mirror of
https://github.com/multica-ai/multica.git
synced 2026-07-19 16:20:38 +02:00
The two prior MUL-3254 fixes preserved draft/description state across a modal close, but Desktop still could not RENDER the reopened image: in CloudFront signed-URL mode every URL the renderer holds after reopen is unloadable. The persisted record strips the expired signed download_url, the raw CDN url is unsigned (403 on a signed distribution), and the durable /api/attachments/<id>/download endpoint needs credentials that a cross-site file:// <img> fetch cannot carry (web works via the same-site session cookie, which is why the bug was desktop-only). Two changes close the last mile: - /api/config now reports cdn_signed when CloudFront signing is enabled, and pickInlineMediaURL stops picking the raw (unsigned) CDN url in that mode — it is a guaranteed 403. - The Attachment renderer upgrades an auth-gated media URL to a freshly signed one via authenticated GET /api/attachments/<id> (the same re-sign the click-time download path already does), but only on clients without a same-origin /api proxy (api.getBaseUrl() non-empty: Desktop, mobile webview). Cached via TanStack Query with a 20-minute staleTime, inside the server's 30-minute signed-URL TTL. Old servers omit cdn_signed; the schema defaults it to false so behavior is unchanged there. Non-CloudFront deployments return the API path again from the metadata fetch and the renderer keeps the original URL. Co-authored-by: J <j@multica.ai> Co-authored-by: multica-agent <github@multica.ai>
144 lines
4.5 KiB
TypeScript
144 lines
4.5 KiB
TypeScript
"use client";
|
|
|
|
import { useEffect, type ReactNode } from "react";
|
|
import { useQueryClient } from "@tanstack/react-query";
|
|
import { getApi } from "../api";
|
|
import { useAuthStore } from "../auth";
|
|
import {
|
|
captureSignupSource,
|
|
identify as identifyAnalytics,
|
|
initAnalytics,
|
|
resetAnalytics,
|
|
} from "../analytics";
|
|
import { configStore } from "../config";
|
|
import { workspaceKeys } from "../workspace/queries";
|
|
import { createLogger } from "../logger";
|
|
import { defaultStorage } from "./storage";
|
|
import { setCurrentWorkspace } from "./workspace-storage";
|
|
import type { ClientIdentity } from "./types";
|
|
import type { StorageAdapter } from "../types/storage";
|
|
import type { User } from "../types";
|
|
|
|
const logger = createLogger("auth");
|
|
|
|
export function AuthInitializer({
|
|
children,
|
|
onLogin,
|
|
onLogout,
|
|
storage = defaultStorage,
|
|
cookieAuth,
|
|
identity,
|
|
}: {
|
|
children: ReactNode;
|
|
onLogin?: () => void;
|
|
onLogout?: () => void;
|
|
storage?: StorageAdapter;
|
|
cookieAuth?: boolean;
|
|
identity?: ClientIdentity;
|
|
}) {
|
|
const qc = useQueryClient();
|
|
|
|
useEffect(() => {
|
|
const api = getApi();
|
|
|
|
// Stamp attribution before anything else — the signup event (server-side)
|
|
// reads this cookie, so it has to be present before the user hits submit.
|
|
captureSignupSource();
|
|
|
|
// Fetch app config (CDN domain, PostHog key, …) in the background — non-blocking.
|
|
api
|
|
.getConfig()
|
|
.then((cfg) => {
|
|
if (cfg.cdn_domain) {
|
|
configStore.getState().setCdnConfig({
|
|
cdnDomain: cfg.cdn_domain,
|
|
// Old servers omit this — false keeps the previous behavior.
|
|
cdnSigned: cfg.cdn_signed === true,
|
|
});
|
|
}
|
|
configStore.getState().setAuthConfig({
|
|
allowSignup: cfg.allow_signup,
|
|
googleClientId: cfg.google_client_id,
|
|
// Old servers omit this field — treat that as "creation allowed"
|
|
// (the managed-cloud default) rather than blocking the UI.
|
|
workspaceCreationDisabled: cfg.workspace_creation_disabled === true,
|
|
});
|
|
configStore.getState().setDaemonConfig({
|
|
daemonServerUrl: cfg.daemon_server_url,
|
|
daemonAppUrl: cfg.daemon_app_url,
|
|
});
|
|
if (cfg.posthog_key) {
|
|
initAnalytics({
|
|
key: cfg.posthog_key,
|
|
host: cfg.posthog_host || "",
|
|
appVersion: identity?.version,
|
|
environment: cfg.analytics_environment,
|
|
});
|
|
}
|
|
})
|
|
.catch(() => {
|
|
/* config is optional — legacy file card matching degrades gracefully */
|
|
});
|
|
|
|
const onAuthSuccess = (user: User) => {
|
|
onLogin?.();
|
|
useAuthStore.setState({ user, isLoading: false });
|
|
identifyAnalytics(user.id, { email: user.email, name: user.name });
|
|
};
|
|
|
|
const onAuthFailure = () => {
|
|
onLogout?.();
|
|
resetAnalytics();
|
|
useAuthStore.setState({ user: null, isLoading: false });
|
|
};
|
|
|
|
if (cookieAuth) {
|
|
// Cookie mode: the HttpOnly cookie is sent automatically by the browser.
|
|
// Call the API to check if the session is still valid.
|
|
//
|
|
// Seed the workspace list into React Query so the URL-driven layout can
|
|
// resolve the slug without a second fetch. The active workspace itself
|
|
// is derived from the URL by [workspaceSlug]/layout.tsx — no imperative
|
|
// selection here.
|
|
Promise.all([api.getMe(), api.listWorkspaces()])
|
|
.then(([user, wsList]) => {
|
|
onAuthSuccess(user);
|
|
qc.setQueryData(workspaceKeys.list(), wsList);
|
|
})
|
|
.catch((err) => {
|
|
logger.error("cookie auth init failed", err);
|
|
onAuthFailure();
|
|
});
|
|
return;
|
|
}
|
|
|
|
// Token mode: read from localStorage (Electron / legacy).
|
|
const token = storage.getItem("multica_token");
|
|
if (!token) {
|
|
onLogout?.();
|
|
useAuthStore.setState({ isLoading: false });
|
|
return;
|
|
}
|
|
|
|
api.setToken(token);
|
|
|
|
Promise.all([api.getMe(), api.listWorkspaces()])
|
|
.then(([user, wsList]) => {
|
|
onAuthSuccess(user);
|
|
// Seed React Query cache so the URL-driven layout can resolve the
|
|
// slug without a second fetch.
|
|
qc.setQueryData(workspaceKeys.list(), wsList);
|
|
})
|
|
.catch((err) => {
|
|
logger.error("auth init failed", err);
|
|
api.setToken(null);
|
|
setCurrentWorkspace(null, null);
|
|
storage.removeItem("multica_token");
|
|
onAuthFailure();
|
|
});
|
|
// eslint-disable-next-line react-hooks/exhaustive-deps
|
|
}, []);
|
|
|
|
return <>{children}</>;
|
|
}
|