+Ari6zIGhcoYt8MRyGMGdrqSYTLCnlRnzgeHqN2JTyiYns8fCNUuV7aa31x5GgzD/Bpc1JJG+o6DYAva1GBLaaCTLTpuuDNC6V32cJECjzQaQKm8hhIg9OWjpApxhvx/0aiVs2Yne63Ot8183YAdfpX6QCD2F89hqQi6LjBxzC8vYi+2MWTdw4ZdkIRhrROe0/gxOWvecmrpyM=				v2:hKWeGFjGrwePQTJW4sCZBBrfS3+jNZV04Zr+XZ2rp4sluDgytyeN1nDRRma355I6cu0a1l5zTHDsWp0NfXXrxsVGT6co/TJyv9p26YyC39wTxTyKF5CZyC+IgznJOAMDQH5ZY3i68jtRyXIrFUmNpIZA9J2FTOMSiffBeAM3/h9Q0FcOmQafJ3OfNNx7YWT92J/xk4lSTY2vt0qJcWsma4sB6pzRF+QY7nZsMaiGoyUWSzi9Thg1k+nEJzWr9w9VXTpAz3455VLJ4HZdTgck5JpgXp8s9+fyHqwIvUoRKEMxr3//KZwsK1gt9TSxgtAL/2N+twvpIe80wJuDZomEY2LCloee9ND1yQ0GKBWnkX8+uxp0mXtQ8gR2p84UEyzllKUYGyqkAYsgAOr5sjEVkmFG2Sb7F0kkNrcDLfOHj7Qx0OQ8VPOW8Q3QwbuhDAvd6DSQX5oKUEyb98OP8cS3IGLfsfQzdA60Vvs40X4wSoiHLOHBDlpX/+MBhk2V3vHI6VyyKLnoCdBuEs1Jx62MadupUgY0LbQHNKsyTDL8tpEYHJVZvCLLTFE2cppptWtnpXIMhoY6yAS/yWg9amIAdTiOKT+2jlo0pi6zbFeyE02BjaPBOPZER4uij29pOZVDD432vmpgVsh9McHzrRiRG9xc64o0dh0zMwtckEB+tp9Cq6Dq7xXzjKlchX0PkaW3BrG702B4MmERlgN/VO51QBKY3r5bSJblMjijjPrpCuvrLDFMbXtHpYDojTisYv8wbnlCkEHEO26mn1OjFx3uYnGNtoLkSp67+gEToXR+u7att2/KkIvEng==