feat(auth): remove center api key from frontend login flow

2026-05-14 14:17:12 +00:00
parent cfaa1cb657
commit 4f28f102e0
5 changed files with 20 additions and 25 deletions
--- a/src/lib/center-auth-client.ts
+++ b/src/lib/center-auth-client.ts
@@ -4,22 +4,23 @@ import type { AuthSession } from './auth-storage'
 export type LoginPayload = { email: string; password: string }

 type LoginResponse = {
-  centerApiBase: string
  accessToken: string
  refreshToken: string
  tokenType: string
+  expiresIn?: number
  user: { id: string; email: string }
  guilds: Array<{ nodeId: string; name: string; endpoint: string; status: 'active' | 'offline' | 'revoked' }>
-  guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string }>
+  guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string; expiresIn?: number }>
 }

 type RefreshResponse = {
  accessToken: string
  refreshToken: string
  tokenType: string
+  expiresIn?: number
 }

-function centerClient(centerApiBase: string, centerApiKey: string) {
+function centerClient(centerApiBase: string) {
  const client = axios.create({
    baseURL: centerApiBase,
    timeout: 10000,
@@ -27,7 +28,6 @@ function centerClient(centerApiBase: string, centerApiKey: string) {

  client.interceptors.request.use((request) => {
    const requestId = crypto.randomUUID()
-    request.headers['x-api-key'] = centerApiKey
    request.headers['x-request-id'] = requestId
    request.headers['x-client-name'] = 'fabric-frontend'
    return request
@@ -36,16 +36,16 @@ function centerClient(centerApiBase: string, centerApiKey: string) {
  return client
 }

-export async function loginCenter(centerApiBase: string, centerApiKey: string, payload: LoginPayload): Promise<AuthSession> {
-  const res = await centerClient(centerApiBase, centerApiKey).post<LoginResponse>('/auth/login', payload)
-  return { ...res.data, centerApiBase, centerApiKey }
+export async function loginCenter(centerApiBase: string, payload: LoginPayload): Promise<AuthSession> {
+  const res = await centerClient(centerApiBase).post<LoginResponse>('/auth/login', payload)
+  return { ...res.data, centerApiBase }
 }

-export async function refreshCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<RefreshResponse> {
-  const res = await centerClient(centerApiBase, centerApiKey).post<RefreshResponse>('/auth/refresh', { refreshToken })
+export async function refreshCenter(centerApiBase: string, refreshToken: string): Promise<RefreshResponse> {
+  const res = await centerClient(centerApiBase).post<RefreshResponse>('/auth/refresh', { refreshToken })
  return res.data
 }

-export async function logoutCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<void> {
-  await centerClient(centerApiBase, centerApiKey).post('/auth/logout', { refreshToken })
+export async function logoutCenter(centerApiBase: string, refreshToken: string): Promise<void> {
+  await centerClient(centerApiBase).post('/auth/logout', { refreshToken })
 }