Skip to content

refactor: migrate frontend auth to cookie refresh contract#22

Merged
Priveetee merged 3 commits into
mainfrom
dev
Apr 17, 2026
Merged

refactor: migrate frontend auth to cookie refresh contract#22
Priveetee merged 3 commits into
mainfrom
dev

Conversation

@Priveetee

Copy link
Copy Markdown
Collaborator

Summary

  • migrate frontend auth parsing and session hydration to the new backend contract that returns accessToken, and refresh sessions through cookie-based /auth/refresh without sending legacy body tokens.
  • ensure authenticated API calls can recover from missing in-memory tokens by attempting refresh first, then fail signed-out if refresh is not possible.
  • route sign-out and recommendation tracking through the refreshed auth path so logout clears server refresh cookie state and tracker calls remain authenticated after reloads.

Included Commits

  • 13e7b75 fix: route logout and tracker calls through refreshed auth
  • 1d4a6c6 refactor: align auth session flow with cookie refresh contract

Validation

  • bun run check
  • bun run sherif
  • bun run knip
  • bun run build
  • local runtime smoke: register -> refresh(cookie) -> me -> logout -> refresh 401

@Priveetee
Priveetee merged commit 0b087c6 into main Apr 17, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant