fix(auth,audit): ensure display_name persists in token refresh and add fallback in audit log

2026-03-25 11:16:13 +08:00
parent f9edb5f1f7
commit 46dd8f1c3a
5 changed files with 28 additions and 4 deletions
--- a/inventory-backend/app/services/auth_service.py
+++ b/inventory-backend/app/services/auth_service.py
@ -124,7 +124,8 @@ class AuthService:
            identity=user_id,
            additional_claims={
                'role': user_role,
-                'username': account_id
+                'username': account_id,
+                'display_name': user_info.get('display_name', account_id)
            }
        )

@ -153,11 +154,19 @@ class AuthService:
            user_id = decoded.get('sub')
            role = decoded.get('role')
            username = decoded.get('username')
-            display_name = decoded.get('display_name')

            if not user_id:
                raise ValueError("无效的 refresh_token")

+            # 重新查询数据库获取用户的 display_name，避免刷新后丢失
+            from app.models.system import SysUser
+            user = SysUser.query.get(user_id)
+            if user:
+                user_info = user.to_dict()
+                display_name = user_info.get('display_name', username)
+            else:
+                display_name = username
+
            # 生成新的 access_token
            new_access_token = create_access_token(
                identity=user_id,