root/smart-home-server

Fork: 0

root / smart-home-server

History for smart-home-server / webclient / src / stores / auth.js

2026-06-06	74d4c0f Browse files » Route all auth/login requests through proxy.php for cross-domain SPA ... - Replace direct /auth/login with /proxy.php?path=/auth/login so the request reaches the PHP backend through proxy.php when the SPA runs on a different domain (panel.smarthome.arp vs 192.168.1.101). - Pass full window.location.href as return_to so the OAuth callback redirects back to the panel domain, not the bare server IP. Eugene Sukhodolskiy committed 10 hours ago
bcd9ed7 Browse files » Fix logout: session_start + destroy cookie + redirect to local /login instead of /auth/login Eugene Sukhodolskiy committed 17 hours ago
ac97fa4 Browse files » Phase 4: Vue client auth store, Bearer token injection, router guards, login page ... Server: - AuthControllerTrait now supports both session and Bearer token auth (resolves user from Authorization: Bearer header via shserv_sessions) Vue client: - Add api/auth.js module for access token management - Inject Authorization: Bearer header in http.js - Handle 401 in client.js: clear token + redirect to /auth/login - New Pinia auth store (stores/auth.js): init, refreshToken, logout, hasPermission - New usePermission composable - Router guards: redirect unauthenticated to /login, permission-based route blocking - New LoginPage.vue with gnexus-auth login button - AppShell: conditional nav items by permission, user bar with logout - main.js: initialize auth before mounting app - MSW mocks: /auth/me, /auth/logout, /auth/refresh - Fix AppShell.spec.js for Pinia + router setup All 167 tests pass. Eugene Sukhodolskiy committed 19 hours ago

2026-06-06

74d4c0f
Browse files »

Route all auth/login requests through proxy.php for cross-domain SPA ...

- Replace direct /auth/login with /proxy.php?path=/auth/login so the
  request reaches the PHP backend through proxy.php when the SPA runs
  on a different domain (panel.smarthome.arp vs 192.168.1.101).
- Pass full window.location.href as return_to so the OAuth callback
  redirects back to the panel domain, not the bare server IP.

Eugene Sukhodolskiy committed 10 hours ago

bcd9ed7
Browse files »

Fix logout: session_start + destroy cookie + redirect to local /login instead of /auth/login

Eugene Sukhodolskiy committed 17 hours ago

ac97fa4
Browse files »

Phase 4: Vue client auth store, Bearer token injection, router guards, login page ...

Server:
- AuthControllerTrait now supports both session and Bearer token auth
  (resolves user from Authorization: Bearer header via shserv_sessions)

Vue client:
- Add api/auth.js module for access token management
- Inject Authorization: Bearer header in http.js
- Handle 401 in client.js: clear token + redirect to /auth/login
- New Pinia auth store (stores/auth.js): init, refreshToken, logout, hasPermission
- New usePermission composable
- Router guards: redirect unauthenticated to /login, permission-based route blocking
- New LoginPage.vue with gnexus-auth login button
- AppShell: conditional nav items by permission, user bar with logout
- main.js: initialize auth before mounting app
- MSW mocks: /auth/me, /auth/logout, /auth/refresh
- Fix AppShell.spec.js for Pinia + router setup

All 167 tests pass.

Eugene Sukhodolskiy committed 19 hours ago