ohmj/ohmj2
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

[FEAT] Full function and deployed version

Browse Source
This commit is contained in:
NADAL Jean-Baptiste
2026-02-19 15:15:58 +01:00
parent e7c4768589
commit cf0db69f2d
24 changed files with 6949 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
partitions/src/lib/api.ts
View File

@@ -3,10 +3,10 @@ import { auth } from '$lib/stores/auth';
import { browser } from '$app/environment';
import { get } from 'svelte/store';
// Use environment variable or default to localhost
const API_BASE_URL = browser
? (import.meta.env.VITE_API_URL || 'http://localhost:8000')
: (import.meta.env.VITE_API_URL || 'http://localhost:8000');
const API_BASE_URL_LOCAL = 'http://localhost:8000';
const API_BASE_URL_PROD = 'https://ohmj-api.c.nadal-fr.com';
const API_BASE_URL = browser ? API_BASE_URL_PROD : API_BASE_URL_LOCAL;
const api = axios.create({
baseURL: API_BASE_URL,
@@ -28,7 +28,8 @@ api.interceptors.request.use((config) => {
api.interceptors.response.use(
(response) => response,
(error: AxiosError) => {
if (error.response?.status === 401) {
// Only logout on actual 401 from the server, not network/CORS errors
if (error.response?.status === 401 && !error.message?.includes('Network Error')) {
auth.logout();
if (browser) {
window.location.href = '/';
@@ -110,9 +111,11 @@ export const apiService = {
},
getDownloadUrl(path: string): string {
// Security: Token is now passed via Authorization header, not URL
// The backend will read the token from the header in the request
return `${API_BASE_URL}/download/${path}`;
// Pass token in URL for direct browser access (PDF viewer, iframe, etc.)
// Safe over HTTPS
const authState = get(auth);
const token = authState.token ? encodeURIComponent(authState.token) : '';
return `${API_BASE_URL}/download/${path}?token=${token}`;
},
// New method to download with proper auth header
@@ -128,8 +131,8 @@ export const apiService = {
return response.data;
},
async updateScore(id: string, name: string, compositor: string): Promise<{ success: boolean; error?: string }> {
const response = await api.put(`/admin/scores/${id}`, { name, compositor });
async updateScore(id: string, name: string, compositor: string, ressource: string = ''): Promise<{ success: boolean; error?: string }> {
const response = await api.put(`/admin/scores/${id}`, { name, compositor, ressource });
return response.data;
},
@@ -151,7 +154,7 @@ export const apiService = {
const response = await api.post(`/admin/scores/${scoreId}/upload`, formData, {
headers: {
'Content-Type': 'multipart/form-data'
'Content-Type': undefined
}
});
return response.data;