diff --git a/src/lib/components/admin/GalleryUploader.svelte b/src/lib/components/admin/GalleryUploader.svelte index 99e4e1e..ccca95f 100644 --- a/src/lib/components/admin/GalleryUploader.svelte +++ b/src/lib/components/admin/GalleryUploader.svelte @@ -5,7 +5,6 @@ import SmartImage from '../SmartImage.svelte' import UnifiedMediaModal from './UnifiedMediaModal.svelte' import MediaDetailsModal from './MediaDetailsModal.svelte' - import { authenticatedFetch } from '$lib/admin-auth' interface Props { label: string @@ -80,9 +79,10 @@ const formData = new FormData() formData.append('file', file) - const response = await authenticatedFetch('/api/media/upload', { + const response = await fetch('/api/media/upload', { method: 'POST', - body: formData + body: formData, + credentials: 'same-origin' }) if (!response.ok) { diff --git a/src/lib/components/admin/ImageUploader.svelte b/src/lib/components/admin/ImageUploader.svelte index 7faa083..0287d71 100644 --- a/src/lib/components/admin/ImageUploader.svelte +++ b/src/lib/components/admin/ImageUploader.svelte @@ -4,7 +4,6 @@ import Input from './Input.svelte' import SmartImage from '../SmartImage.svelte' import UnifiedMediaModal from './UnifiedMediaModal.svelte' - import { authenticatedFetch } from '$lib/admin-auth' import RefreshIcon from '$icons/refresh.svg?component' interface Props { @@ -85,9 +84,10 @@ formData.append('description', descriptionValue.trim()) } - const response = await authenticatedFetch('/api/media/upload', { + const response = await fetch('/api/media/upload', { method: 'POST', - body: formData + body: formData, + credentials: 'same-origin' }) if (!response.ok) { @@ -191,14 +191,15 @@ if (!value) return try { - const response = await authenticatedFetch(`/api/media/${value.id}/metadata`, { + const response = await fetch(`/api/media/${value.id}/metadata`, { method: 'PATCH', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ description: descriptionValue.trim() || null - }) + }), + credentials: 'same-origin' }) if (response.ok) { diff --git a/src/lib/components/admin/InlineComposerModal.svelte b/src/lib/components/admin/InlineComposerModal.svelte index 28e439a..c0e2ce2 100644 --- a/src/lib/components/admin/InlineComposerModal.svelte +++ b/src/lib/components/admin/InlineComposerModal.svelte @@ -111,18 +111,11 @@ formData.append('file', file) formData.append('type', 'image') - // Add auth header if needed - const auth = localStorage.getItem('admin_auth') - const headers: Record = {} - if (auth) { - headers.Authorization = `Basic ${auth}` - } - try { const response = await fetch('/api/media/upload', { method: 'POST', - headers, - body: formData + body: formData, + credentials: 'same-origin' }) if (response.ok) { @@ -200,16 +193,13 @@ } try { - const auth = localStorage.getItem('admin_auth') - const headers: Record = { 'Content-Type': 'application/json' } - if (auth) { - headers.Authorization = `Basic ${auth}` - } - const response = await fetch('/api/posts', { method: 'POST', - headers, - body: JSON.stringify(postData) + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify(postData), + credentials: 'same-origin' }) if (response.ok) { diff --git a/src/lib/components/admin/MediaDetailsModal.svelte b/src/lib/components/admin/MediaDetailsModal.svelte index 25592a5..03e3518 100644 --- a/src/lib/components/admin/MediaDetailsModal.svelte +++ b/src/lib/components/admin/MediaDetailsModal.svelte @@ -11,7 +11,6 @@ import CopyIcon from '$components/icons/CopyIcon.svelte' import MediaMetadataPanel from './MediaMetadataPanel.svelte' import MediaUsageList from './MediaUsageList.svelte' - import { authenticatedFetch } from '$lib/admin-auth' import { toast } from '$lib/stores/toast' import { formatFileSize, getFileType, isVideoFile } from '$lib/utils/mediaHelpers' import type { Media } from '@prisma/client' @@ -67,7 +66,9 @@ try { loadingUsage = true - const response = await authenticatedFetch(`/api/media/${media.id}/usage`) + const response = await fetch(`/api/media/${media.id}/usage`, { + credentials: 'same-origin' + }) if (response.ok) { const data = await response.json() @@ -92,7 +93,9 @@ loadingAlbums = true // Load albums this media belongs to - const mediaResponse = await authenticatedFetch(`/api/media/${media.id}/albums`) + const mediaResponse = await fetch(`/api/media/${media.id}/albums`, { + credentials: 'same-origin' + }) if (mediaResponse.ok) { const data = await mediaResponse.json() albums = data.albums || [] @@ -120,7 +123,7 @@ try { isSaving = true - const response = await authenticatedFetch(`/api/media/${media.id}`, { + const response = await fetch(`/api/media/${media.id}`, { method: 'PUT', headers: { 