@wishbone-media/spark 0.9.1 → 0.10.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wishbone-media/spark",
-  "version": "0.9.1",
+  "version": "0.10.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",

package/src/plugins/axios.js

@@ -0,0 +1,86 @@
+import axios from 'axios'
+import { useSparkAuthStore } from '../stores/auth.js'
+
+/**
+ * Create a configured axios instance with auth interceptors
+ * @param {Object} config - Axios configuration options
+ * @param {string} config.baseURL - Base URL for API requests
+ * @param {number} config.timeout - Request timeout in milliseconds
+ * @param {Object} config.headers - Default headers
+ * @returns {AxiosInstance} Configured axios instance
+ */
+export function createAxiosInstance(config = {}) {
+  const instance = axios.create({
+    baseURL: config.baseURL || '',
+    timeout: config.timeout || 30000,
+    headers: {
+      'Content-Type': 'application/json',
+      ...config.headers,
+    },
+  })
+
+  // Request interceptor - automatically add auth token from Pinia store
+  instance.interceptors.request.use(
+    (requestConfig) => {
+      try {
+        const authStore = useSparkAuthStore()
+        // Override token always wins if present
+        if (authStore.state.overrideToken) {
+          requestConfig.headers.Authorization = `Bearer ${authStore.state.overrideToken}`
+        } else if (authStore.state.token) {
+          // Otherwise use normal token from cookie
+          requestConfig.headers.Authorization = `Bearer ${authStore.state.token}`
+        }
+      } catch (error) {
+        // Auth store not initialized yet, skip adding token
+        // This can happen during app initialization
+      }
+      return requestConfig
+    },
+    (error) => {
+      return Promise.reject(error)
+    },
+  )
+
+  // Response interceptor - handle 401 errors (unauthorized)
+  instance.interceptors.response.use(
+    (response) => response,
+    async (error) => {
+      // Auto-logout on 401 Unauthorized responses
+      if (error.response?.status === 401) {
+        try {
+          const authStore = useSparkAuthStore()
+          // Clear auth state
+          await authStore.logout()
+          // Redirect to login page
+          window.location.href = authStore.state.routes.auth
+        } catch (logoutError) {
+          // If logout fails, still redirect to login
+          console.error('Error during auto-logout:', logoutError)
+          window.location.href = '/login'
+        }
+      }
+      return Promise.reject(error)
+    },
+  )
+
+  return instance
+}
+
+/**
+ * Setup axios for a Vue app with global availability
+ * @param {App} app - Vue app instance
+ * @param {Object} config - Axios configuration options
+ * @returns {AxiosInstance} Configured axios instance
+ */
+export function setupAxios(app, config = {}) {
+  const axiosInstance = createAxiosInstance(config)
+
+  // Make axios available via injection (Composition API)
+  app.provide('axios', axiosInstance)
+
+  // Also make available via global properties (Options API compatibility)
+  app.config.globalProperties.$axios = axiosInstance
+
+  return axiosInstance
+}

package/src/plugins/index.js

@@ -1,2 +1,3 @@
 export { Icons, addIcons, setupFontAwesome } from './fontawesome.js'
-export { createAuthRoutes, setupAuthGuards } from './router.js'
+export { createAuthRoutes, setupAuthGuards } from './router.js'
+export { createAxiosInstance, setupAxios } from './axios.js'

package/src/plugins/router.js

@@ -68,6 +68,12 @@ function processNavigation(to, next, authStore, defaultAuthenticatedRoute) {
   const requiresAuth = to.meta.auth !== false
   const isAuthenticated = authStore.check
 
+  // Block logout route if using override token
+  if (authStore.state.overrideToken && to.path === '/logout') {
+    next({ path: defaultAuthenticatedRoute })
+    return
+  }
+
   // Handle unauthenticated users
   if (!isAuthenticated) {
     // Allow access to public routes (login, forgot-password, etc.)

package/src/stores/auth.js

@@ -3,13 +3,15 @@ import { reactive, computed } from 'vue'
 import axios from 'axios'
 import { getCookie, setCookie, deleteCookie } from '../utils/cookies.js'
 
-const TOKEN_NAME = 'bolt-token'
+const TOKEN_NAME = 'bolt-next-token'
 
 export const useSparkAuthStore = defineStore('auth', () => {
   const state = reactive({
     user: null,
     token: null,
     ready: false,
+    // Dev JWT override token (bypasses normal auth flow)
+    overrideToken: null,
     // Configurable endpoints
     endpoints: {
       login: '/login',
@@ -52,6 +54,9 @@ export const useSparkAuthStore = defineStore('auth', () => {
     if (config.callbacks) {
       Object.assign(state.callbacks, config.callbacks)
     }
+    if (config.overrideToken) {
+      state.overrideToken = config.overrideToken
+    }
   }
 
   // JWT Cookie Management
@@ -116,7 +121,9 @@ export const useSparkAuthStore = defineStore('auth', () => {
   }
 
   const fetchUser = async () => {
-    const token = getTokenCookie()
+    // Use override token if present, otherwise use cookie token
+    const token = state.overrideToken || getTokenCookie()
+
     if (!token) {
       state.ready = true
       return null
@@ -130,15 +137,28 @@ export const useSparkAuthStore = defineStore('auth', () => {
       })
 
       state.user = data
-      state.token = token
+      // Only set token in state if not using override (don't write override to state.token)
+      if (!state.overrideToken) {
+        state.token = token
+      }
     } catch (error) {
-      clearTokenCookie()
+      // Only clear cookie if not using override token
+      if (!state.overrideToken) {
+        clearTokenCookie()
+      }
     } finally {
       state.ready = true
     }
   }
 
-  const check = computed(() => !!state.token && !!state.user)
+  const check = computed(() => {
+    // If override token exists, check is always true (user will be fetched)
+    if (state.overrideToken) {
+      return true
+    }
+    // Otherwise check normal token and user
+    return !!state.token && !!state.user
+  })
 
   return {
     state,

package/src/utils/cookies.js

@@ -38,14 +38,28 @@ export const deleteCookie = (name, options = {}) => {
 }
 
 export const getDomain = () => {
-  // For PRODUCTION: returns .letsbolt.com.au
-  // For STAGING: returns .ENV.letsbolt.io
-  // For DEV: returns .letsbolt.test
-  let reserveSlices = -3
+  const hostname = window.location.hostname
 
-  if (window.location.hostname.endsWith('.test')) {
-    reserveSlices = -2
+  // Case 1: Pure localhost (localhost:5173)
+  if (hostname === 'localhost') {
+    return 'localhost'
   }
 
-  return window.location.hostname.split('.').slice(reserveSlices).join('.')
+  // Case 2: .test domain (web.bolt.test, dash.bolt.test:8080) -> .bolt.test
+  if (hostname.endsWith('.test')) {
+    return '.' + hostname.split('.').slice(-2).join('.')
+  }
+
+  // Case 3: Staging .io domain (alpha.letsbolt.io, buzz.letsbolt.io) -> .letsbolt.io
+  if (hostname.endsWith('.io')) {
+    return '.' + hostname.split('.').slice(-2).join('.')
+  }
+
+  // Case 4: Production .com.au domain (letsbolt.com.au, buzz.letsbolt.com.au) -> .letsbolt.com.au
+  if (hostname.endsWith('.com.au')) {
+    return '.' + hostname.split('.').slice(-3).join('.')
+  }
+
+  // Fallback: return hostname as-is
+  return hostname
 }