40 lines
1.1 KiB
JavaScript
40 lines
1.1 KiB
JavaScript
import { apiAction } from './api.js';
|
|
import { initUserPanel, initAccountPage } from './ui-user.js';
|
|
import { mountLogoutButton, ensureFloatingLogout } from './ui-auth.js';
|
|
|
|
const pageType = document.body?.dataset?.page || 'account';
|
|
|
|
async function ensureAuthenticated() {
|
|
try {
|
|
const me = await apiAction('auth.me', { method: 'GET' });
|
|
if (!me?.ok || !me?.user) {
|
|
window.location.href = '/login.php';
|
|
return false;
|
|
}
|
|
window.__currentUser = me.user;
|
|
document.documentElement.classList.remove('auth-pending');
|
|
return true;
|
|
} catch {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function ensureAccess() {
|
|
const role = (window.__currentUser?.role || '').toLowerCase();
|
|
if (pageType === 'admin' && role !== 'owner' && role !== 'admin') {
|
|
window.location.href = '/account.php';
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
document.addEventListener('DOMContentLoaded', async () => {
|
|
const ok = await ensureAuthenticated();
|
|
if (!ok) return;
|
|
if (!ensureAccess()) return;
|
|
initUserPanel();
|
|
initAccountPage();
|
|
mountLogoutButton('#btn-logout', { redirect: '/login.php' });
|
|
ensureFloatingLogout({ redirect: '/login.php' });
|
|
});
|