play-life-web/src/components/auth/AuthContext.jsx

import React, { createContext, useContext, useState, useEffect, useCallback } from 'react'

const AuthContext = createContext(null)

const TOKEN_KEY = 'access_token'
const REFRESH_TOKEN_KEY = 'refresh_token'
const USER_KEY = 'user'

export function AuthProvider({ children }) {
  const [user, setUser] = useState(null)
  const [loading, setLoading] = useState(true)
  const [error, setError] = useState(null)

  const logout = useCallback(async () => {
    const token = localStorage.getItem(TOKEN_KEY)
    
    if (token) {
      try {
        await fetch('/api/auth/logout', {
          method: 'POST',
          headers: {
            'Authorization': `Bearer ${token}`,
            'Content-Type': 'application/json'
          }
        })
      } catch (err) {
        console.error('Logout error:', err)
      }
    }
    
    localStorage.removeItem(TOKEN_KEY)
    localStorage.removeItem(REFRESH_TOKEN_KEY)
    localStorage.removeItem(USER_KEY)
    setUser(null)
  }, [])

  const refreshToken = useCallback(async () => {
    const refresh = localStorage.getItem(REFRESH_TOKEN_KEY)
    
    if (!refresh) {
      return false
    }
    
    try {
      const response = await fetch('/api/auth/refresh', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({ refresh_token: refresh })
      })
      
      if (!response.ok) {
        return false
      }
      
      const data = await response.json()
      
      localStorage.setItem(TOKEN_KEY, data.access_token)
      localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)
      localStorage.setItem(USER_KEY, JSON.stringify(data.user))
      setUser(data.user)
      
      return true
    } catch (err) {
      console.error('Refresh token error:', err)
      return false
    }
  }, [])

  // Initialize from localStorage
  useEffect(() => {
    const initAuth = async () => {
      const token = localStorage.getItem(TOKEN_KEY)
      const savedUser = localStorage.getItem(USER_KEY)
      
      if (token && savedUser) {
        try {
          setUser(JSON.parse(savedUser))
          // Verify token is still valid with timeout
          const controller = new AbortController()
          const timeoutId = setTimeout(() => controller.abort(), 5000) // 5 second timeout
          
          const response = await fetch('/api/auth/me', {
            headers: {
              'Authorization': `Bearer ${token}`,
              'Content-Type': 'application/json'
            },
            signal: controller.signal
          })
          
          clearTimeout(timeoutId)
          
          if (response.ok) {
            const data = await response.json()
            setUser(data.user)
            localStorage.setItem(USER_KEY, JSON.stringify(data.user))
          } else if (response.status === 401) {
            // Try to refresh token
            const refreshed = await refreshToken()
            if (!refreshed) {
              logout()
            }
          } else {
            // For other errors (like 503, 502, network errors), don't clear auth
            // Just log the error and keep the user logged in
            console.warn('Auth check failed with status:', response.status, 'but keeping session')
          }
        } catch (err) {
          // Network errors (e.g., backend not ready) should not clear auth
          // Only clear if it's a real auth error
          if (err.name === 'AbortError') {
            // Timeout - backend might be starting up, keep auth state
            console.warn('Auth check timeout, backend might be starting up. Keeping session.')
          } else if (err.name === 'TypeError' && (err.message.includes('fetch') || err.message.includes('Failed to fetch'))) {
            // Network error - backend might be starting up, keep auth state
            console.warn('Network error during auth check, keeping session:', err.message)
          } else {
            // Other errors - might be auth related
            console.error('Auth init error:', err)
            // Don't automatically logout on unknown errors
          }
        }
      }
      setLoading(false)
    }
    
    initAuth()
  }, [refreshToken, logout])

  const login = useCallback(async (email, password) => {
    setError(null)
    try {
      const response = await fetch('/api/auth/login', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({ email, password })
      })
      
      const data = await response.json()
      
      if (!response.ok) {
        throw new Error(data.error || 'Ошибка входа')
      }
      
      localStorage.setItem(TOKEN_KEY, data.access_token)
      localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)
      localStorage.setItem(USER_KEY, JSON.stringify(data.user))
      setUser(data.user)
      
      return true
    } catch (err) {
      setError(err.message)
      return false
    }
  }, [])

  const register = useCallback(async (email, password, name) => {
    setError(null)
    try {
      const response = await fetch('/api/auth/register', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({ email, password, name: name || undefined })
      })
      
      const data = await response.json()
      
      if (!response.ok) {
        throw new Error(data.error || 'Ошибка регистрации')
      }
      
      localStorage.setItem(TOKEN_KEY, data.access_token)
      localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)
      localStorage.setItem(USER_KEY, JSON.stringify(data.user))
      setUser(data.user)
      
      return true
    } catch (err) {
      setError(err.message)
      return false
    }
  }, [])

  const getToken = useCallback(() => {
    return localStorage.getItem(TOKEN_KEY)
  }, [])

