From 9ea2f306c4722a262b2b2feb4257f941aefdbe98 Mon Sep 17 00:00:00 2001
From: kkfluous <kkfluous@kdemacbook-air.local>
Date: Fri, 24 Apr 2026 11:00:30 +0800
Subject: [PATCH] feat(dev): env-gated local auth bypass for development
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

.env 里设 DEV_BYPASS_AUTH=1 + VITE_DEV_BYPASS_AUTH=1 即可本地免登录调试。
前端判定强制要求 import.meta.env.DEV，避免生产构建误启用。
后端塞入 dev 身份（含 所有权限 / BI-SCHEDULE-OPT 角色），保证 c.get('user')
下游依赖不会 crash。

新增 src/vite-env.d.ts 引入 vite/client 类型以访问 import.meta.env。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 src/auth/AuthProvider.tsx     | 17 +++++++++++++++++
 src/server/auth/middleware.ts | 15 +++++++++++++++
 src/vite-env.d.ts             |  1 +
 3 files changed, 33 insertions(+)
 create mode 100644 src/vite-env.d.ts

diff --git a/src/auth/AuthProvider.tsx b/src/auth/AuthProvider.tsx
index f4586e1..0a7f3fd 100644
--- a/src/auth/AuthProvider.tsx
+++ b/src/auth/AuthProvider.tsx
@@ -36,6 +36,23 @@ export default function AuthProvider({ children }: { children: ReactNode }) {
   }, []);
 
   async function authenticate() {
+    // 本地开发免登录开关：.env 里设 VITE_DEV_BYPASS_AUTH=1 启用，仅 dev 生效
+    if (import.meta.env.DEV && import.meta.env.VITE_DEV_BYPASS_AUTH === '1') {
+      setState({
+        isLoading: false,
+        isAuthenticated: true,
+        user: {
+          userId: 'dev-local',
+          userName: '本地开发',
+          permissionLevel: 'full',
+          depName: '',
+          roles: ['所有权限', 'BI-SCHEDULE-OPT'],
+        },
+        error: null,
+      });
+      return;
+    }
+
     // 1. 检查 sessionStorage 中是否有 JWT
     const savedToken = sessionStorage.getItem('bi_jwt');
     if (savedToken) {
diff --git a/src/server/auth/middleware.ts b/src/server/auth/middleware.ts
index 7929be9..a535b2d 100644
--- a/src/server/auth/middleware.ts
+++ b/src/server/auth/middleware.ts
@@ -14,6 +14,21 @@ export async function authMiddleware(c: Context, next: Next) {
     return next();
   }
 
+  // 本地开发免登录开关：.env 里设 DEV_BYPASS_AUTH=1 启用
+  if (process.env.DEV_BYPASS_AUTH === '1') {
+    const devUser: AuthUser = {
+      userId: 'dev-local',
+      userName: '本地开发',
+      loginName: 'dev-local',
+      depCode: '',
+      depName: '',
+      permissionLevel: 'full',
+      roles: ['所有权限', 'BI-SCHEDULE-OPT'],
+    };
+    c.set('user', devUser);
+    return next();
+  }
+
   // 跳过不需要认证的路径
   if (path === '/api/health' || path.startsWith('/api/auth/')) {
     return next();
diff --git a/src/vite-env.d.ts b/src/vite-env.d.ts
new file mode 100644
index 0000000..11f02fe
--- /dev/null
+++ b/src/vite-env.d.ts
@@ -0,0 +1 @@
+/// <reference types="vite/client" />