From 4ad8235f7aeab1691a982520775983f60ae930f2 Mon Sep 17 00:00:00 2001 From: rcourtman Date: Sat, 13 Dec 2025 21:30:27 +0000 Subject: [PATCH] feat: add API token to WebSocket URL for authentication WebSocket connections can't send custom headers, so the token is passed as a query parameter. Works with the backend change to support ?token= auth. --- frontend-modern/src/utils/url.ts | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/frontend-modern/src/utils/url.ts b/frontend-modern/src/utils/url.ts index 3cd88be..6178a7a 100644 --- a/frontend-modern/src/utils/url.ts +++ b/frontend-modern/src/utils/url.ts @@ -57,5 +57,24 @@ export function getPulseWebSocketUrl(path = '/ws'): string { } const protocol = origin.protocol === 'https:' ? 'wss:' : 'ws:'; - return `${protocol}//${origin.host}${normalizedPath}`; + let url = `${protocol}//${origin.host}${normalizedPath}`; + + // Add API token as query parameter if available (WebSocket doesn't support headers) + // Import dynamically to avoid circular dependencies + try { + const storage = typeof window !== 'undefined' ? window.sessionStorage : null; + if (storage) { + const stored = storage.getItem('pulse_auth'); + if (stored) { + const parsed = JSON.parse(stored); + if (parsed?.type === 'token' && parsed.value) { + url += `?token=${encodeURIComponent(parsed.value)}`; + } + } + } + } catch { + // Ignore storage errors + } + + return url; }