  // Fetch wrapper that handles auth
  const authFetch = useCallback(async (url, options = {}) => {
    const token = localStorage.getItem(TOKEN_KEY)
    
    const headers = {
      'Content-Type': 'application/json',
      ...options.headers
    }
    
    if (token) {
      headers['Authorization'] = `Bearer ${token}`
    }
    
    try {
      let response = await fetch(url, { ...options, headers })
      
      // If 401, try to refresh token and retry
      if (response.status === 401) {
        const refreshed = await refreshToken()
        if (refreshed) {
          const newToken = localStorage.getItem(TOKEN_KEY)
          headers['Authorization'] = `Bearer ${newToken}`
          response = await fetch(url, { ...options, headers })
        } else {
          // Only logout if refresh failed (real auth error)
          logout()
        }
      }
      
      return response
    } catch (err) {
      // Network errors should not trigger logout
      // Let the caller handle the error
      throw err
    }
  }, [refreshToken, logout])

  const value = {
    user,
    loading,
    error,
    login,
    register,
    logout,
    getToken,
    authFetch,
    isAuthenticated: !!user
  }

  return (
    <AuthContext.Provider value={value}>
      {children}
    </AuthContext.Provider>
  )
}

export function useAuth() {
  const context = useContext(AuthContext)
  if (!context) {
    throw new Error('useAuth must be used within an AuthProvider')
  }
  return context
}

export default AuthContext
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`import React, { createContext, useContext, useState, useEffect, useCallback } from 'react'`

			`const AuthContext = createContext(null)`

			`const TOKEN_KEY = 'access_token'`
			`const REFRESH_TOKEN_KEY = 'refresh_token'`
			`const USER_KEY = 'user'`

			`export function AuthProvider({ children }) {`
			`const [user, setUser] = useState(null)`
			`const [loading, setLoading] = useState(true)`
			`const [error, setError] = useState(null)`

Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`const logout = useCallback(async () => {`
			`const token = localStorage.getItem(TOKEN_KEY)`

			`if (token) {`
			`try {`
			`await fetch('/api/auth/logout', {`
			`method: 'POST',`
			`headers: {`
			'Authorization': `Bearer ${token}`,
			`'Content-Type': 'application/json'`
			`}`
			`})`
			`} catch (err) {`
			`console.error('Logout error:', err)`
			`}`
			`}`

			`localStorage.removeItem(TOKEN_KEY)`
			`localStorage.removeItem(REFRESH_TOKEN_KEY)`
			`localStorage.removeItem(USER_KEY)`
			`setUser(null)`
			`}, [])`

			`const refreshToken = useCallback(async () => {`
			`const refresh = localStorage.getItem(REFRESH_TOKEN_KEY)`

			`if (!refresh) {`
			`return false`
			`}`

			`try {`
			`const response = await fetch('/api/auth/refresh', {`
			`method: 'POST',`
			`headers: {`
			`'Content-Type': 'application/json'`
			`},`
			`body: JSON.stringify({ refresh_token: refresh })`
			`})`

			`if (!response.ok) {`
			`return false`
			`}`

			`const data = await response.json()`

			`localStorage.setItem(TOKEN_KEY, data.access_token)`
			`localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)`
			`localStorage.setItem(USER_KEY, JSON.stringify(data.user))`
			`setUser(data.user)`

			`return true`
			`} catch (err) {`
			`console.error('Refresh token error:', err)`
			`return false`
			`}`
			`}, [])`

v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`// Initialize from localStorage`
			`useEffect(() => {`
			`const initAuth = async () => {`
			`const token = localStorage.getItem(TOKEN_KEY)`
			`const savedUser = localStorage.getItem(USER_KEY)`

			`if (token && savedUser) {`
			`try {`
			`setUser(JSON.parse(savedUser))`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`// Verify token is still valid with timeout`
			`const controller = new AbortController()`
			`const timeoutId = setTimeout(() => controller.abort(), 5000) // 5 second timeout`

v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`const response = await fetch('/api/auth/me', {`
			`headers: {`
			'Authorization': `Bearer ${token}`,
			`'Content-Type': 'application/json'`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`},`
			`signal: controller.signal`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`})`

Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`clearTimeout(timeoutId)`

v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`if (response.ok) {`
			`const data = await response.json()`
			`setUser(data.user)`
			`localStorage.setItem(USER_KEY, JSON.stringify(data.user))`
			`} else if (response.status === 401) {`
			`// Try to refresh token`
			`const refreshed = await refreshToken()`
			`if (!refreshed) {`
			`logout()`
			`}`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`} else {`
			`// For other errors (like 503, 502, network errors), don't clear auth`
			`// Just log the error and keep the user logged in`
			`console.warn('Auth check failed with status:', response.status, 'but keeping session')`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`}`
			`} catch (err) {`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`// Network errors (e.g., backend not ready) should not clear auth`
			`// Only clear if it's a real auth error`
			`if (err.name === 'AbortError') {`
			`// Timeout - backend might be starting up, keep auth state`
			`console.warn('Auth check timeout, backend might be starting up. Keeping session.')`
			`} else if (err.name === 'TypeError' && (err.message.includes('fetch') \|\| err.message.includes('Failed to fetch'))) {`
			`// Network error - backend might be starting up, keep auth state`
			`console.warn('Network error during auth check, keeping session:', err.message)`
			`} else {`
			`// Other errors - might be auth related`
			`console.error('Auth init error:', err)`
			`// Don't automatically logout on unknown errors`
			`}`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`}`
			`}`
			`setLoading(false)`
			`}`

