doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nu

Browse source
This commit is contained in:
doomtube 2025-08-13 00:10:25 -04:00
parent e8864cc853
commit 1d42a9a623
9 changed files with 2122 additions and 542 deletions
Download patch file Download diff file Expand all files Collapse all files

106
frontend/src/lib/stores/auth.js
View file

@ -5,7 +5,6 @@ import { goto } from '$app/navigation';
function createAuthStore() {
const { subscribe, set, update } = writable({
user: null,
token: null,
loading: true
});
@ -15,29 +14,21 @@ function createAuthStore() {
async init() {
if (!browser) return;
const token = localStorage.getItem('auth_token');
if (!token) {
set({ user: null, token: null, loading: false });
return;
}
// Use cookie-based auth - no localStorage tokens
try {
const response = await fetch('/api/user/me', {
headers: {
'Authorization': `Bearer ${token}`
}
credentials: 'include' // Send cookies
});
if (response.ok) {
const data = await response.json();
set({ user: data.user, token, loading: false });
set({ user: data.user, loading: false });
} else {
localStorage.removeItem('auth_token');
set({ user: null, token: null, loading: false });
set({ user: null, loading: false });
}
} catch (error) {
console.error('Auth init error:', error);
set({ user: null, token: null, loading: false });
set({ user: null, loading: false });
}
},
@ -45,14 +36,15 @@ function createAuthStore() {
const response = await fetch('/api/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include', // Receive httpOnly cookie
body: JSON.stringify(credentials)
});
const data = await response.json();
if (response.ok && data.success) {
localStorage.setItem('auth_token', data.token);
set({ user: data.user, token: data.token, loading: false });
// Server sets httpOnly cookie, we just store user data
set({ user: data.user, loading: false });
goto('/');
return { success: true };
}
@ -64,14 +56,15 @@ function createAuthStore() {
const response = await fetch('/api/auth/pgp-verify', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include', // Receive httpOnly cookie
body: JSON.stringify({ username, signature, challenge })
});
const data = await response.json();
if (response.ok && data.success) {
localStorage.setItem('auth_token', data.token);
set({ user: data.user, token: data.token, loading: false });
// Server sets httpOnly cookie, we just store user data
set({ user: data.user, loading: false });
goto('/');
return { success: true };
}
@ -83,6 +76,7 @@ function createAuthStore() {
const response = await fetch('/api/auth/register', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify(userData)
});
@ -95,47 +89,32 @@ function createAuthStore() {
return { success: false, error: data.error || 'Registration failed' };
},
async updateColor(color) {
const token = localStorage.getItem('auth_token');
const response = await fetch('/api/user/color', {
method: 'PUT',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ color })
});
const data = await response.json();
if (response.ok && data.success) {
// IMPORTANT: Store the new token that includes the updated color
if (data.token) {
localStorage.setItem('auth_token', data.token);
async updateColor(color) {
const response = await fetch('/api/user/color', {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
credentials: 'include', // Use cookies for auth
body: JSON.stringify({ color })
});
// Update the store with new token and user data
update(state => ({
...state,
token: data.token,
user: {
...state.user,
userColor: data.color,
colorCode: data.color // Make sure both fields are updated
}
}));
} else {
// Fallback if no new token (shouldn't happen with current backend)
update(state => ({
...state,
user: { ...state.user, userColor: data.color, colorCode: data.color }
}));
}
return { success: true, color: data.color };
}
return { success: false, error: data.error || 'Failed to update color' };
},
const data = await response.json();
if (response.ok && data.success) {
// Update the store with new user data
update(state => ({
...state,
user: {
...state.user,
userColor: data.color,
colorCode: data.color
}
}));
return { success: true, color: data.color };
}
return { success: false, error: data.error || 'Failed to update color' };
},
updateUser(userData) {
update(state => ({
@ -144,9 +123,14 @@ async updateColor(color) {
}));
},
logout() {
localStorage.removeItem('auth_token');
set({ user: null, token: null, loading: false });
async logout() {
// Call logout endpoint to clear httpOnly cookie
await fetch('/api/auth/logout', {
method: 'POST',
credentials: 'include'
});
set({ user: null, loading: false });
goto('/login');
}
};