marcel/familienarchiv
1
0
Fork 0
Code Issues 119 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity

fix(frontend): fix handleFetch skipping auth for /api/users/me endpoints and regenerate API types

Browse Source 
The handleFetch hook previously skipped auth headers for all URLs
containing /api/users/me. Since the hook's own user-load call uses
globalThis.fetch (bypassing handleFetch), it is safe to remove this
exception — enabling profile update and password change actions to
authenticate properly.

Also regenerates API types with new profile endpoints and AppUser fields.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel
2026-03-20 23:04:37 +01:00
parent 168225d67c
commit 8f5c13f162
2 changed files with 210 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
frontend/src/hooks.server.ts
View File

@@ -63,9 +63,8 @@ const userGroup: Handle = async ({ event, resolve }) => {
export const handleFetch: HandleFetch = async ({ event, request, fetch }) => { export const handleFetch: HandleFetch = async ({ event, request, fetch }) => {
const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080'; const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080';
const isApi = request.url.startsWith(apiUrl) || request.url.includes('/api/'); const isApi = request.url.startsWith(apiUrl) || request.url.includes('/api/');
const isNotLoginTest = !request.url.includes('/api/users/me');
if (isApi && isNotLoginTest) { if (isApi) {
const token = event.cookies.get('auth_token'); const token = event.cookies.get('auth_token');
if (!token) { if (!token) {

