feat(auth): separate auth and blog API clients and integrate author auto-creation

## Summary Refactored the authentication flow to correctly separate traffic between the Auth service and Blog service. Added post-registration author creation and switched all `/auth/*` calls to the dedicated `auth` Axios client. ## Changes ### AuthProvider - Replaced `api.post('/auth/register')` with `auth.post('/register')` - Replaced `api.post('/auth/login')` with `auth.post('/login')` - Added automatic author creation after user registration (`POST /authors`) - Switched user identity lookup from `api.get('/auth/me')` to `auth.get('/me')` - Replaced `/authors/{id}` lookup with `/authors/me` - Updated imports to use `{ api, auth }` ### Axios Client Layer - Introduced a new `auth` Axios instance using `VITE_AUTH_BASE_URL` - Added shared token attachment and 401 handling logic - Applied interceptors to both `auth` and `api` clients - Removed inline auth logic from `api.ts` ### Types - Added `VITE_AUTH_BASE_URL` to `vite-env.d.ts` ## Impact - Correctly routes authentication traffic to the Auth microservice - Ensures an Author document is created automatically after registration - Simplifies identity loading via `/authors/me` - Improves token handling consistency across both services
2025-12-11 21:00:13 +05:30
parent a7987ab922
commit c23145f338
3 changed files with 53 additions and 25 deletions
--- a/src/blog/providers/Author.tsx
+++ b/src/blog/providers/Author.tsx
@@ -1,5 +1,5 @@
 import React, { createContext, useState, useEffect, useContext } from 'react';
-import { api } from '../utils/api';
+import { api, auth } from '../utils/api';
 import { AuthorModel } from '../types/models';
 import { AuthContextModel } from '../types/contexts';
@@ -18,7 +18,14 @@ export const AuthProvider: React.FC<{ children: React.ReactNode }> = ({ children
      setLoading(true);
      setError(null);
-      const res = await api.post('/auth/register', { username, password });
+      const res = await auth.post('/register', { username, password });
      // auto-login
      // await login(username, password);
      // now create author
      await api.post('/authors', { name: null, avatar: null });
      return res.data;
    } catch (err: any) {
      console.error('Registration failed:', err);
@@ -34,7 +41,7 @@ export const AuthProvider: React.FC<{ children: React.ReactNode }> = ({ children
      setLoading(true);
      setError(null);
-      const res = await api.post('/auth/login', { username, password });
+      const res = await auth.post('/login', { username, password });
      const { access_token, user } = res.data;
      if (access_token) {
@@ -99,9 +106,9 @@ export const AuthProvider: React.FC<{ children: React.ReactNode }> = ({ children
  const fetchCurrentUser = async () => {
    if (!token) return;
    try {
-      const me = await api.get<{ _id: string; username: string; email: string }>('/auth/me');
+      const me = await auth.get('/me');
-      const author = await api.get<AuthorModel>(`/authors/${me.data._id}`);
+      const author = await api.get<AuthorModel>(`/authors/me`);
      const fullUser = { ...me.data, ...author.data };
--- a/src/blog/utils/api.ts
+++ b/src/blog/utils/api.ts
@@ -1,8 +1,42 @@
 // src/utils/api.ts
 import axios from 'axios';
 const AUTH_BASE = import.meta.env.VITE_AUTH_BASE_URL;
 const API_BASE = import.meta.env.VITE_API_BASE_URL;
 //------------------------------------------------------
 // COMMON TOKEN ATTACHMENT LOGIC
 //------------------------------------------------------
 const attachToken = (config: any) => {
  const token = localStorage.getItem('token');
  if (token) {
    config.headers.Authorization = `Bearer ${token}`;
  }
  return config;
 };
 const handleAuthError = (error: any) => {
  if (error.response?.status === 401) {
    console.warn('Token expired or invalid. Logging out...');
    localStorage.removeItem('token');
    // Optional: eventBus, redirect, logout callback
  }
  return Promise.reject(error);
 };
 //------------------------------------------------------
 // AUTH SERVICE CLIENT
 //------------------------------------------------------
 export const auth = axios.create({
  baseURL: AUTH_BASE,
  headers: {
    'Content-Type': 'application/json',
  },
 });
 //------------------------------------------------------
 // BLOG SERVICE CLIENT
 //------------------------------------------------------
 export const api = axios.create({
  baseURL: API_BASE,
  headers: {
@@ -10,24 +44,10 @@ export const api = axios.create({
  },
 });
-// 🔹 Attach token from localStorage before each request
+// Attach token + 401 handling
-api.interceptors.request.use((config) => {
+api.interceptors.request.use(attachToken);
-  const token = localStorage.getItem('token');
+api.interceptors.response.use((res) => res, handleAuthError);
  if (token) {
    config.headers.Authorization = `Bearer ${token}`;
  }
  return config;
 });
-// 🔹 Handle expired or invalid tokens globally
+// Auth service ALSO needs token for /me, /logout, /introspect
-api.interceptors.response.use(
+auth.interceptors.request.use(attachToken);
-  (response) => response,
+auth.interceptors.response.use((res) => res, handleAuthError);
  (error) => {
    if (error.response?.status === 401) {
      console.warn('Token expired or invalid. Logging out...');
      localStorage.removeItem('token');
      // Optionally: trigger a redirect or event
    }
    return Promise.reject(error);
  }
 );
--- a/src/vite-env.d.ts
+++ b/src/vite-env.d.ts
@@ -2,6 +2,7 @@
 interface ImportMetaEnv {
  readonly VITE_API_BASE_URL: string;
  readonly VITE_AUTH_BASE_URL: string;
 }
 interface ImportMeta {