Files
MixedAssets/src/services/api.js
2026-06-05 04:15:24 -05:00

41 lines
1.3 KiB
JavaScript

export async function apiRequest(path, token, options = {}) {
const response = await fetch(path, {
...options,
headers: {
...(options.body instanceof FormData ? {} : { 'Content-Type': 'application/json' }),
...(token ? { Authorization: `Bearer ${token}` } : {}),
...(options.headers || {})
}
});
if (!response.ok) {
const body = await response.json().catch(() => ({}));
// An invalid/expired token (401) means the session is no longer valid — signal the
// app to drop back to the login screen. (403 is a role/permission denial, not a session issue.)
if (response.status === 401) {
window.dispatchEvent(new CustomEvent('mixedassets:unauthorized'));
}
throw new Error(body.error || `Request failed: ${response.status}`);
}
return response;
}
export async function loginRequest(credentials) {
const response = await fetch('/api/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(credentials)
});
const data = await response.json();
if (!response.ok) throw new Error(data.error || 'Unable to sign in');
return data;
}
export function saveBlob(blob, filename) {
const url = URL.createObjectURL(blob);
const link = document.createElement('a');
link.href = url;
link.download = filename;
link.click();
URL.revokeObjectURL(url);
}