QT/InvoiceShelf
1
0
Fork 0
mirror of https://github.com/InvoiceShelf/InvoiceShelf.git synced 2026-04-15 17:24:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
74b4b2df4ee184b54a2b3c84487d7d88d78d6aab
InvoiceShelf/resources/scripts/admin/stores/auth.js
Darko Gjorgjijoski 03afb98452 Fix logout not clearing auth token and company from localStorage 
After logout, the old auth.token and selectedCompany stayed in
localStorage. On next login, the http interceptor sent the stale
token in the Authorization header, causing all API calls to fail
with 401/419 even though the new session was valid.
2026-04-03 23:49:47 +02:00

78 lines
2.3 KiB
JavaScript
Vendored
Raw Blame History

import http from '@/scripts/http'
import { defineStore } from 'pinia'
import { useNotificationStore } from '@/scripts/stores/notification'
import { handleError } from '@/scripts/helpers/error-handling'
export const useAuthStore = (useWindow = false) => {
const defineStoreFunc = useWindow ? window.pinia.defineStore : defineStore
const { global } = window.i18n
return defineStoreFunc('auth', {
state: () => ({
status: '',
loginData: {
email: '',
password: '',
remember: '',
},
}),
actions: {
login(data) {
return new Promise((resolve, reject) => {
http.get('/sanctum/csrf-cookie').then((response) => {
if (response) {
http
.post('/login', data)
.then((response) => {
resolve(response)
setTimeout(() => {
this.loginData.email = ''
this.loginData.password = ''
}, 1000)
})
.catch((err) => {
handleError(err)
reject(err)
})
}
})
})
},
logout() {
return new Promise((resolve, reject) => {
http
.post('/auth/logout')
.then(async (response) => {
const notificationStore = useNotificationStore()
notificationStore.showNotification({
type: 'success',
message: 'Logged out successfully.',
})
// Clear stored auth data so next login doesn't send stale tokens
window.Ls.remove('auth.token')
window.Ls.remove('selectedCompany')
// Refresh CSRF token so next login works cleanly
await http.get('/sanctum/csrf-cookie').catch(() => {})
window.router.push('/login')
resolve(response)
})
.catch((err) => {
handleError(err)
window.Ls.remove('auth.token')
window.Ls.remove('selectedCompany')
http.get('/sanctum/csrf-cookie').catch(() => {})
window.router.push('/login')
reject(err)
})
})
},
},
})()
}
Reference in New Issue View Git Blame Copy Permalink