JWT, server modüler hale getirildi, Torrent durumu kalıcı hale getirildi.

2025-11-29 01:42:43 +03:00
parent f4c9d4ca41
commit 08b25b418e
13 changed files with 759 additions and 285 deletions
--- a/client/src/utils/api.js
+++ b/client/src/utils/api.js
@@ -1,22 +1,72 @@
 const apiBase = import.meta.env.VITE_API;
 export const API = apiBase || window.location.origin;

+const ACCESS_TOKEN_KEY = "accessToken";
+const REFRESH_TOKEN_KEY = "refreshToken";
+
+export function getAccessToken() {
+  return localStorage.getItem(ACCESS_TOKEN_KEY);
+}
+
+export function getRefreshToken() {
+  return localStorage.getItem(REFRESH_TOKEN_KEY);
+}
+
+export function persistTokens({ accessToken, refreshToken }) {
+  if (accessToken) localStorage.setItem(ACCESS_TOKEN_KEY, accessToken);
+  if (refreshToken) localStorage.setItem(REFRESH_TOKEN_KEY, refreshToken);
+}
+
+export function clearTokens() {
+  localStorage.removeItem(ACCESS_TOKEN_KEY);
+  localStorage.removeItem(REFRESH_TOKEN_KEY);
+  localStorage.removeItem("token");
+}
+
+export function withToken(url) {
+  const token = getAccessToken();
+  if (!token) return url;
+  const separator = url.includes("?") ? "&" : "?";
+  return `${url}${separator}token=${token}`;
+}
+
 // 🔐 Ortak kimlik doğrulama başlığı (token varsa ekler)
 export function authHeaders() {
-  const token = localStorage.getItem("token");
+  const token = getAccessToken();
  return token ? { Authorization: `Bearer ${token}` } : {};
 }

-// 🔧 Yardımcı fetch (otomatik token ekler, hata durumunda logout)
-export async function apiFetch(path, options = {}) {
+async function refreshAccessToken() {
+  const refreshToken = getRefreshToken();
+  if (!refreshToken) return null;
+  const res = await fetch(`${API}/api/token/refresh`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ refreshToken })
+  });
+  if (!res.ok) return null;
+  const { accessToken } = await res.json();
+  if (accessToken) {
+    persistTokens({ accessToken });
+  }
+  return accessToken || null;
+}
+
+// 🔧 Yardımcı fetch (otomatik token ekler, 401'de refresh dener)
+export async function apiFetch(path, options = {}, retry = true) {
  const headers = { ...(options.headers || {}), ...authHeaders() };
  const res = await fetch(`${API}${path}`, { ...options, headers });

-  // Token süresi dolmuşsa veya yanlışsa kullanıcıyı çıkışa yönlendir
-  if (res.status === 401) {
-    localStorage.removeItem("token");
+  if (res.status === 401 && retry) {
+    const refreshed = await refreshAccessToken();
+    if (refreshed) {
+      const retryHeaders = { ...(options.headers || {}), ...authHeaders() };
+      return fetch(`${API}${path}`, { ...options, headers: retryHeaders });
+    }
+    clearTokens();
    window.location.reload();
  }
+
  return res;
 }