13111ae007
- Add Home/Profile links to nav bar alongside Vault/Settings/Logout - Profile page: change email, display name, password - TOTP 2FA: setup with QR code, verify, disable with password - Login flow: two-step TOTP challenge when 2FA is enabled - Backend: new endpoints PUT /profile, POST /totp/setup|verify|disable - Migration: add totp_secret and totp_enabled columns to users Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
61 lines
1.4 KiB
TypeScript
61 lines
1.4 KiB
TypeScript
import { defineStore } from 'pinia'
|
|
|
|
interface User {
|
|
id: number
|
|
email: string
|
|
displayName: string | null
|
|
totpEnabled?: boolean
|
|
}
|
|
|
|
interface LoginResponse {
|
|
access_token?: string
|
|
user?: User
|
|
requires_totp?: boolean
|
|
}
|
|
|
|
export const useAuthStore = defineStore('auth', {
|
|
state: () => ({
|
|
token: localStorage.getItem('wraith_token') || '',
|
|
user: null as User | null,
|
|
}),
|
|
getters: {
|
|
isAuthenticated: (state) => !!state.token,
|
|
},
|
|
actions: {
|
|
async login(email: string, password: string, totpCode?: string): Promise<LoginResponse> {
|
|
const body: Record<string, string> = { email, password }
|
|
if (totpCode) body.totpCode = totpCode
|
|
|
|
const res = await $fetch<LoginResponse>('/api/auth/login', {
|
|
method: 'POST',
|
|
body,
|
|
})
|
|
|
|
if (res.requires_totp) {
|
|
return { requires_totp: true }
|
|
}
|
|
|
|
this.token = res.access_token!
|
|
this.user = res.user!
|
|
localStorage.setItem('wraith_token', res.access_token!)
|
|
return res
|
|
},
|
|
logout() {
|
|
this.token = ''
|
|
this.user = null
|
|
localStorage.removeItem('wraith_token')
|
|
navigateTo('/login')
|
|
},
|
|
async fetchProfile() {
|
|
if (!this.token) return
|
|
try {
|
|
this.user = await $fetch('/api/auth/profile', {
|
|
headers: { Authorization: `Bearer ${this.token}` },
|
|
})
|
|
} catch {
|
|
this.logout()
|
|
}
|
|
},
|
|
},
|
|
})
|