wrongmove/frontend/src/services/apiClient.ts

// Generic API client with authentication

import type { AuthUser } from '@/auth/types';
import { ApiError } from '@/types';

let onUnauthorized: (() => void) | null = null;

export function setOnUnauthorized(handler: () => void): void {
  onUnauthorized = handler;
}

export function fireUnauthorized(): void {
  if (onUnauthorized) {
    onUnauthorized();
  }
}

export interface RequestOptions {
  method?: 'GET' | 'POST' | 'PUT' | 'DELETE';
  params?: Record<string, string | number | boolean | Date | undefined>;
  body?: unknown;
}

/**
 * Build query string from parameters object
 */
function buildQueryString(params: Record<string, string | number | boolean | Date | undefined>): string {
  const queryString = new URLSearchParams();

  for (const [key, value] of Object.entries(params)) {
    if (value !== undefined && value !== null && value !== '') {
      if (value instanceof Date) {
        queryString.append(key, value.toISOString());
      } else {
        queryString.append(key, String(value));
      }
    }
  }

  return queryString.toString();
}

/**
 * Generic authenticated API request
 */
export async function apiRequest<T>(
  user: AuthUser,
  endpoint: string,
  options: RequestOptions = {}
): Promise<T> {
  const { method = 'GET', params, body } = options;

  let url = endpoint;
  if (params) {
    const queryString = buildQueryString(params);
    if (queryString) {
      url = `${endpoint}?${queryString}`;
    }
  }

  const fetchOptions: RequestInit = {
    method,
    headers: {
      Authorization: `Bearer ${user.accessToken}`,
      'Content-Type': 'application/json',
    },
  };

  if (body !== undefined) {
    fetchOptions.body = JSON.stringify(body);
  }

  const response = await fetch(url, fetchOptions);

  if (!response.ok) {
    if (response.status === 401) {
      fireUnauthorized();
    }
    throw new ApiError(`Error: ${response.status}`, response.status);
  }

  return response.json() as Promise<T>;
}
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`// Generic API client with authentication`

Add passkey (WebAuthn) authentication with self-registration Enable users to sign up and sign in using passkeys (biometrics/security keys) without needing a manually-created Authentik account. The existing SSO login remains as an alternative. Backend: - Add WebAuthn registration/authentication endpoints via py-webauthn - Issue HS256 JWTs for passkey users, with Redis-backed challenge storage - Dual JWT verification in auth middleware (issuer-based routing: passkey HS256 vs Authentik RS256) - PasskeyCredential model + migration making user.password nullable - UserRepository with full CRUD for users and credentials Frontend: - AuthUser type abstraction unifying OIDC and passkey users - Passkey service using @simplewebauthn/browser for WebAuthn ceremonies - LoginModal redesigned with Sign In / Sign Up tabs - Type migration from oidc-client-ts User to AuthUser across all services and components 2026-02-07 00:34:47 +00:00			`import type { AuthUser } from '@/auth/types';`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`import { ApiError } from '@/types';`

Auto-redirect to login on 401 API responses When a session token expires, API calls return 401 but nothing caught it — errors were shown as generic dialogs or swallowed. Now both apiClient and streamingService detect 401 responses and clear auth state, which causes App.tsx to render the login modal automatically. 2026-02-13 21:16:53 +00:00			`let onUnauthorized: (() => void) \| null = null;`

			`export function setOnUnauthorized(handler: () => void): void {`
			`onUnauthorized = handler;`
			`}`

			`export function fireUnauthorized(): void {`
			`if (onUnauthorized) {`
			`onUnauthorized();`
			`}`
			`}`

Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`export interface RequestOptions {`
			`method?: 'GET' \| 'POST' \| 'PUT' \| 'DELETE';`
			`params?: Record<string, string \| number \| boolean \| Date \| undefined>;`
Add frontend POI management and travel time display POIManager component in FilterPanel for creating/deleting POIs and triggering distance calculations. PropertyCard shows travel time badges (walk/cycle/transit) per POI. Map renders POI locations as red markers. API client extended with POST body support for POI endpoints. 2026-02-08 13:16:32 +00:00			`body?: unknown;`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`}`

			`/**`
			`* Build query string from parameters object`
			`*/`
			`function buildQueryString(params: Record<string, string \| number \| boolean \| Date \| undefined>): string {`
			`const queryString = new URLSearchParams();`

