refactor(auth): split IAM module and add access/refresh session flow
This commit is contained in:
@@ -1,10 +1,10 @@
|
||||
import type { Credentials, Task } from '../types'
|
||||
import { session } from '../stores/session'
|
||||
import { clearSession, session, setSessionToken } from '../stores/session'
|
||||
|
||||
const API_BASE = 'http://localhost:8080/api/v1'
|
||||
|
||||
function headers() {
|
||||
const h: Record<string, string> = { 'Content-Type': 'application/json' }
|
||||
function headers(extra?: Record<string, string>) {
|
||||
const h: Record<string, string> = { 'Content-Type': 'application/json', ...(extra ?? {}) }
|
||||
if (session.token) h.Authorization = `Bearer ${session.token}`
|
||||
return h
|
||||
}
|
||||
@@ -18,59 +18,100 @@ async function handle<T>(response: Response): Promise<T> {
|
||||
return (await response.json()) as T
|
||||
}
|
||||
|
||||
export async function register(credentials: Credentials) {
|
||||
const response = await fetch(`${API_BASE}/auth/register`, {
|
||||
async function refreshAccessToken(): Promise<boolean> {
|
||||
try {
|
||||
const response = await fetch(`${API_BASE}/auth/refresh`, {
|
||||
method: 'POST',
|
||||
credentials: 'include',
|
||||
headers: headers(),
|
||||
})
|
||||
if (!response.ok) return false
|
||||
const data = (await response.json()) as { access_token: string }
|
||||
if (!data?.access_token) return false
|
||||
setSessionToken(data.access_token)
|
||||
return true
|
||||
} catch {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
async function request<T>(path: string, init: RequestInit = {}, allowRefresh = true): Promise<T> {
|
||||
const merged: RequestInit = {
|
||||
credentials: 'include',
|
||||
...init,
|
||||
headers: headers((init.headers as Record<string, string> | undefined) ?? {}),
|
||||
}
|
||||
const response = await fetch(`${API_BASE}${path}`, merged)
|
||||
if (response.status === 401 && allowRefresh && !path.startsWith('/auth/')) {
|
||||
const refreshed = await refreshAccessToken()
|
||||
if (refreshed) {
|
||||
return request<T>(path, init, false)
|
||||
}
|
||||
clearSession()
|
||||
}
|
||||
return handle<T>(response)
|
||||
}
|
||||
|
||||
export async function register(credentials: Credentials, autoLogin = true) {
|
||||
return request<{ email: string; access_token?: string; expires_in?: number; session_id?: string }>('/auth/register', {
|
||||
method: 'POST',
|
||||
headers: headers(),
|
||||
body: JSON.stringify(credentials),
|
||||
body: JSON.stringify({ ...credentials, auto_login: autoLogin }),
|
||||
})
|
||||
return handle<{ id: number; email: string }>(response)
|
||||
}
|
||||
|
||||
export async function login(credentials: Credentials) {
|
||||
const response = await fetch(`${API_BASE}/auth/login`, {
|
||||
return request<{ access_token: string; expires_in: number; session_id: string }>('/auth/login', {
|
||||
method: 'POST',
|
||||
headers: headers(),
|
||||
body: JSON.stringify(credentials),
|
||||
})
|
||||
return handle<{ token: string }>(response)
|
||||
}
|
||||
|
||||
export async function refresh() {
|
||||
return request<{ access_token: string; expires_in: number; session_id: string }>('/auth/refresh', {
|
||||
method: 'POST',
|
||||
}, false)
|
||||
}
|
||||
|
||||
export async function logout() {
|
||||
const response = await fetch(`${API_BASE}/auth/logout`, {
|
||||
return request<void>('/auth/logout', {
|
||||
method: 'POST',
|
||||
headers: headers(),
|
||||
})
|
||||
return handle<void>(response)
|
||||
}, false)
|
||||
}
|
||||
|
||||
export async function logoutAll() {
|
||||
return request<void>('/auth/logout-all', {
|
||||
method: 'POST',
|
||||
}, false)
|
||||
}
|
||||
|
||||
export async function listSessions() {
|
||||
return request<Array<{ id: string; device_info: string; ip: string; user_agent: string; created_at: string; expires_at: string; revoked_at?: string }>>('/auth/sessions')
|
||||
}
|
||||
|
||||
export async function revokeSession(id: string) {
|
||||
return request<void>(`/auth/sessions/${id}`, { method: 'DELETE' }, false)
|
||||
}
|
||||
|
||||
export async function listTasks() {
|
||||
const response = await fetch(`${API_BASE}/tasks`, { headers: headers() })
|
||||
return handle<Task[]>(response)
|
||||
return request<Task[]>('/tasks')
|
||||
}
|
||||
|
||||
export async function createTask(payload: Partial<Task>) {
|
||||
const response = await fetch(`${API_BASE}/tasks`, {
|
||||
return request<Task>('/tasks', {
|
||||
method: 'POST',
|
||||
headers: headers(),
|
||||
body: JSON.stringify(payload),
|
||||
})
|
||||
return handle<Task>(response)
|
||||
}
|
||||
|
||||
export async function updateTask(id: number, payload: Partial<Task>) {
|
||||
const response = await fetch(`${API_BASE}/tasks/${id}`, {
|
||||
return request<Task>(`/tasks/${id}`, {
|
||||
method: 'PUT',
|
||||
headers: headers(),
|
||||
body: JSON.stringify(payload),
|
||||
})
|
||||
return handle<Task>(response)
|
||||
}
|
||||
|
||||
export async function deleteTask(id: number) {
|
||||
const response = await fetch(`${API_BASE}/tasks/${id}`, {
|
||||
return request<void>(`/tasks/${id}`, {
|
||||
method: 'DELETE',
|
||||
headers: headers(),
|
||||
})
|
||||
return handle<void>(response)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user