mirror of
https://github.com/Dvorinka/MyClubServer.git
synced 2026-06-04 02:32:57 +00:00
Tomáš Dvořák
87 lines
3.0 KiB
TypeScript
87 lines
3.0 KiB
TypeScript
import axios, { AxiosInstance, AxiosResponse, InternalAxiosRequestConfig } from 'axios';
|
|
import { getToken } from '../utils/auth';
|
|
|
|
// Resolve API URL. Some code uses REACT_APP_API_URL (full api path including /api/v1),
|
|
// others set REACT_APP_API_BASE_URL (backend origin). Normalize so baseURL always points to API root.
|
|
const envApiUrl = process.env.REACT_APP_API_URL || process.env.REACT_APP_API_BASE_URL;
|
|
let API_URL = envApiUrl || 'http://localhost:8080/api/v1';
|
|
|
|
// If the provided base looks like a backend origin (no /api/), append /api/v1
|
|
try {
|
|
const maybe = new URL(API_URL);
|
|
if (!/\/api\//.test(maybe.pathname)) {
|
|
// ensure single trailing slash then append api/v1
|
|
maybe.pathname = maybe.pathname.replace(/\/$/, '') + '/api/v1';
|
|
API_URL = maybe.toString();
|
|
}
|
|
} catch {
|
|
// If URL parsing fails, keep API_URL as-is
|
|
}
|
|
|
|
export const api: AxiosInstance = axios.create({
|
|
baseURL: API_URL,
|
|
headers: {
|
|
// If admin token provided at build time, include it only in non-production env
|
|
...((process.env.NODE_ENV !== 'production' && process.env.REACT_APP_ADMIN_TOKEN)
|
|
? { 'X-Admin-Token': process.env.REACT_APP_ADMIN_TOKEN }
|
|
: {}),
|
|
// Dev bypass header to allow protected calls in non-production (middleware DevBypass)
|
|
...((process.env.NODE_ENV !== 'production') ? { 'X-Dev-Admin': 'true' } : {}),
|
|
},
|
|
// Send cookies for same-site or allowed CORS origins
|
|
withCredentials: true,
|
|
// Prevent infinite loading spinners if backend is down or unreachable
|
|
timeout: 20000, // 20 seconds to better tolerate slower endpoints
|
|
});
|
|
|
|
// Request interceptor - attach bearer token when available
|
|
api.interceptors.request.use(
|
|
(config: InternalAxiosRequestConfig) => {
|
|
const token = getToken();
|
|
if (token) {
|
|
config.headers = config.headers || {};
|
|
(config.headers as any).Authorization = `Bearer ${token}`;
|
|
}
|
|
return config;
|
|
},
|
|
(error) => {
|
|
return Promise.reject(error);
|
|
}
|
|
);
|
|
|
|
// Response interceptor
|
|
api.interceptors.response.use(
|
|
(response: AxiosResponse) => response,
|
|
(error) => {
|
|
if (error.response?.status === 401) {
|
|
// Avoid redirect loop on the login call itself
|
|
const reqUrl: string = error.config?.url || '';
|
|
const isLoginEndpoint = reqUrl.endsWith('/auth/login') || reqUrl.includes('/auth/login');
|
|
// Do not force redirect for public endpoints like file uploads; let the caller handle it.
|
|
const isUploadEndpoint = reqUrl.endsWith('/upload') || reqUrl.includes('/upload');
|
|
if (!isLoginEndpoint) {
|
|
// Redirect to login unless already there and not an exempt endpoint
|
|
if (!isUploadEndpoint) {
|
|
if (window.location.pathname !== '/login') {
|
|
window.location.href = '/login';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return Promise.reject(error);
|
|
}
|
|
);
|
|
|
|
// Upload image helper
|
|
export const uploadImage = async (formData: FormData): Promise<{ url: string }> => {
|
|
const res = await api.post('/upload', formData, {
|
|
headers: {
|
|
'Content-Type': 'multipart/form-data',
|
|
},
|
|
});
|
|
return res.data;
|
|
};
|
|
|
|
export { API_URL };
|
|
export default api;
|