feat(frontend): Send JWT with every request

legalconsenthub/composables/applicationForm/useApplicationFormApi.ts

@@ -5,12 +5,15 @@ import { cleanDoubleSlashes, withoutTrailingSlash } from 'ufo'
 export function useApplicationFormApi() {
   const appBaseUrl = useRuntimeConfig().app.baseURL
   const { serverApiBaseUrl, serverApiBasePath, clientProxyBasePath } = useRuntimeConfig().public
+  const { jwt } = useAuth()
 
   const basePath = withoutTrailingSlash(
     cleanDoubleSlashes(import.meta.client ? appBaseUrl + clientProxyBasePath : serverApiBaseUrl + serverApiBasePath)
   )
 
-  const applicationFormApiClient = new ApplicationFormApi(new Configuration({ basePath }))
+  const applicationFormApiClient = new ApplicationFormApi(
+    new Configuration({ basePath, headers: { Authorization: jwt.value ?? '' } })
+  )
 
   async function createApplicationForm(
     createApplicationFormDto: CreateApplicationFormDto

legalconsenthub/composables/useAuth.ts

@@ -3,7 +3,7 @@
 import { defu } from 'defu'
 import { createAuthClient } from 'better-auth/client'
 import type { InferSessionFromClient, InferUserFromClient, ClientOptions } from 'better-auth/client'
-import { organizationClient } from 'better-auth/client/plugins'
+import { organizationClient, jwtClient } from 'better-auth/client/plugins'
 import type { RouteLocationRaw } from 'vue-router'
 
 interface RuntimeAuthConfig {
@@ -20,7 +20,7 @@ export function useAuth() {
     fetchOptions: {
       headers
     },
-    plugins: [organizationClient()]
+    plugins: [organizationClient(), jwtClient()]
   })
 
   const options = defu(useRuntimeConfig().public.auth as Partial<RuntimeAuthConfig>, {
@@ -30,8 +30,9 @@ export function useAuth() {
   const session = useState<InferSessionFromClient<ClientOptions> | null>('auth:session', () => null)
   const user = useState<InferUserFromClient<ClientOptions> | null>('auth:user', () => null)
   const sessionFetching = import.meta.server ? ref(false) : useState('auth:sessionFetching', () => false)
+  const jwt = useState<string | null>('auth:jwt', () => null)
 
-  const fetchSession = async () => {
+  async function fetchSession() {
     if (sessionFetching.value) {
       console.log('already fetching session')
       return
@@ -42,6 +43,7 @@ export function useAuth() {
         headers
       }
     })
+    jwt.value = (await client.token()).data?.token ?? null
     session.value = data?.session || null
     user.value = data?.user || null
     sessionFetching.value = false
@@ -79,6 +81,7 @@ export function useAuth() {
     organization: client.organization,
     options,
     fetchSession,
-    client
+    client,
+    jwt
   }
 }

legalconsenthub/server/utils/auth.ts

@@ -1,12 +1,13 @@
 import { betterAuth } from 'better-auth'
 import Database from 'better-sqlite3'
-import { organization } from 'better-auth/plugins'
+import { organization, jwt } from 'better-auth/plugins'
 import { resend } from './mail'
 
 export const auth = betterAuth({
   database: new Database('./sqlite.db'),
   emailAndPassword: { enabled: true, autoSignIn: false },
   plugins: [
+    jwt(),
     organization({
       async sendInvitationEmail(data) {
         console.log('Sending invitation email', data)