JWT login, org-scoped storage and RAG, admin/director/user roles, user-owned projects, login UI, and legacy data migration. Co-authored-by: Cursor <cursoragent@cursor.com>
107 lines
3.1 KiB
JavaScript
107 lines
3.1 KiB
JavaScript
/**
|
|
* Shared auth helpers for Transcriba frontend.
|
|
*/
|
|
|
|
const Auth = {
|
|
TOKEN_KEY: 'transcriba_token',
|
|
USER_KEY: 'transcriba_user',
|
|
|
|
getToken() {
|
|
return localStorage.getItem(this.TOKEN_KEY);
|
|
},
|
|
|
|
setSession(token, user) {
|
|
localStorage.setItem(this.TOKEN_KEY, token);
|
|
localStorage.setItem(this.USER_KEY, JSON.stringify(user));
|
|
},
|
|
|
|
getUser() {
|
|
try {
|
|
const raw = localStorage.getItem(this.USER_KEY);
|
|
return raw ? JSON.parse(raw) : null;
|
|
} catch {
|
|
return null;
|
|
}
|
|
},
|
|
|
|
clearSession() {
|
|
localStorage.removeItem(this.TOKEN_KEY);
|
|
localStorage.removeItem(this.USER_KEY);
|
|
localStorage.removeItem('transcriba_chat_history');
|
|
},
|
|
|
|
requireAuth() {
|
|
if (!this.getToken()) {
|
|
window.location.href = '/login';
|
|
return false;
|
|
}
|
|
return true;
|
|
},
|
|
|
|
authHeaders(extra = {}) {
|
|
const headers = { ...extra };
|
|
const token = this.getToken();
|
|
if (token) headers['Authorization'] = `Bearer ${token}`;
|
|
return headers;
|
|
},
|
|
|
|
async apiFetch(url, options = {}) {
|
|
const headers = this.authHeaders(options.headers || {});
|
|
const response = await fetch(url, { ...options, headers });
|
|
if (response.status === 401) {
|
|
this.clearSession();
|
|
window.location.href = '/login';
|
|
throw new Error('Требуется авторизация');
|
|
}
|
|
return response;
|
|
},
|
|
|
|
async login(orgSlug, username, password) {
|
|
const response = await fetch('/api/auth/login', {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json' },
|
|
body: JSON.stringify({ org_slug: orgSlug, username, password }),
|
|
});
|
|
const data = await response.json();
|
|
if (!response.ok) {
|
|
throw new Error(data.detail || 'Ошибка входа');
|
|
}
|
|
this.setSession(data.access_token, data.user);
|
|
return data.user;
|
|
},
|
|
|
|
logout() {
|
|
this.clearSession();
|
|
window.location.href = '/login';
|
|
},
|
|
|
|
wsUrl(path = '/ws') {
|
|
const protocol = window.location.protocol === 'https:' ? 'wss:' : 'ws:';
|
|
const token = encodeURIComponent(this.getToken() || '');
|
|
return `${protocol}//${window.location.host}${path}?token=${token}`;
|
|
},
|
|
};
|
|
|
|
if (document.getElementById('loginForm')) {
|
|
document.getElementById('loginForm').addEventListener('submit', async (e) => {
|
|
e.preventDefault();
|
|
const btn = document.getElementById('loginBtn');
|
|
const errEl = document.getElementById('loginError');
|
|
errEl.hidden = true;
|
|
btn.disabled = true;
|
|
try {
|
|
await Auth.login(
|
|
document.getElementById('orgSlug').value.trim(),
|
|
document.getElementById('username').value.trim(),
|
|
document.getElementById('password').value
|
|
);
|
|
window.location.href = '/';
|
|
} catch (error) {
|
|
errEl.textContent = error.message;
|
|
errEl.hidden = false;
|
|
} finally {
|
|
btn.disabled = false;
|
|
}
|
|
});
|
|
}
|