Prevent access without login.

2026-02-05 23:50:08 +00:00 · 2025-06-21 20:37:31 -07:00
parent ad2ffdcd85
commit 309cbd4dc4
2 changed files with 87 additions and 4 deletions
--- a/src/scripts/api.ts
+++ b/src/scripts/api.ts
@@ -36,6 +36,7 @@ import type {
 } from '@/schemas/comfyWorkflowSchema'
 import type { ComfyNodeDef } from '@/schemas/nodeDefSchema'
 import type { NodeExecutionId } from '@/types/nodeIdentification'
+import { useFirebaseAuthStore } from '@/stores/firebaseAuthStore'
 import { WorkflowTemplates } from '@/types/workflowTemplateTypes'

 interface QueuePromptRequestBody {
@@ -311,7 +312,27 @@ export class ComfyApi extends EventTarget {
    return this.api_base + route
  }

-  fetchApi(route: string, options?: RequestInit) {
+  /**
+   * Waits for Firebase auth to be initialized before proceeding
+   */
+  async #waitForAuthInitialization(): Promise<void> {
+    const authStore = useFirebaseAuthStore()
+
+    if (authStore.isInitialized) {
+      return
+    }
+
+    return new Promise<void>((resolve) => {
+      const unwatch = authStore.$subscribe((_, state) => {
+        if (state.isInitialized) {
+          unwatch()
+          resolve()
+        }
+      })
+    })
+  }
+
+  async fetchApi(route: string, options?: RequestInit) {
    if (!options) {
      options = {}
    }
@@ -322,6 +343,30 @@ export class ComfyApi extends EventTarget {
      options.cache = 'no-cache'
    }

+    // Wait for Firebase auth to be initialized before making any API request
+    await this.#waitForAuthInitialization()
+
+    // Add Firebase JWT token if user is logged in
+    try {
+      const authHeader = await useFirebaseAuthStore().getAuthHeader()
+      if (authHeader) {
+        if (Array.isArray(options.headers)) {
+          for (const [key, value] of Object.entries(authHeader)) {
+            options.headers.push([key, value])
+          }
+        } else if (options.headers instanceof Headers) {
+          for (const [key, value] of Object.entries(authHeader)) {
+            options.headers.set(key, value)
+          }
+        } else {
+          Object.assign(options.headers, authHeader)
+        }
+      }
+    } catch (error) {
+      // Silently ignore auth errors to avoid breaking API calls
+      console.warn('Failed to get auth header:', error)
+    }
+
    if (Array.isArray(options.headers)) {
      options.headers.push(['Comfy-User', this.user])
    } else if (options.headers instanceof Headers) {