update

internal/pkg/middleware/audit.go

@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"context"
 	"errors"
 	"net/http"
 	"time"
@@ -18,19 +19,24 @@ func Audit(sess session.Manager, auditLogService v1.AuditLogService, log *logger
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			start := time.Now()
+
+			// 提前获取用户信息（同步操作）
+			user, err := sess.GetUser(r.Context(), know.StoreName)
+			if err != nil {
+				log.Error("获取用户会话失败", err)
+				next.ServeHTTP(w, r) // 继续处理请求
+				return
+			}
+
 			defer func() {
 				go func() {
-					ctx := r.Context()
-					user, err := sess.GetUser(ctx, know.StoreName)
-					if err != nil {
-						log.Error(err.Error(), err)
+					if user.ID == 0 {
+						log.Error("用户信息为空", errors.New("scs get user is empty"))
 						return
 					}
 
-					if user.ID == 0 {
-						log.Error("scs get user is empty", errors.New("scs get user is empty"))
-						return
-					}
+					ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
+					defer cancel()
 
 					al := systemmodel.NewAuditLog(r, user.Email, user.OS, user.Browser, start, time.Now())
 					if err := auditLogService.Create(ctx, al); err != nil {

internal/pkg/middleware/authorize.go

@@ -17,6 +17,7 @@ var publicRoutes = map[string]bool{
 	"/upload/file":        true,
 	"/upload/multi_files": true,
 	"/pear.json":          true,
+	"/logout":             true,
 }
 
 func Authorize(