team-board/web-client-vite
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: auth on uploads (401→login redirect), token in download URLs

Browse Source
This commit is contained in:
Markov 2026-02-25 11:16:10 +01:00
parent f676329206
commit 8f2c999245
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/lib/api.ts
View File

@ -333,6 +333,11 @@ export async function uploadProjectFile(slug: string, file: File, description?:
headers: token ? { Authorization: `Bearer ${token}` } : {}, headers: token ? { Authorization: `Bearer ${token}` } : {},
body: formData, body: formData,
}); });
if (res.status === 401) {
localStorage.removeItem("tb_token");
window.location.href = "/login";
throw new Error("Unauthorized");
}
if (!res.ok) { if (!res.ok) {
const err = await res.json().catch(() => ({ error: res.statusText })); const err = await res.json().catch(() => ({ error: res.statusText }));
throw new Error(err.error || `HTTP ${res.status}`); throw new Error(err.error || `HTTP ${res.status}`);
@ -341,7 +346,9 @@ export async function uploadProjectFile(slug: string, file: File, description?:
} }
export function getProjectFileUrl(slug: string, fileId: string): string { export function getProjectFileUrl(slug: string, fileId: string): string {
return `${API_BASE}/api/v1/projects/${slug}/files/${fileId}/download`; const token = getToken();
const qs = token ? `?token=${encodeURIComponent(token)}` : "";
return `${API_BASE}/api/v1/projects/${slug}/files/${fileId}/download${qs}`;
} }
export async function updateProjectFile(slug: string, fileId: string, data: { description?: string }): Promise<ProjectFile> { export async function updateProjectFile(slug: string, fileId: string, data: { description?: string }): Promise<ProjectFile> {
@ -372,6 +379,11 @@ export async function uploadFile(file: File): Promise<UploadedFile> {
headers: token ? { Authorization: `Bearer ${token}` } : {}, headers: token ? { Authorization: `Bearer ${token}` } : {},
body: formData, body: formData,
}); });
if (res.status === 401) {
localStorage.removeItem("tb_token");
window.location.href = "/login";
throw new Error("Unauthorized");
}
if (!res.ok) { if (!res.ok) {
const err = await res.json().catch(() => ({ error: res.statusText })); const err = await res.json().catch(() => ({ error: res.statusText }));
throw new Error(err.error || `HTTP ${res.status}`); throw new Error(err.error || `HTTP ${res.status}`);
@ -380,7 +392,9 @@ export async function uploadFile(file: File): Promise<UploadedFile> {
} }
export function getAttachmentUrl(attachmentId: string): string { export function getAttachmentUrl(attachmentId: string): string {
return `${API_BASE}/api/v1/attachments/${attachmentId}/download`; const token = getToken();
const qs = token ? `?token=${encodeURIComponent(token)}` : "";
return `${API_BASE}/api/v1/attachments/${attachmentId}/download${qs}`;
} }
// --- Project Members --- // --- Project Members ---