68c0985482
- Refactored OIDC flow to implement PKCE, state/nonce validation, and BFF pattern. - Centralized configuration in Settings class (DEV_MODE, FRONTEND_URL, OIDC_REDIRECT_URI). - Updated auth routers to use conditional secure cookie flags based on DEV_MODE. - Modernized and cleaned up test suite by removing legacy Streamlit tests. - Fixed linting errors and unused imports across the backend.
53 lines
1.3 KiB
TypeScript
53 lines
1.3 KiB
TypeScript
import api from "./api"
|
|
|
|
export interface AuthResponse {
|
|
access_token: string
|
|
token_type: string
|
|
}
|
|
|
|
export interface UserResponse {
|
|
id: string
|
|
email: string
|
|
display_name?: string
|
|
}
|
|
|
|
export const AuthService = {
|
|
async login(email: string, password: string): Promise<AuthResponse> {
|
|
const formData = new FormData()
|
|
formData.append("username", email)
|
|
formData.append("password", password)
|
|
|
|
const response = await api.post<AuthResponse>("/auth/login", formData)
|
|
return response.data
|
|
},
|
|
|
|
async loginWithOIDC() {
|
|
const response = await api.get<{ url: string }>("/auth/oidc/login")
|
|
if (response.data.url) {
|
|
window.location.href = response.data.url
|
|
}
|
|
},
|
|
|
|
async register(email: string, password: string): Promise<UserResponse> {
|
|
const response = await api.post<UserResponse>("/auth/register", {
|
|
email,
|
|
password,
|
|
})
|
|
return response.data
|
|
},
|
|
|
|
async getMe(): Promise<UserResponse> {
|
|
const response = await api.get<UserResponse>("/auth/me")
|
|
// Double check that we got JSON and not an HTML fallback
|
|
const contentType = response.headers["content-type"]
|
|
if (contentType && !contentType.includes("application/json")) {
|
|
throw new Error("Invalid response from server")
|
|
}
|
|
return response.data
|
|
},
|
|
|
|
async logout() {
|
|
await api.post("/auth/logout")
|
|
},
|
|
}
|