Add auth token handling to frontend API calls #14

New Issue

libretech · 2026-02-25T16:05:14+01:00

libretech commented

2026-02-25 16:05:14 +01:00

Summary

Modify all frontend API calls to include JWT auth tokens and handle authentication errors gracefully.

Implementation Tasks

Store JWT token after successful magic link authentication
Add Authorization header to all API requests
Handle 401 responses (redirect to login)
Handle token expiration (refresh or re-authenticate)
Clear token on logout

Security Considerations

Store token in memory or httpOnly cookie (not localStorage for XSS protection)
Clear token on tab close if using memory storage
Handle CORS correctly for API requests

Acceptance Criteria

All API calls include valid auth token
401 responses trigger re-authentication flow
Token is stored securely
Logout clears authentication state

## Summary Modify all frontend API calls to include JWT auth tokens and handle authentication errors gracefully. ## Implementation Tasks - [ ] Store JWT token after successful magic link authentication - [ ] Add Authorization header to all API requests - [ ] Handle 401 responses (redirect to login) - [ ] Handle token expiration (refresh or re-authenticate) - [ ] Clear token on logout ## Security Considerations - Store token in memory or httpOnly cookie (not localStorage for XSS protection) - Clear token on tab close if using memory storage - Handle CORS correctly for API requests ## Acceptance Criteria - [ ] All API calls include valid auth token - [ ] 401 responses trigger re-authentication flow - [ ] Token is stored securely - [ ] Logout clears authentication state

libretech added the

phase-2

label 2026-02-25 16:05:14 +01:00

libretech referenced this issue

2026-02-28 09:33:11 +01:00

Epic: Phase 2 — Frontend Auth + Adaptation #12

libretech added the

task

label 2026-02-28 20:26:11 +01:00

libretech added the

frontend

security