g/ember-market-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add shipping dialog with tracking number to order page

Browse Source 
Introduces a shipping dialog to the order details page, allowing users to optionally enter a tracking number when marking an order as shipped. Updates API client logic to better handle HTTP-only authentication cookies. Improves broadcast dialog validation and message handling.
This commit is contained in:
NotII
2025-09-22 00:45:29 +01:00
parent 8554481282
commit 74b7aa4877
6 changed files with 121 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
lib/api-client.ts
View File

@@ -151,14 +151,32 @@ function normalizeApiUrl(url: string): string {
/**
* Get the authentication token from cookies or localStorage
* Note: HTTP-only cookies cannot be read by JavaScript, so we return null
* and rely on the browser to automatically include them in requests
*/
export function getAuthToken(): string | null {
if (typeof document === 'undefined') return null; // Guard for SSR
return document.cookie
// Try localStorage first (for non-HTTP-only tokens)
const localToken = localStorage.getItem('Authorization');
if (localToken) {
return localToken;
}
// For HTTP-only cookies, we can't read them from JavaScript
// The browser will automatically include them in requests
// Check if the cookie exists (we can't read its value)
const hasAuthCookie = document.cookie
.split('; ')
.find(row => row.startsWith('Authorization='))
?.split('=')[1] || localStorage.getItem('Authorization');
.some(row => row.startsWith('Authorization='));
if (hasAuthCookie) {
// Return a special marker to indicate the cookie exists
// The actual token will be sent automatically by the browser
return 'HTTP_ONLY_COOKIE';
}
return null;
}
/**
@@ -188,9 +206,11 @@ function createApiHeaders(token?: string | null, customHeaders: Record<string, s
});
const authToken = token || getAuthToken();
if (authToken) {
if (authToken && authToken !== 'HTTP_ONLY_COOKIE') {
// Only add Authorization header for non-HTTP-only tokens
headers.set('authorization', `Bearer ${authToken}`);
}
// For HTTP_ONLY_COOKIE, the browser will automatically include the cookie
return headers;
}
@@ -273,10 +293,11 @@ export async function fetchClient<T>(
...(headers as Record<string, string>),
};
if (authToken) {
if (authToken && authToken !== 'HTTP_ONLY_COOKIE') {
// Backend expects "Bearer TOKEN" format
requestHeaders['Authorization'] = `Bearer ${authToken}`;
}
// For HTTP_ONLY_COOKIE, the browser will automatically include the cookie
const fetchOptions: RequestInit = {
method,