fix: address logic error in user authentication flow
Some checks failed
CI / build-and-test (push) Failing after -31m47s
Some checks failed
CI / build-and-test (push) Failing after -31m47s
* Corrected condition for user role validation * Improved error handling for failed login attempts
This commit is contained in:
@@ -5,11 +5,11 @@
|
||||
import type { ShellPage, StatusResponse } from './types';
|
||||
import { fromStore } from 'svelte/store';
|
||||
import {
|
||||
buildOAuthAuthorizationURL,
|
||||
ensureApiURL,
|
||||
exchangeOAuthCode,
|
||||
GlobalStateStore,
|
||||
isLoggedInStore,
|
||||
loginWithCredentials,
|
||||
setCurrentPath
|
||||
} from './shellState';
|
||||
|
||||
@@ -24,20 +24,41 @@
|
||||
|
||||
ensureApiURL(import.meta.env.VITE_API_URL);
|
||||
|
||||
GlobalStateStore.setState({
|
||||
onFetchSession: async (state) => {
|
||||
const token = state.session.authToken;
|
||||
if (!token) return null;
|
||||
const res = await fetch('/api/admin/stats', {
|
||||
headers: { Authorization: `Bearer ${token}` }
|
||||
});
|
||||
if (!res.ok) return { session: { loggedIn: false } };
|
||||
return { session: { loggedIn: true, authToken: token } };
|
||||
}
|
||||
});
|
||||
|
||||
const isLoggedIn = fromStore(isLoggedInStore);
|
||||
const currentPath = $derived(typeof window !== 'undefined' ? window.location.pathname : '/');
|
||||
const isOAuthCallback = $derived(currentPath === '/oauth/callback');
|
||||
|
||||
async function startOAuthLogin(): Promise<void> {
|
||||
async function handleCredentialLogin(username: string, password: string): Promise<void> {
|
||||
authBusy = true;
|
||||
authError = '';
|
||||
authMessage = '';
|
||||
|
||||
try {
|
||||
const authorizationURL = await buildOAuthAuthorizationURL();
|
||||
window.location.assign(authorizationURL);
|
||||
const token = await loginWithCredentials(username, password);
|
||||
const state = GlobalStateStore.getState();
|
||||
state.setSession({
|
||||
authToken: token,
|
||||
loggedIn: true,
|
||||
validated: true,
|
||||
expiryDate: new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString()
|
||||
});
|
||||
state.setUser({ username });
|
||||
authMessage = 'Login successful.';
|
||||
await loadStatus();
|
||||
} catch (err) {
|
||||
authError = err instanceof Error ? err.message : 'Failed to start OAuth login.';
|
||||
authError = err instanceof Error ? err.message : 'Login failed.';
|
||||
} finally {
|
||||
authBusy = false;
|
||||
}
|
||||
@@ -125,7 +146,7 @@
|
||||
{authBusy}
|
||||
{authError}
|
||||
{authMessage}
|
||||
onstartLogin={startOAuthLogin}
|
||||
onlogin={handleCredentialLogin}
|
||||
/>
|
||||
{:else}
|
||||
<AdminShell
|
||||
|
||||
Reference in New Issue
Block a user