8f5c13f162
The handleFetch hook previously skipped auth headers for all URLs containing /api/users/me. Since the hook's own user-load call uses globalThis.fetch (bypassing handleFetch), it is safe to remove this exception — enabling profile update and password change actions to authenticate properly. Also regenerates API types with new profile endpoints and AppUser fields. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
92 lines
2.5 KiB
TypeScript
92 lines
2.5 KiB
TypeScript
import { redirect, type Handle, type HandleFetch } from '@sveltejs/kit';
|
|
import { paraglideMiddleware } from '$lib/paraglide/server';
|
|
import { sequence } from '@sveltejs/kit/hooks';
|
|
import { env } from 'process';
|
|
import { cookieName, cookieMaxAge } from '$lib/paraglide/runtime';
|
|
import { detectLocale } from '$lib/server/locale';
|
|
|
|
const PUBLIC_PATHS = ['/login', '/logout'];
|
|
|
|
const handleLocaleDetection: Handle = ({ event, resolve }) => {
|
|
if (!event.cookies.get(cookieName)) {
|
|
const locale = detectLocale(event.request.headers.get('accept-language') ?? '');
|
|
if (locale) {
|
|
event.cookies.set(cookieName, locale, {
|
|
path: '/',
|
|
sameSite: 'lax',
|
|
maxAge: cookieMaxAge,
|
|
httpOnly: false
|
|
});
|
|
}
|
|
}
|
|
return resolve(event);
|
|
};
|
|
|
|
const handleAuth: Handle = async ({ event, resolve }) => {
|
|
const isPublic = PUBLIC_PATHS.some((p) => event.url.pathname.startsWith(p));
|
|
if (!isPublic && !event.locals.user) {
|
|
throw redirect(302, '/login');
|
|
}
|
|
return resolve(event);
|
|
};
|
|
|
|
const handleParaglide: Handle = ({ event, resolve }) =>
|
|
paraglideMiddleware(event.request, ({ request, locale }) => {
|
|
event.request = request;
|
|
|
|
return resolve(event, {
|
|
transformPageChunk: ({ html }) => html.replace('%paraglide.lang%', locale)
|
|
});
|
|
});
|
|
|
|
const userGroup: Handle = async ({ event, resolve }) => {
|
|
const auth = event.cookies.get('auth_token');
|
|
|
|
if (auth) {
|
|
try {
|
|
const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080';
|
|
const response = await fetch(`${apiUrl}/api/users/me`, {
|
|
headers: { Authorization: auth }
|
|
});
|
|
if (response.ok) {
|
|
const user = await response.json();
|
|
event.locals.user = user;
|
|
}
|
|
} catch (error) {
|
|
console.error('Error fetching user in hook:', error);
|
|
}
|
|
}
|
|
|
|
return resolve(event);
|
|
};
|
|
|
|
export const handleFetch: HandleFetch = async ({ event, request, fetch }) => {
|
|
const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080';
|
|
const isApi = request.url.startsWith(apiUrl) || request.url.includes('/api/');
|
|
|
|
if (isApi) {
|
|
const token = event.cookies.get('auth_token');
|
|
|
|
if (!token) {
|
|
return new Response('Unauthorized', { status: 401 });
|
|
}
|
|
|
|
// Clone the request first to preserve the body
|
|
const clonedRequest = request.clone();
|
|
|
|
// Create new request with Authorization header and preserved body
|
|
const modifiedRequest = new Request(clonedRequest, {
|
|
headers: {
|
|
...Object.fromEntries(clonedRequest.headers),
|
|
Authorization: token
|
|
}
|
|
});
|
|
|
|
return fetch(modifiedRequest);
|
|
}
|
|
|
|
return fetch(request);
|
|
};
|
|
|
|
export const handle = sequence(userGroup, handleAuth, handleLocaleDetection, handleParaglide);
|