fixes lol

2026-01-09 02:37:31 -05:00 · 2026-01-09 02:37:31 -05:00 · 07b8e12197
commit 07b8e12197
parent a206a606f7
10 changed files with 211 additions and 57 deletions
--- a/frontend/src/lib/components/chat/ChatPanel.svelte
+++ b/frontend/src/lib/components/chat/ChatPanel.svelte
@ -200,10 +200,26 @@
 			return;
 		}

-		// Get token from localStorage if available (for authenticated users)
-		const token = typeof localStorage !== 'undefined' ? localStorage.getItem('token') : null;
-		console.log('Chat connecting with realmId:', realmId, token ? '(authenticated)' : '(guest)');
-		chatWebSocket.connect(realmId, token);
+		// Connect to chat - fetch fresh token if authenticated (uses httpOnly cookies)
+		(async () => {
+			let token = null;
+			try {
+				const response = await fetch('/api/auth/refresh', {
+					method: 'POST',
+					credentials: 'include'
+				});
+				if (response.ok) {
+					const data = await response.json();
+					if (data.token) {
+						token = data.token;
+					}
+				}
+			} catch (e) {
+				// Not authenticated or refresh failed - connect as guest
+			}
+			console.log('Chat connecting with realmId:', realmId, token ? '(authenticated)' : '(guest)');
+			chatWebSocket.connect(realmId, token);
+		})();

 		// Function to scroll to newest messages (bottom for UP flow, top for DOWN flow)
 		const scrollToBottom = () => {
--- a/frontend/src/lib/components/terminal/TerminalCore.svelte
+++ b/frontend/src/lib/components/terminal/TerminalCore.svelte
@ -177,7 +177,22 @@

    // Auto-connect to global chat on mount (like chat panel)
    onMount(async () => {
-        const token = typeof localStorage !== 'undefined' ? localStorage.getItem('token') : null;
+        // Fetch fresh token if authenticated (uses httpOnly cookies)
+        let token = null;
+        try {
+            const response = await fetch('/api/auth/refresh', {
+                method: 'POST',
+                credentials: 'include'
+            });
+            if (response.ok) {
+                const data = await response.json();
+                if (data.token) {
+                    token = data.token;
+                }
+            }
+        } catch (e) {
+            // Not authenticated or refresh failed - connect as guest
+        }

        // If already connected, just use that connection
        if (isConnected) {
--- a/frontend/src/lib/components/terminal/terminalCommands.js
+++ b/frontend/src/lib/components/terminal/terminalCommands.js
@ -360,8 +360,22 @@ async function joinRealmChat(nameOrId, addSystemMessage, chatWebSocket, setRealm
        // Add realm to filter
        joinRealmFilter(targetRealmId);

-        // Get token for authenticated connection
-        const token = typeof localStorage !== 'undefined' ? localStorage.getItem('token') : null;
+        // Fetch fresh token if authenticated (uses httpOnly cookies)
+        let token = null;
+        try {
+            const response = await fetch('/api/auth/refresh', {
+                method: 'POST',
+                credentials: 'include'
+            });
+            if (response.ok) {
+                const data = await response.json();
+                if (data.token) {
+                    token = data.token;
+                }
+            }
+        } catch (e) {
+            // Not authenticated or refresh failed - connect as guest
+        }

        // Connect to the realm's WebSocket
        await chatWebSocket.connect(targetRealmId, token);
--- a/frontend/src/lib/components/watch/YouTubePlayer.svelte
+++ b/frontend/src/lib/components/watch/YouTubePlayer.svelte
@ -314,7 +314,6 @@
        width: 100%;
        aspect-ratio: 16 / 9;
        background: #000;
-        border-radius: 8px;
        overflow: hidden;
        position: relative;
    }
--- a/frontend/src/lib/stores/watchSync.js
+++ b/frontend/src/lib/stores/watchSync.js
@ -196,7 +196,7 @@ function createWatchSyncStore() {
        }
    }

-    function connect(realmId, token = null) {
+    async function connect(realmId, token = null) {
        if (!browser) return;
        if (ws?.readyState === WebSocket.OPEN && currentRealmId === realmId) return;

@ -208,8 +208,24 @@ function createWatchSyncStore() {
        currentRealmId = realmId;
        update(state => ({ ...state, loading: true, error: null }));

-        // Get token from localStorage if not provided
-        const authToken = token || localStorage.getItem('token');
+        // Fetch fresh token if not provided (uses httpOnly cookies)
+        let authToken = token;
+        if (!authToken) {
+            try {
+                const response = await fetch('/api/auth/refresh', {
+                    method: 'POST',
+                    credentials: 'include'
+                });
+                if (response.ok) {
+                    const data = await response.json();
+                    if (data.token) {
+                        authToken = data.token;
+                    }
+                }
+            } catch (e) {
+                // Not authenticated or refresh failed - connect as guest
+            }
+        }

        // Build WebSocket URL
        let wsUrl = `${WS_URL.replace('/ws', '')}/watch/ws?realmId=${encodeURIComponent(realmId)}`;