'Content-Type': 'application/json' @@ -128,7 +131,8 @@ body: JSON.stringify({ description: description.trim() || null, isPhotography: isPhotography - }) + }), + credentials: 'same-origin' }) if (!response.ok) { @@ -167,8 +171,9 @@ try { isSaving = true - const response = await authenticatedFetch(`/api/media/${media.id}`, { - method: 'DELETE' + const response = await fetch(`/api/media/${media.id}`, { + method: 'DELETE', + credentials: 'same-origin' }) if (!response.ok) { diff --git a/src/lib/components/admin/MediaUploadModal.svelte b/src/lib/components/admin/MediaUploadModal.svelte index 558665d..ba745f5 100644 --- a/src/lib/components/admin/MediaUploadModal.svelte +++ b/src/lib/components/admin/MediaUploadModal.svelte @@ -73,13 +73,6 @@ successCount = 0 uploadProgress = {} - const auth = localStorage.getItem('admin_auth') - if (!auth) { - uploadErrors = ['Authentication required'] - isUploading = false - return - } - // Upload files individually to show progress for (const file of files) { try { @@ -88,10 +81,8 @@ const response = await fetch('/api/media/upload', { method: 'POST', - headers: { - Authorization: `Basic ${auth}` - }, - body: formData + body: formData, + credentials: 'same-origin' }) if (!response.ok) { diff --git a/src/lib/components/admin/UnifiedMediaModal.svelte b/src/lib/components/admin/UnifiedMediaModal.svelte index f28e460..36c670a 100644 --- a/src/lib/components/admin/UnifiedMediaModal.svelte +++ b/src/lib/components/admin/UnifiedMediaModal.svelte @@ -290,9 +290,6 @@ try { isSaving = true error = '' - const auth = localStorage.getItem('admin_auth') - if (!auth) return - const toAdd = Array.from(mediaToAdd()) const toRemove = Array.from(mediaToRemove()) @@ -301,10 +298,10 @@ const response = await fetch(`/api/albums/${albumId}/media`, { method: 'POST', headers: { - Authorization: `Basic ${auth}`, 'Content-Type': 'application/json' }, - body: JSON.stringify({ mediaIds: toAdd }) + body: JSON.stringify({ mediaIds: toAdd }), + credentials: 'same-origin' }) if (!response.ok) { @@ -317,10 +314,10 @@ const response = await fetch(`/api/albums/${albumId}/media`, { method: 'DELETE', headers: { - Authorization: `Basic ${auth}`, 'Content-Type': 'application/json' }, - body: JSON.stringify({ mediaIds: toRemove }) + body: JSON.stringify({ mediaIds: toRemove }), + credentials: 'same-origin' }) if (!response.ok) { diff --git a/src/lib/components/admin/composer/ComposerMediaHandler.svelte.ts b/src/lib/components/admin/composer/ComposerMediaHandler.svelte.ts index ac26a40..132beb4 100644 --- a/src/lib/components/admin/composer/ComposerMediaHandler.svelte.ts +++ b/src/lib/components/admin/composer/ComposerMediaHandler.svelte.ts @@ -44,11 +44,6 @@ export class ComposerMediaHandler { }) try { - const auth = localStorage.getItem('admin_auth') - if (!auth) { - throw new Error('Not authenticated') - } - const formData = new FormData() formData.append('file', file) @@ -59,10 +54,8 @@ export class ComposerMediaHandler { const response = await fetch('/api/media/upload', { method: 'POST', - headers: { - Authorization: `Basic ${auth}` - }, - body: formData + body: formData, + credentials: 'same-origin' }) if (!response.ok) { diff --git a/src/lib/components/edra/headless/components/ContentInsertionPane.svelte b/src/lib/components/edra/headless/components/ContentInsertionPane.svelte index 44c81e5..a66e514 100644 --- a/src/lib/components/edra/headless/components/ContentInsertionPane.svelte +++ b/src/lib/components/edra/headless/components/ContentInsertionPane.svelte @@ -114,16 +114,10 @@ formData.append('albumId', albumId.toString()) } - const auth = localStorage.getItem('admin_auth') - const headers: Record = {} - if (auth) { - headers.Authorization = `Basic ${auth}` - } - const response = await fetch('/api/media/upload', { method: 'POST', - headers, - body: formData + body: formData, + credentials: 'same-origin' }) if (response.ok) { diff --git a/src/lib/components/edra/headless/components/ImagePlaceholder.svelte b/src/lib/components/edra/headless/components/ImagePlaceholder.svelte index 6c0b451..2591e1d 100644 --- a/src/lib/components/edra/headless/components/ImagePlaceholder.svelte +++ b/src/lib/components/edra/headless/components/ImagePlaceholder.svelte @@ -72,17 +72,10 @@ formData.append('file', file) formData.append('type', 'image') - // Add auth header if needed - const auth = localStorage.getItem('admin_auth') - const headers: Record = {} - if (auth) { - headers.Authorization = `Basic ${auth}` - } - const response = await fetch('/api/media/upload', { method: 'POST', - headers, - body: formData + body: formData, + credentials: 'same-origin' }) if (response.ok) {