nav/Fabric.Frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): remove center api key from frontend login flow

Browse Source
This commit is contained in:
nav
2026-05-14 14:17:12 +00:00
parent cfaa1cb657
commit 4f28f102e0
5 changed files with 20 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/auth/AuthContext.tsx
View File

@@ -13,15 +13,15 @@ export function AuthProvider({ children }: PropsWithChildren) {
() => ({
session,
isAuthed: !!session,
login: async (centerApiBase: string, centerApiKey: string, email: string, password: string) => {
const next = await loginCenter(centerApiBase, centerApiKey, { email, password })
login: async (centerApiBase: string, email: string, password: string) => {
const next = await loginCenter(centerApiBase, { email, password })
setAuthSession(next)
setSession(next)
},
logout: async () => {
if (session?.refreshToken) {
try {
await logoutCenter(session.centerApiBase, session.centerApiKey, session.refreshToken)
await logoutCenter(session.centerApiBase, session.refreshToken)
} catch {
// noop
}
@@ -33,12 +33,13 @@ export function AuthProvider({ children }: PropsWithChildren) {
if (!session) return null
if (!isAccessTokenStale(session.accessToken)) return session.accessToken
const refreshed = await refreshCenter(session.centerApiBase, session.centerApiKey, session.refreshToken)
const refreshed = await refreshCenter(session.centerApiBase, session.refreshToken)
const next: AuthSession = {
...session,
accessToken: refreshed.accessToken,
refreshToken: refreshed.refreshToken,
tokenType: refreshed.tokenType,
expiresIn: refreshed.expiresIn,
}
setAuthSession(next)
setSession(next)

2
src/auth/auth-context.ts
View File

@@ -4,7 +4,7 @@ import type { AuthSession } from '../lib/auth-storage'
export type AuthContextValue = {
session: AuthSession | null
isAuthed: boolean
login: (centerApiBase: string, centerApiKey: string, email: string, password: string) => Promise<void>
login: (centerApiBase: string, email: string, password: string) => Promise<void>
logout: () => Promise<void>
ensureFreshToken: () => Promise<string | null>
}

3
src/lib/auth-storage.ts
View File

@@ -1,9 +1,9 @@
export type AuthSession = {
centerApiBase: string
centerApiKey: string
accessToken: string
refreshToken: string
tokenType: string
expiresIn?: number
user: {
id: string
email: string
@@ -18,6 +18,7 @@ export type AuthSession = {
guildNodeId: string
token: string
tokenType: string
expiresIn?: number
}>
}

22
src/lib/center-auth-client.ts
View File

@@ -4,22 +4,23 @@ import type { AuthSession } from './auth-storage'
export type LoginPayload = { email: string; password: string }
type LoginResponse = {
centerApiBase: string
accessToken: string
refreshToken: string
tokenType: string
expiresIn?: number
user: { id: string; email: string }
guilds: Array<{ nodeId: string; name: string; endpoint: string; status: 'active' | 'offline' | 'revoked' }>
guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string }>
guildAccessTokens: Array<{ guildNodeId: string; token: string; tokenType: string; expiresIn?: number }>
}
type RefreshResponse = {
accessToken: string
refreshToken: string
tokenType: string
expiresIn?: number
}
function centerClient(centerApiBase: string, centerApiKey: string) {
function centerClient(centerApiBase: string) {
const client = axios.create({
baseURL: centerApiBase,
timeout: 10000,
@@ -27,7 +28,6 @@ function centerClient(centerApiBase: string, centerApiKey: string) {
client.interceptors.request.use((request) => {
const requestId = crypto.randomUUID()
request.headers['x-api-key'] = centerApiKey
request.headers['x-request-id'] = requestId
request.headers['x-client-name'] = 'fabric-frontend'
return request
@@ -36,16 +36,16 @@ function centerClient(centerApiBase: string, centerApiKey: string) {
return client
}
export async function loginCenter(centerApiBase: string, centerApiKey: string, payload: LoginPayload): Promise<AuthSession> {
const res = await centerClient(centerApiBase, centerApiKey).post<LoginResponse>('/auth/login', payload)
return { ...res.data, centerApiBase, centerApiKey }
export async function loginCenter(centerApiBase: string, payload: LoginPayload): Promise<AuthSession> {
const res = await centerClient(centerApiBase).post<LoginResponse>('/auth/login', payload)
return { ...res.data, centerApiBase }
}
export async function refreshCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<RefreshResponse> {
const res = await centerClient(centerApiBase, centerApiKey).post<RefreshResponse>('/auth/refresh', { refreshToken })
export async function refreshCenter(centerApiBase: string, refreshToken: string): Promise<RefreshResponse> {
const res = await centerClient(centerApiBase).post<RefreshResponse>('/auth/refresh', { refreshToken })
return res.data
}
export async function logoutCenter(centerApiBase: string, centerApiKey: string, refreshToken: string): Promise<void> {
await centerClient(centerApiBase, centerApiKey).post('/auth/logout', { refreshToken })
export async function logoutCenter(centerApiBase: string, refreshToken: string): Promise<void> {
await centerClient(centerApiBase).post('/auth/logout', { refreshToken })
}

9
src/pages/LoginPage.tsx
View File

@@ -7,7 +7,6 @@ export default function LoginPage() {
const navigate = useNavigate()
const { login, isAuthed, session } = useAuth()
const [centerApiBase, setCenterApiBase] = useState('http://localhost:7001/api')
const [centerApiKey, setCenterApiKey] = useState('')
const [email, setEmail] = useState('')
const [password, setPassword] = useState('')
const [error, setError] = useState('')
@@ -16,7 +15,7 @@ export default function LoginPage() {
e.preventDefault()
setError('')
try {
await login(centerApiBase.trim(), centerApiKey.trim(), email, password)
await login(centerApiBase.trim(), email, password)
navigate('/workspace')
} catch {
setError('Login failed. Please check your email and password.')
@@ -34,12 +33,6 @@ export default function LoginPage() {
onChange={(e) => setCenterApiBase(e.target.value)}
placeholder="Center API Base (e.g. http://localhost:7001/api)"
/>
<input
className="input"
value={centerApiKey}
onChange={(e) => setCenterApiKey(e.target.value)}
placeholder="Center API Key"
/>
<input className="input" value={email} onChange={(e) => setEmail(e.target.value)} placeholder="Email" type="email" />
<input
className="input"