			`initAuth()`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`}, [refreshToken, logout])`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00
			`const login = useCallback(async (email, password) => {`
			`setError(null)`
			`try {`
			`const response = await fetch('/api/auth/login', {`
			`method: 'POST',`
			`headers: {`
			`'Content-Type': 'application/json'`
			`},`
			`body: JSON.stringify({ email, password })`
			`})`

			`const data = await response.json()`

			`if (!response.ok) {`
			`throw new Error(data.error \|\| 'Ошибка входа')`
			`}`

			`localStorage.setItem(TOKEN_KEY, data.access_token)`
			`localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)`
			`localStorage.setItem(USER_KEY, JSON.stringify(data.user))`
			`setUser(data.user)`

			`return true`
			`} catch (err) {`
			`setError(err.message)`
			`return false`
			`}`
			`}, [])`

			`const register = useCallback(async (email, password, name) => {`
			`setError(null)`
			`try {`
			`const response = await fetch('/api/auth/register', {`
			`method: 'POST',`
			`headers: {`
			`'Content-Type': 'application/json'`
			`},`
			`body: JSON.stringify({ email, password, name: name \|\| undefined })`
			`})`

			`const data = await response.json()`

			`if (!response.ok) {`
			`throw new Error(data.error \|\| 'Ошибка регистрации')`
			`}`

			`localStorage.setItem(TOKEN_KEY, data.access_token)`
			`localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)`
			`localStorage.setItem(USER_KEY, JSON.stringify(data.user))`
			`setUser(data.user)`

			`return true`
			`} catch (err) {`
			`setError(err.message)`
			`return false`
			`}`
			`}, [])`

			`const getToken = useCallback(() => {`
			`return localStorage.getItem(TOKEN_KEY)`
			`}, [])`

			`// Fetch wrapper that handles auth`
			`const authFetch = useCallback(async (url, options = {}) => {`
			`const token = localStorage.getItem(TOKEN_KEY)`

			`const headers = {`
			`'Content-Type': 'application/json',`
			`...options.headers`
			`}`

			`if (token) {`
			headers['Authorization'] = `Bearer ${token}`
			`}`

Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00			`try {`
			`let response = await fetch(url, { ...options, headers })`

			`// If 401, try to refresh token and retry`
			`if (response.status === 401) {`
			`const refreshed = await refreshToken()`
			`if (refreshed) {`
			`const newToken = localStorage.getItem(TOKEN_KEY)`
			headers['Authorization'] = `Bearer ${newToken}`
			`response = await fetch(url, { ...options, headers })`
			`} else {`
			`// Only logout if refresh failed (real auth error)`
			`logout()`
			`}`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`}`
Fix: Prevent auth state loss on container restart (v2.7.2) 2026-01-02 16:15:42 +03:00
			`return response`
			`} catch (err) {`
			`// Network errors should not trigger logout`
			`// Let the caller handle the error`
			`throw err`
v2.0.0: Multi-user authentication with JWT Features: - User registration and login with JWT tokens - All data is now user-specific (multi-tenancy) - Profile page with integrations and logout - Automatic migration of existing data to first user Backend changes: - Added users and refresh_tokens tables - Added user_id to all data tables (projects, entries, nodes, dictionaries, words, progress, configs, telegram_integrations, weekly_goals) - JWT authentication middleware - claimOrphanedData() for data migration Frontend changes: - AuthContext for state management - Login/Register forms - Profile page (replaced Integrations) - All API calls use authFetch with Bearer token Migration notes: - On first deploy, backend automatically adds user_id columns - First user to login claims all existing data 2026-01-01 18:21:18 +03:00			`}`
			`}, [refreshToken, logout])`

			`const value = {`
			`user,`
			`loading,`
			`error,`
			`login,`
			`register,`
			`logout,`
			`getToken,`
			`authFetch,`
			`isAuthenticated: !!user`
			`}`

			`return (`
			`<AuthContext.Provider value={value}>`
			`{children}`
			`</AuthContext.Provider>`
			`)`
			`}`

			`export function useAuth() {`
			`const context = useContext(AuthContext)`
			`if (!context) {`
			`throw new Error('useAuth must be used within an AuthProvider')`
			`}`
			`return context`
			`}`

			`export default AuthContext`