cfa95ff031
Backend: - Add dashboard API (today stats, inbox count, law alerts, pipeline status) - Add /api/documents/tree endpoint for sidebar domain/sub_group tree - Migrate auth to HttpOnly cookie for refresh token (XSS defense) - Add /api/auth/logout endpoint (cookie cleanup) - Register dashboard router in main.py Frontend (SvelteKit + Tailwind CSS v4): - api.ts: fetch wrapper with refresh queue pattern, 401 single retry, forced logout on refresh failure - Auth store: login/logout/refresh with memory-based access token - UI store: toast system, sidebar state - Login page with TOTP support - Dashboard with 4 stat widgets + recent documents - Document list with hybrid search (debounce, URL query state, mode select) - Document detail with format-aware viewer (markdown/PDF/HWP/Synology/fallback) - Metadata panel (AI summary, tags, processing history) - Inbox triage UI (batch select, confirm dialog, domain override) - Settings page (password change, TOTP status) Infrastructure: - Enable frontend service in docker-compose - Caddy path routing (/api/* → fastapi, / → frontend) + gzip Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
56 lines
1.3 KiB
TypeScript
56 lines
1.3 KiB
TypeScript
import { writable } from 'svelte/store';
|
|
import { api, setAccessToken } from '$lib/api';
|
|
|
|
interface User {
|
|
id: number;
|
|
username: string;
|
|
is_active: boolean;
|
|
totp_enabled: boolean;
|
|
last_login_at: string | null;
|
|
}
|
|
|
|
export const user = writable<User | null>(null);
|
|
export const isAuthenticated = writable(false);
|
|
|
|
export async function login(username: string, password: string, totp_code?: string) {
|
|
const data = await api<{ access_token: string }>('/auth/login', {
|
|
method: 'POST',
|
|
body: JSON.stringify({ username, password, totp_code: totp_code || undefined }),
|
|
});
|
|
setAccessToken(data.access_token);
|
|
await fetchUser();
|
|
}
|
|
|
|
export async function fetchUser() {
|
|
try {
|
|
const data = await api<User>('/auth/me');
|
|
user.set(data);
|
|
isAuthenticated.set(true);
|
|
} catch {
|
|
user.set(null);
|
|
isAuthenticated.set(false);
|
|
}
|
|
}
|
|
|
|
export async function logout() {
|
|
try {
|
|
await api('/auth/logout', { method: 'POST' });
|
|
} catch { /* ignore */ }
|
|
setAccessToken(null);
|
|
user.set(null);
|
|
isAuthenticated.set(false);
|
|
}
|
|
|
|
export async function tryRefresh() {
|
|
try {
|
|
const data = await api<{ access_token: string }>('/auth/refresh', {
|
|
method: 'POST',
|
|
});
|
|
setAccessToken(data.access_token);
|
|
await fetchUser();
|
|
return true;
|
|
} catch {
|
|
return false;
|
|
}
|
|
}
|