From 726e502d550898fc867359fd298f40ec2d1144a1 Mon Sep 17 00:00:00 2001 From: cogwheel0 <172976095+cogwheel0@users.noreply.github.com> Date: Tue, 9 Sep 2025 13:15:49 +0530 Subject: [PATCH] fix: normal user logins calling admin endpoints --- lib/core/auth/api_auth_interceptor.dart | 21 ++++++++++++-- lib/core/services/api_service.dart | 37 +++++++++---------------- 2 files changed, 31 insertions(+), 27 deletions(-) diff --git a/lib/core/auth/api_auth_interceptor.dart b/lib/core/auth/api_auth_interceptor.dart index 86713d0..5040a4e 100644 --- a/lib/core/auth/api_auth_interceptor.dart +++ b/lib/core/auth/api_auth_interceptor.dart @@ -62,6 +62,11 @@ class ApiAuthInterceptor extends Interceptor { } } + // Endpoints that support optional auth should not strictly require it + if (_hasOptionalAuth(path)) { + return false; + } + // All other endpoints require authentication per OpenAPI spec return true; } @@ -135,9 +140,19 @@ class ApiAuthInterceptor extends Interceptor { // Handle authentication errors consistently if (statusCode == 401) { - // 401 always indicates invalid/expired auth token - DebugLogger.auth('401 Unauthorized on $path - clearing auth token'); - _clearAuthToken(); + // Do not clear the token for public or optional-auth endpoints. + // A 401 here may indicate endpoint-level permission or server config, + // not necessarily an expired/invalid token. + final requiresAuth = _requiresAuth(path); + final optionalAuth = _hasOptionalAuth(path); + if (requiresAuth && !optionalAuth) { + DebugLogger.auth('401 Unauthorized on $path - clearing auth token'); + _clearAuthToken(); + } else { + DebugLogger.auth( + '401 on public/optional endpoint $path - keeping auth token', + ); + } } else if (statusCode == 403) { // 403 on protected endpoints indicates insufficient permissions or invalid token final requiresAuth = _requiresAuth(path); diff --git a/lib/core/services/api_service.dart b/lib/core/services/api_service.dart index 14a3692..476f292 100644 --- a/lib/core/services/api_service.dart +++ b/lib/core/services/api_service.dart @@ -219,13 +219,19 @@ class ApiService { DebugLogger.log('User settings retrieved successfully'); - final settings = response.data as Map; + final data = response.data; + if (data is! Map) { + DebugLogger.warning( + 'User settings response is empty or unexpected type: ${data.runtimeType}', + ); + return null; + } // Extract default model from ui.models array - final ui = settings['ui'] as Map?; - if (ui != null) { - final models = ui['models'] as List?; - if (models != null && models.isNotEmpty) { + final ui = data['ui']; + if (ui is Map) { + final models = ui['models']; + if (models is List && models.isNotEmpty) { // Return the first model in the user's preferred models list final defaultModel = models.first.toString(); DebugLogger.log( @@ -239,25 +245,8 @@ class ApiService { return null; } catch (e) { DebugLogger.error('Error fetching default model from user settings', e); - // Fall back to trying the old endpoint - try { - DebugLogger.log('Falling back to configs/models endpoint'); - final response = await _dio.get('/api/v1/configs/models'); - final config = response.data as Map; - - final defaultModel = - config['DEFAULT_MODELS'] as String? ?? - config['default_models'] as String? ?? - config['default_model'] as String?; - - if (defaultModel != null && defaultModel.isNotEmpty) { - DebugLogger.log('Found default model from fallback: $defaultModel'); - return defaultModel; - } - } catch (fallbackError) { - DebugLogger.error('Fallback also failed', fallbackError); - } - + // Do not call admin-only configs endpoint here; let the caller + // handle fallback (e.g., first available model from /api/models). return null; } }