269
frontend/src/lib/generated/api.ts
View File

@@ -4,6 +4,22 @@
*/ */
export interface paths { export interface paths {
"/api/users/me": {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
get: operations["getCurrentUser"];
put: operations["updateProfile"];
post?: never;
delete?: never;
options?: never;
head?: never;
patch?: never;
trace?: never;
};
"/api/tags/{id}": { "/api/tags/{id}": {
parameters: { parameters: {
query?: never; query?: never;
@@ -68,6 +84,22 @@ export interface paths {
patch?: never; patch?: never;
trace?: never; trace?: never;
}; };
"/api/users/me/password": {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
get?: never;
put?: never;
post: operations["changePassword"];
delete?: never;
options?: never;
head?: never;
patch?: never;
trace?: never;
};
"/api/persons": { "/api/persons": {
parameters: { parameters: {
query?: never; query?: never;
@@ -164,17 +196,17 @@ export interface paths {
patch: operations["updateGroup"]; patch: operations["updateGroup"];
trace?: never; trace?: never;
}; };
"/api/users/me": { "/api/users/{id}": {
parameters: { parameters: {
query?: never; query?: never;
header?: never; header?: never;
path?: never; path?: never;
cookie?: never; cookie?: never;
}; };
get: operations["getCurrentUser"]; get: operations["getUser"];
put?: never; put?: never;
post?: never; post?: never;
delete?: never; delete: operations["deleteUser"];
options?: never; options?: never;
head?: never; head?: never;
patch?: never; patch?: never;
@@ -228,6 +260,22 @@ export interface paths {
patch?: never; patch?: never;
trace?: never; trace?: never;
}; };
"/api/persons/{id}/correspondents": {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
get: operations["getCorrespondents"];
put?: never;
post?: never;
delete?: never;
options?: never;
head?: never;
patch?: never;
trace?: never;
};
"/api/documents/{id}/file": { "/api/documents/{id}/file": {
parameters: { parameters: {
query?: never; query?: never;
@@ -292,31 +340,55 @@ export interface paths {
patch?: never; patch?: never;
trace?: never; trace?: never;
}; };
"/api/users/{id}": {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
get?: never;
put?: never;
post?: never;
delete: operations["deleteUser"];
options?: never;
head?: never;
patch?: never;
trace?: never;
};
} }
export type webhooks = Record<string, never>; export type webhooks = Record<string, never>;
export interface components { export interface components {
schemas: { schemas: {
UpdateProfileDTO: {
firstName?: string;
lastName?: string;
/** Format: date */
birthDate?: string;
email?: string;
contact?: string;
};
AppUser: {
/** Format: uuid */
id: string;
username: string;
password?: string;
firstName?: string;
lastName?: string;
/** Format: date */
birthDate?: string;
email?: string;
contact?: string;
enabled: boolean;
groups: components["schemas"]["UserGroup"][];
/** Format: date-time */
createdAt: string;
};
UserGroup: {
/** Format: uuid */
id: string;
name: string;
permissions: string[];
};
Tag: { Tag: {
/** Format: uuid */ /** Format: uuid */
id: string; id: string;
name: string; name: string;
}; };
PersonUpdateDTO: {
firstName?: string;
lastName?: string;
alias?: string;
notes?: string;
/** Format: int32 */
birthYear?: number;
/** Format: int32 */
deathYear?: number;
};
Person: { Person: {
/** Format: uuid */ /** Format: uuid */
id: string; id: string;
@@ -373,22 +445,9 @@ export interface components {
initialPassword?: string; initialPassword?: string;
groupIds?: string[]; groupIds?: string[];
}; };
AppUser: { ChangePasswordDTO: {
/** Format: uuid */ currentPassword?: string;
id: string; newPassword?: string;
username: string;
password?: string;
email?: string;
enabled: boolean;
groups: components["schemas"]["UserGroup"][];
/** Format: date-time */
createdAt: string;
};
UserGroup: {
/** Format: uuid */
id: string;
name: string;
permissions: string[];
}; };
GroupDTO: { GroupDTO: {
name?: string; name?: string;
@@ -412,6 +471,50 @@ export interface components {
} }
export type $defs = Record<string, never>; export type $defs = Record<string, never>;
export interface operations { export interface operations {
getCurrentUser: {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
requestBody?: never;
responses: {
/** @description OK */
200: {
headers: {
[name: string]: unknown;
};
content: {
"*/*": components["schemas"]["AppUser"];
};
};
};
};
updateProfile: {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
requestBody: {
content: {
"application/json": components["schemas"]["UpdateProfileDTO"];
};
};
responses: {
/** @description OK */
200: {
headers: {
[name: string]: unknown;
};
content: {
"*/*": components["schemas"]["AppUser"];
};
};
};
};
updateTag: { updateTag: {
parameters: { parameters: {
query?: never; query?: never;
@@ -493,9 +596,7 @@ export interface operations {
}; };
requestBody: { requestBody: {
content: { content: {
"application/json": { "application/json": components["schemas"]["PersonUpdateDTO"];
[key: string]: string;
};
}; };
}; };
responses: { responses: {
@@ -602,6 +703,28 @@ export interface operations {
}; };
}; };
}; };
changePassword: {
parameters: {
query?: never;
header?: never;
path?: never;
cookie?: never;
};
requestBody: {
content: {
"application/json": components["schemas"]["ChangePasswordDTO"];
};
};
responses: {
/** @description No Content */
204: {
headers: {
[name: string]: unknown;
};
content?: never;
};
};
};
getPersons: { getPersons: {
parameters: { parameters: {
query?: { query?: {
@@ -810,11 +933,13 @@ export interface operations {
}; };
}; };
}; };
getCurrentUser: { getUser: {
parameters: { parameters: {
query?: never; query?: never;
header?: never; header?: never;
path?: never; path: {
id: string;
};
cookie?: never; cookie?: never;
}; };
requestBody?: never; requestBody?: never;
@@ -830,6 +955,26 @@ export interface operations {
}; };
}; };
}; };
deleteUser: {
parameters: {
query?: never;
header?: never;
path: {
id: string;
};
cookie?: never;
};
requestBody?: never;
responses: {
/** @description OK */
200: {
headers: {
[name: string]: unknown;
};
content?: never;
};
};
};
searchTags: { searchTags: {
parameters: { parameters: {
query?: { query?: {
@@ -896,6 +1041,30 @@ export interface operations {
}; };
}; };
}; };
getCorrespondents: {
parameters: {
query?: {
q?: string;
};
header?: never;
path: {
id: string;
};
cookie?: never;
};
requestBody?: never;
responses: {
/** @description OK */
200: {
headers: {
[name: string]: unknown;
};
content: {
"*/*": components["schemas"]["Person"][];
};
};
};
};
getDocumentFile: { getDocumentFile: {
parameters: { parameters: {
query?: never; query?: never;
@@ -991,24 +1160,4 @@ export interface operations {
}; };
}; };
}; };
deleteUser: {
parameters: {
query?: never;
header?: never;
path: {
id: string;
};
cookie?: never;
};
requestBody?: never;
responses: {
/** @description OK */
200: {
headers: {
[name: string]: unknown;
};
content?: never;
};
};
};
} }