fix: 5 auth flow bugs in setup/login routing

1. App.vue: exclude setup page from main layout (header/FAB)
2. request.ts: exempt /auth/setup from 401 hard redirect to /login
3. LoginView: redirect to /setup when backend says password not set
4. SetupView: add missing router.replace after successful setup
5. router guard: only call checkSetup after checkAuth fails, not on every navigation

WebUI/src/App.vue

@@ -67,7 +67,7 @@ onMounted(async () => {
 <template>
   <el-config-provider :locale="zhCn">
   <div class="app-container">
-    <template v-if="route.name !== 'login'">
+    <template v-if="route.name !== 'login' && route.name !== 'setup'">
       <div class="decoration-star" style="top: 20%; right: 8%; animation-delay: 0.5s;"></div>
       <div class="decoration-star" style="top: 60%; left: 3%; animation-delay: 1s;"></div>
       <div class="decoration-star" style="top: 80%; right: 5%; animation-delay: 1.5s;"></div>

WebUI/src/api/request.ts

@@ -28,7 +28,7 @@ instance.interceptors.response.use(
           message = data?.detail || '请求参数有误，请检查一下~'
           break
         case 401:
-          if (error.config?.url?.includes('/auth/login')) {
+          if (error.config?.url?.includes('/auth/login') || error.config?.url?.includes('/auth/setup')) {
             break
           }
           message = '登录状态已失效~'

WebUI/src/router/index.ts

@@ -97,22 +97,24 @@ router.beforeEach(async (to, from) => {
 
   const authStore = useAuthStore()
 
-  // 首次访问：检查是否需要设置密码
-  if (!authStore.setupChecked) {
+  // 已知状态直接判断
+  if (authStore.needSetup) {
+    return { path: '/setup', query: { redirect: to.fullPath } }
+  }
+  if (authStore.checked && !authStore.isLoggedIn) {
+    return { path: '/login', query: { redirect: to.fullPath } }
+  }
+
+  // 未验证：先检查认证状态
+  if (!authStore.checked) {
+    const ok = await authStore.checkAuth()
+    if (ok) return
+
+    // 未认证：检查是否需要先设置密码
     const needSetup = await authStore.checkSetup()
     if (needSetup) {
       return { path: '/setup', query: { redirect: to.fullPath } }
     }
-  } else if (authStore.needSetup) {
-    return { path: '/setup', query: { redirect: to.fullPath } }
-  }
-
-  if (!authStore.checked) {
-    const ok = await authStore.checkAuth()
-    if (!ok) {
-      return { path: '/login', query: { redirect: to.fullPath } }
-    }
-  } else if (!authStore.isLoggedIn) {
     return { path: '/login', query: { redirect: to.fullPath } }
   }
 })

WebUI/src/views/LoginView.vue

@@ -26,7 +26,11 @@ async function handleLogin() {
       await userSettingsStore.fetchAndSync()
       router.replace(redirect)
     } else {
-      error.value = authStore.error || '密码错误'
+      const msg = authStore.error || '密码错误'
+      error.value = msg
+      if (msg.includes('请先设置密码')) {
+        router.replace({ path: '/setup', query: route.query })
+      }
     }
   } finally {
     loading.value = false

WebUI/src/views/SetupView.vue

@@ -39,6 +39,7 @@ async function handleSetup() {
     const ok = await authStore.setupPassword(password.value, name)
     if (ok) {
       await userSettingsStore.fetchAndSync()
+      router.replace(redirect)
     } else {
       error.value = authStore.error || '设置失败，请重试'
     }