mirror of
https://github.com/KohakuBlueleaf/KohakuHub.git
synced 2026-04-28 18:38:17 -05:00
fix auth in org
This commit is contained in:
Kohaku-Blueleaf
@@ -479,7 +479,7 @@ const repoTypeLabel = computed(() => {
|
||||
});
|
||||
|
||||
const isOwner = computed(() => {
|
||||
return authStore.username === props.namespace;
|
||||
return authStore.canWriteToNamespace(props.namespace);
|
||||
});
|
||||
|
||||
const cloneUrl = computed(() => {
|
||||
|
||||
@@ -154,18 +154,17 @@
|
||||
</template>
|
||||
|
||||
<script setup>
|
||||
import { repoAPI, orgAPI } from "@/utils/api";
|
||||
import { repoAPI } from "@/utils/api";
|
||||
import { useAuthStore } from "@/stores/auth";
|
||||
import { ElMessage } from "element-plus";
|
||||
|
||||
const router = useRouter();
|
||||
const route = useRoute();
|
||||
const authStore = useAuthStore();
|
||||
const { username: currentUser } = storeToRefs(authStore);
|
||||
const { username: currentUser, organizations: userOrgs } = storeToRefs(authStore);
|
||||
|
||||
const formRef = ref(null);
|
||||
const creating = ref(false);
|
||||
const userOrgs = ref([]);
|
||||
|
||||
const form = reactive({
|
||||
type: route.query.type || "model",
|
||||
@@ -218,17 +217,6 @@ function getTypeDescription(type) {
|
||||
return descriptions[type] || "";
|
||||
}
|
||||
|
||||
async function loadUserOrgs() {
|
||||
if (!currentUser.value) return;
|
||||
|
||||
try {
|
||||
const { data } = await orgAPI.getUserOrgs(currentUser.value);
|
||||
userOrgs.value = data.organizations || [];
|
||||
} catch (err) {
|
||||
console.error("Failed to load organizations:", err);
|
||||
}
|
||||
}
|
||||
|
||||
async function handleSubmit() {
|
||||
if (!formRef.value) return;
|
||||
|
||||
@@ -280,8 +268,4 @@ watch(
|
||||
}
|
||||
},
|
||||
);
|
||||
|
||||
onMounted(() => {
|
||||
loadUserOrgs();
|
||||
});
|
||||
</script>
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
// src/kohaku-hub-ui/src/stores/auth.js
|
||||
import { defineStore } from "pinia";
|
||||
import { authAPI } from "@/utils/api";
|
||||
import { authAPI, settingsAPI } from "@/utils/api";
|
||||
|
||||
export const useAuthStore = defineStore("auth", {
|
||||
state: () => ({
|
||||
user: null,
|
||||
userOrganizations: [],
|
||||
token: localStorage.getItem("hf_token") || null,
|
||||
loading: false,
|
||||
initialized: false,
|
||||
@@ -13,6 +14,9 @@ export const useAuthStore = defineStore("auth", {
|
||||
getters: {
|
||||
isAuthenticated: (state) => !!state.user,
|
||||
username: (state) => state.user?.username || null,
|
||||
organizations: (state) => state.userOrganizations,
|
||||
organizationNames: (state) =>
|
||||
state.userOrganizations.map((org) => org.name),
|
||||
},
|
||||
|
||||
actions: {
|
||||
@@ -25,7 +29,7 @@ export const useAuthStore = defineStore("auth", {
|
||||
try {
|
||||
const { data } = await authAPI.login(credentials);
|
||||
// Session cookie is set automatically
|
||||
await this.fetchUser();
|
||||
await this.fetchUserInfo();
|
||||
return data;
|
||||
} finally {
|
||||
this.loading = false;
|
||||
@@ -69,6 +73,28 @@ export const useAuthStore = defineStore("auth", {
|
||||
return data;
|
||||
} catch (err) {
|
||||
this.user = null;
|
||||
this.userOrganizations = [];
|
||||
throw err;
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Fetch user info with organizations
|
||||
*/
|
||||
async fetchUserInfo() {
|
||||
try {
|
||||
const { data } = await settingsAPI.whoamiV2();
|
||||
this.user = {
|
||||
username: data.name,
|
||||
email: data.email,
|
||||
email_verified: data.emailVerified,
|
||||
id: data.id,
|
||||
};
|
||||
this.userOrganizations = data.orgs || [];
|
||||
return data;
|
||||
} catch (err) {
|
||||
this.user = null;
|
||||
this.userOrganizations = [];
|
||||
throw err;
|
||||
}
|
||||
},
|
||||
@@ -80,7 +106,7 @@ export const useAuthStore = defineStore("auth", {
|
||||
async setToken(token) {
|
||||
this.token = token;
|
||||
localStorage.setItem("hf_token", token);
|
||||
await this.fetchUser();
|
||||
await this.fetchUserInfo();
|
||||
},
|
||||
|
||||
/**
|
||||
@@ -93,13 +119,28 @@ export const useAuthStore = defineStore("auth", {
|
||||
|
||||
// Try to restore user from session cookie or token
|
||||
try {
|
||||
await this.fetchUser();
|
||||
await this.fetchUserInfo();
|
||||
} catch (err) {
|
||||
// Session expired or invalid, clear state
|
||||
this.user = null;
|
||||
this.userOrganizations = [];
|
||||
this.token = null;
|
||||
localStorage.removeItem("hf_token");
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Check if user has write access to a namespace
|
||||
* @param {string} namespace - Namespace to check
|
||||
* @returns {boolean}
|
||||
*/
|
||||
canWriteToNamespace(namespace) {
|
||||
if (!this.isAuthenticated) return false;
|
||||
// Check if it's user's own namespace or an organization they belong to
|
||||
return (
|
||||
this.username === namespace ||
|
||||
this.organizationNames.includes(namespace)
|
||||
);
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user