85 lines
2.2 KiB
JavaScript
85 lines
2.2 KiB
JavaScript
import axios from 'axios';
|
|
|
|
// Einheitliche Basis-URL:
|
|
// - immer relativ zur aktuellen Origin
|
|
// - kein absoluter http/https-Host → verhindert Mixed-Content-Probleme
|
|
axios.defaults.baseURL = '/api';
|
|
console.log('Axios baseURL:', axios.defaults.baseURL);
|
|
|
|
function clearStoredLogin() {
|
|
localStorage.removeItem('isLoggedIn');
|
|
localStorage.removeItem('user');
|
|
localStorage.removeItem('token');
|
|
delete axios.defaults.headers.common.Authorization;
|
|
}
|
|
|
|
function getTokenPayload(token) {
|
|
try {
|
|
const payload = token.split('.')[1];
|
|
const normalized = payload.replace(/-/g, '+').replace(/_/g, '/');
|
|
const padded = normalized.padEnd(normalized.length + (4 - normalized.length % 4) % 4, '=');
|
|
return JSON.parse(atob(padded));
|
|
} catch (error) {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function isTokenUsable(token) {
|
|
if (!token || token === 'undefined' || token === 'null') {
|
|
return false;
|
|
}
|
|
const payload = getTokenPayload(token);
|
|
if (!payload || !payload.exp) {
|
|
return true;
|
|
}
|
|
return payload.exp * 1000 > Date.now();
|
|
}
|
|
|
|
axios.interceptors.request.use(
|
|
config => {
|
|
const token = localStorage.getItem('token');
|
|
config.headers = config.headers || {};
|
|
if (token) {
|
|
if (isTokenUsable(token)) {
|
|
config.headers.Authorization = `Bearer ${token}`;
|
|
} else {
|
|
clearStoredLogin();
|
|
delete config.headers.Authorization;
|
|
}
|
|
}
|
|
return config;
|
|
},
|
|
error => {
|
|
return Promise.reject(error);
|
|
}
|
|
);
|
|
|
|
axios.interceptors.response.use(
|
|
response => {
|
|
return response;
|
|
},
|
|
error => {
|
|
const requestUrl = error.config?.url || '';
|
|
const isLoginRequest = requestUrl.includes('/auth/login');
|
|
const isLogoutRequest = requestUrl.includes('/auth/logout');
|
|
const hasStoredToken = isTokenUsable(localStorage.getItem('token'));
|
|
const hadAuthHeader = !!error.config?.headers?.Authorization;
|
|
|
|
if (
|
|
error.response &&
|
|
error.response.status === 401 &&
|
|
!isLoginRequest &&
|
|
!isLogoutRequest &&
|
|
(hasStoredToken || hadAuthHeader)
|
|
) {
|
|
clearStoredLogin();
|
|
if (window.location.pathname !== '/auth/login') {
|
|
window.location.replace('/auth/login');
|
|
}
|
|
}
|
|
return Promise.reject(error);
|
|
}
|
|
);
|
|
|
|
export default axios;
|