groombook-paperclip[bot]
3388895912
* Add dev/demo login selector for quick user switching When AUTH_DISABLED=true, the app now shows a login selector page that lists staff members and clients from the database. Selecting a user sets a localStorage-based session and sends X-Dev-User-Id header on all API requests. A persistent bottom bar shows the active persona with a "Switch user" link. - API: /api/dev/config (public) and /api/dev/users (auth-disabled only) - API: auth middleware reads X-Dev-User-Id header when auth is disabled - Frontend: DevLoginSelector page, DevSessionIndicator bar - Frontend: fetch interceptor injects X-Dev-User-Id on /api/* calls - Tests: 7 passing (5 nav + 2 dev login) Closes #60 Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix(e2e): seed dev user in localStorage to prevent login redirect E2E tests were failing because the dev login selector redirects to /login when AUTH_DISABLED=true and no dev user is in localStorage. Added a shared Playwright fixture that pre-seeds localStorage with a default dev user before each test. Also rebased onto latest main to resolve merge conflict in App.test.tsx. Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix(e2e): mock /api/dev/config to bypass auth redirect in tests The fixture now also mocks /api/dev/config to return authDisabled: false, preventing the app from entering the redirect flow during E2E tests. Previously only seeded localStorage, but the async config fetch from the real Docker API was still triggering the redirect check. Co-Authored-By: Paperclip <noreply@paperclip.ing> --------- Co-authored-by: Groom Book CTO <cto@groombook.app> Co-authored-by: Paperclip <noreply@paperclip.ing>
29 lines
952 B
TypeScript
29 lines
952 B
TypeScript
import { getDevUser } from "../pages/DevLoginSelector.js";
|
|
|
|
const originalFetch = window.fetch;
|
|
|
|
/**
|
|
* Patches global fetch to include X-Dev-User-Id header on API requests
|
|
* when a dev user is selected via the login selector.
|
|
*
|
|
* Intentionally mutates window.fetch — this is dev-only (AUTH_DISABLED=true).
|
|
*/
|
|
export function installDevFetchInterceptor() {
|
|
window.fetch = function (input: RequestInfo | URL, init?: RequestInit) {
|
|
const user = getDevUser();
|
|
if (!user) return originalFetch(input, init);
|
|
|
|
const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : (input as Request).url;
|
|
|
|
// Only inject header for API calls
|
|
if (!url.startsWith("/api/")) return originalFetch(input, init);
|
|
|
|
const headers = new Headers(init?.headers);
|
|
if (!headers.has("X-Dev-User-Id")) {
|
|
headers.set("X-Dev-User-Id", user.id);
|
|
}
|
|
|
|
return originalFetch(input, { ...init, headers });
|
|
};
|
|
}
|