			`for (const [key, value] of Object.entries(params)) {`
			`if (value !== undefined && value !== null && value !== '') {`
			`if (value instanceof Date) {`
			`queryString.append(key, value.toISOString());`
			`} else {`
			`queryString.append(key, String(value));`
			`}`
			`}`
			`}`

			`return queryString.toString();`
			`}`

			`/**`
			`* Generic authenticated API request`
			`*/`
			`export async function apiRequest<T>(`
Add passkey (WebAuthn) authentication with self-registration Enable users to sign up and sign in using passkeys (biometrics/security keys) without needing a manually-created Authentik account. The existing SSO login remains as an alternative. Backend: - Add WebAuthn registration/authentication endpoints via py-webauthn - Issue HS256 JWTs for passkey users, with Redis-backed challenge storage - Dual JWT verification in auth middleware (issuer-based routing: passkey HS256 vs Authentik RS256) - PasskeyCredential model + migration making user.password nullable - UserRepository with full CRUD for users and credentials Frontend: - AuthUser type abstraction unifying OIDC and passkey users - Passkey service using @simplewebauthn/browser for WebAuthn ceremonies - LoginModal redesigned with Sign In / Sign Up tabs - Type migration from oidc-client-ts User to AuthUser across all services and components 2026-02-07 00:34:47 +00:00			`user: AuthUser,`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`endpoint: string,`
			`options: RequestOptions = {}`
			`): Promise<T> {`
Add frontend POI management and travel time display POIManager component in FilterPanel for creating/deleting POIs and triggering distance calculations. PropertyCard shows travel time badges (walk/cycle/transit) per POI. Map renders POI locations as red markers. API client extended with POST body support for POI endpoints. 2026-02-08 13:16:32 +00:00			`const { method = 'GET', params, body } = options;`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00
			`let url = endpoint;`
			`if (params) {`
			`const queryString = buildQueryString(params);`
			`if (queryString) {`
			url = `${endpoint}?${queryString}`;
			`}`
			`}`

Add frontend POI management and travel time display POIManager component in FilterPanel for creating/deleting POIs and triggering distance calculations. PropertyCard shows travel time badges (walk/cycle/transit) per POI. Map renders POI locations as red markers. API client extended with POST body support for POI endpoints. 2026-02-08 13:16:32 +00:00			`const fetchOptions: RequestInit = {`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`method,`
			`headers: {`
Add passkey (WebAuthn) authentication with self-registration Enable users to sign up and sign in using passkeys (biometrics/security keys) without needing a manually-created Authentik account. The existing SSO login remains as an alternative. Backend: - Add WebAuthn registration/authentication endpoints via py-webauthn - Issue HS256 JWTs for passkey users, with Redis-backed challenge storage - Dual JWT verification in auth middleware (issuer-based routing: passkey HS256 vs Authentik RS256) - PasskeyCredential model + migration making user.password nullable - UserRepository with full CRUD for users and credentials Frontend: - AuthUser type abstraction unifying OIDC and passkey users - Passkey service using @simplewebauthn/browser for WebAuthn ceremonies - LoginModal redesigned with Sign In / Sign Up tabs - Type migration from oidc-client-ts User to AuthUser across all services and components 2026-02-07 00:34:47 +00:00			Authorization: `Bearer ${user.accessToken}`,
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			`'Content-Type': 'application/json',`
			`},`
Add frontend POI management and travel time display POIManager component in FilterPanel for creating/deleting POIs and triggering distance calculations. PropertyCard shows travel time badges (walk/cycle/transit) per POI. Map renders POI locations as red markers. API client extended with POST body support for POI endpoints. 2026-02-08 13:16:32 +00:00			`};`

			`if (body !== undefined) {`
			`fetchOptions.body = JSON.stringify(body);`
			`}`

			`const response = await fetch(url, fetchOptions);`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00
			`if (!response.ok) {`
Auto-redirect to login on 401 API responses When a session token expires, API calls return 401 but nothing caught it — errors were shown as generic dialogs or swallowed. Now both apiClient and streamingService detect 401 responses and clear auth state, which causes App.tsx to render the login modal automatically. 2026-02-13 21:16:53 +00:00			`if (response.status === 401) {`
			`fireUnauthorized();`
			`}`
Add services layer, tests, streaming UI, and cleanup legacy code 2026-02-06 20:55:10 +00:00			throw new ApiError(`Error: ${response.status}`, response.status);
			`}`

			`return response.json() as Promise<T>;`
			`}`