ui/auth_state.svelte.ts

Reactive state for cookie-based authentication.

SPA auth pattern: prerendered static HTML served by Hono, no SvelteKit server for SSR sessions. On load, fetches GET /api/account/status which returns the current account (200) or 401 with optional bootstrap_available. Login sends username + password once, then a signed httpOnly cookie handles all subsequent requests.

@example

<script lang="ts"> import {AuthState, auth_state_context} from '@fuzdev/fuz_app/ui/auth_state.svelte.js'; const auth = new AuthState(); auth_state_context.set(auth); auth.check_session(); </script> {#if auth.verifying} <p>checking session…</p> {:else if auth.needs_bootstrap} <BootstrapForm /> {:else if !auth.verified} <LoginForm /> {:else} <p>logged in as {auth.account?.username}</p> <button onclick={() => auth.logout()}>logout</button> {/if}

Declarations
#

2 declarations

view source

auth_state_context
#

ui/auth_state.svelte.ts view source

{ get: (error_message?: string | undefined) => AuthState; get_maybe: () => AuthState | undefined; set: (value: AuthState) => AuthState; }

Svelte context for AuthState. Use auth_state_context.set(state) in the provider and auth_state_context.get() to access.

AuthState
#

ui/auth_state.svelte.ts view source

verifying

verified

verify_error

type string | null

account

type SessionAccount | null

permits

type Array<Permit>

active_permits

type Array<Permit>

readonly

roles

type Array<string>

readonly

needs_bootstrap

True when bootstrap is available (no accounts exist yet).

check_session

Check auth state and bootstrap availability.

Fetches GET /api/account/status — returns account info (200) or 401 with optional bootstrap_available flag. Called on init, and after login/bootstrap to refresh state.

type (): Promise<void>

returns Promise<void>

login

Log in with username and password.

type (username: string, password: string): Promise<boolean>

username
type string
password
type string
returns Promise<boolean>

true if login succeeded, false otherwise

bootstrap

Bootstrap the first keeper account.

type (token: string, username: string, password: string): Promise<boolean>

token
type string
username
type string
password
type string
returns Promise<boolean>

true if bootstrap succeeded, false otherwise

signup

Sign up with an invite.

type (username: string, password: string, email?: string | undefined): Promise<boolean>

username
type string
password
type string
email?
type string | undefined
optional
returns Promise<boolean>

true if signup succeeded, false otherwise

logout

Log out by clearing the session cookie.

type (): Promise<void>

returns Promise<void>

Depends on
#

Imported by
#