From 376df12c20599bb0a9fd5a8c540e9cd249a6e29a Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Tue, 7 Oct 2025 05:53:55 -0700 Subject: [PATCH] refactor(admin): remove legacy client auth helper --- src/lib/admin-auth.ts | 63 ------------------- src/lib/admin/api.ts | 7 +-- .../admin/AdminSegmentedController.svelte | 14 ++--- src/routes/admin/logout/+server.ts | 13 ++++ 4 files changed, 21 insertions(+), 76 deletions(-) delete mode 100644 src/lib/admin-auth.ts create mode 100644 src/routes/admin/logout/+server.ts diff --git a/src/lib/admin-auth.ts b/src/lib/admin-auth.ts deleted file mode 100644 index c33ccf2..0000000 --- a/src/lib/admin-auth.ts +++ /dev/null @@ -1,63 +0,0 @@ -// Simple admin authentication helper for client-side use -// In a real application, this would use proper JWT tokens or session cookies - -let adminCredentials: string | null = null - -// Initialize auth (call this when the admin logs in) -export function setAdminAuth(username: string, password: string) { - adminCredentials = btoa(`${username}:${password}`) -} - -// Get auth headers for API requests -export function getAuthHeaders(): HeadersInit { - // First try to get from localStorage (where login stores it) - const storedAuth = typeof window !== 'undefined' ? localStorage.getItem('admin_auth') : null - if (storedAuth) { - return { - Authorization: `Basic ${storedAuth}` - } - } - - // Fall back to in-memory credentials if set - if (adminCredentials) { - return { - Authorization: `Basic ${adminCredentials}` - } - } - - // Development fallback - const fallbackAuth = btoa('admin:localdev') - return { - Authorization: `Basic ${fallbackAuth}` - } -} - -// Check if user is authenticated (basic check) -export function isAuthenticated(): boolean { - const storedAuth = typeof window !== 'undefined' ? localStorage.getItem('admin_auth') : null - return storedAuth !== null || adminCredentials !== null -} - -// Clear auth (logout) -export function clearAuth() { - adminCredentials = null - if (typeof window !== 'undefined') { - localStorage.removeItem('admin_auth') - } -} - -// Make authenticated API request -export async function authenticatedFetch( - url: string, - options: RequestInit = {} -): Promise { - const headers = { - ...getAuthHeaders(), - ...options.headers - } - - return fetch(url, { - ...options, - headers - }) -} diff --git a/src/lib/admin/api.ts b/src/lib/admin/api.ts index 5424034..f41b7fa 100644 --- a/src/lib/admin/api.ts +++ b/src/lib/admin/api.ts @@ -15,9 +15,7 @@ export interface ApiError extends Error { } function getAuthHeader() { - if (typeof localStorage === 'undefined') return {} - const auth = localStorage.getItem('admin_auth') - return auth ? { Authorization: `Basic ${auth}` } : {} + return {} } async function handleResponse(res: Response) { @@ -59,7 +57,8 @@ export async function request( method, headers: mergedHeaders, body: body ? (isFormData ? (body as any) : JSON.stringify(body)) : undefined, - signal + signal, + credentials: 'same-origin' }) return handleResponse(res) as Promise diff --git a/src/lib/components/admin/AdminSegmentedController.svelte b/src/lib/components/admin/AdminSegmentedController.svelte index 82e4b77..90c74bf 100644 --- a/src/lib/components/admin/AdminSegmentedController.svelte +++ b/src/lib/components/admin/AdminSegmentedController.svelte @@ -1,6 +1,5 @@