transcription/backend/static/auth.js
keboss-m 8df14e3102 Add multi-tenant auth with org projects, roles, and personal workspaces.
JWT login, org-scoped storage and RAG, admin/director/user roles, user-owned projects, login UI, and legacy data migration.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-01 18:54:25 +03:00

107 lines
3.1 KiB
JavaScript

/**
* Shared auth helpers for Transcriba frontend.
*/
const Auth = {
TOKEN_KEY: 'transcriba_token',
USER_KEY: 'transcriba_user',
getToken() {
return localStorage.getItem(this.TOKEN_KEY);
},
setSession(token, user) {
localStorage.setItem(this.TOKEN_KEY, token);
localStorage.setItem(this.USER_KEY, JSON.stringify(user));
},
getUser() {
try {
const raw = localStorage.getItem(this.USER_KEY);
return raw ? JSON.parse(raw) : null;
} catch {
return null;
}
},
clearSession() {
localStorage.removeItem(this.TOKEN_KEY);
localStorage.removeItem(this.USER_KEY);
localStorage.removeItem('transcriba_chat_history');
},
requireAuth() {
if (!this.getToken()) {
window.location.href = '/login';
return false;
}
return true;
},
authHeaders(extra = {}) {
const headers = { ...extra };
const token = this.getToken();
if (token) headers['Authorization'] = `Bearer ${token}`;
return headers;
},
async apiFetch(url, options = {}) {
const headers = this.authHeaders(options.headers || {});
const response = await fetch(url, { ...options, headers });
if (response.status === 401) {
this.clearSession();
window.location.href = '/login';
throw new Error('Требуется авторизация');
}
return response;
},
async login(orgSlug, username, password) {
const response = await fetch('/api/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ org_slug: orgSlug, username, password }),
});
const data = await response.json();
if (!response.ok) {
throw new Error(data.detail || 'Ошибка входа');
}
this.setSession(data.access_token, data.user);
return data.user;
},
logout() {
this.clearSession();
window.location.href = '/login';
},
wsUrl(path = '/ws') {
const protocol = window.location.protocol === 'https:' ? 'wss:' : 'ws:';
const token = encodeURIComponent(this.getToken() || '');
return `${protocol}//${window.location.host}${path}?token=${token}`;
},
};
if (document.getElementById('loginForm')) {
document.getElementById('loginForm').addEventListener('submit', async (e) => {
e.preventDefault();
const btn = document.getElementById('loginBtn');
const errEl = document.getElementById('loginError');
errEl.hidden = true;
btn.disabled = true;
try {
await Auth.login(
document.getElementById('orgSlug').value.trim(),
document.getElementById('username').value.trim(),
document.getElementById('password').value
);
window.location.href = '/';
} catch (error) {
errEl.textContent = error.message;
errEl.hidden = false;
} finally {
btn.disabled = false;
}
});
}