From 2f76ce45adf820b8db4163eb24d43e114fb24325 Mon Sep 17 00:00:00 2001 From: Carlos Date: Tue, 20 Jan 2026 21:39:55 -0800 Subject: [PATCH 1/2] fix: add credentials to frontend fetch calls for auth middleware The auth middleware added in PR #408 requires session cookies on all task API endpoints. Frontend fetch calls were missing credentials: 'include', causing 401 errors when fetching/modifying tasks. Co-Authored-By: Claude Opus 4.5 --- frontend/src/components/HomeComponents/Tasks/hooks.ts | 4 ++++ frontend/src/components/HomeComponents/Tasks/tasks-utils.ts | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/frontend/src/components/HomeComponents/Tasks/hooks.ts b/frontend/src/components/HomeComponents/Tasks/hooks.ts index 710861aa..13f0fe24 100644 --- a/frontend/src/components/HomeComponents/Tasks/hooks.ts +++ b/frontend/src/components/HomeComponents/Tasks/hooks.ts @@ -16,6 +16,7 @@ export const fetchTaskwarriorTasks = async ({ const response = await fetch(fullURL, { method: 'GET', + credentials: 'include', headers: { 'Content-Type': 'application/json', 'X-User-Email': email, @@ -105,6 +106,7 @@ export const addTaskToBackend = async ({ const response = await fetch(`${backendURL}add-task`, { method: 'POST', + credentials: 'include', body: JSON.stringify(requestBody), headers: { 'Content-Type': 'application/json', @@ -156,6 +158,7 @@ export const editTaskOnBackend = async ({ }) => { const response = await fetch(`${backendURL}edit-task`, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email, encryptionSecret, @@ -213,6 +216,7 @@ export const modifyTaskOnBackend = async ({ }) => { const response = await fetch(`${backendURL}modify-task`, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email, encryptionSecret, diff --git a/frontend/src/components/HomeComponents/Tasks/tasks-utils.ts b/frontend/src/components/HomeComponents/Tasks/tasks-utils.ts index 3d7591e8..4da8165e 100644 --- a/frontend/src/components/HomeComponents/Tasks/tasks-utils.ts +++ b/frontend/src/components/HomeComponents/Tasks/tasks-utils.ts @@ -29,6 +29,7 @@ export const markTaskAsCompleted = async ( const response = await fetch(backendURL, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email: email, encryptionSecret: encryptionSecret, @@ -56,6 +57,7 @@ export const bulkMarkTasksAsCompleted = async ( const response = await fetch(backendURL, { method: 'POST', + credentials: 'include', headers: { 'Content-Type': 'application/json', }, @@ -97,6 +99,7 @@ export const bulkMarkTasksAsDeleted = async ( const response = await fetch(backendURL, { method: 'POST', + credentials: 'include', headers: { 'Content-Type': 'application/json', }, @@ -138,6 +141,7 @@ export const markTaskAsDeleted = async ( const response = await fetch(backendURL, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email: email, encryptionSecret: encryptionSecret, From ca57f049ff7339f5577fdad75c65dd79c634abba Mon Sep 17 00:00:00 2001 From: Carlos Date: Wed, 21 Jan 2026 21:20:24 -0800 Subject: [PATCH 2/2] test: update test expectations to include credentials: 'include' The fetch calls now include credentials: 'include' for cookie-based auth. Update test expectations to match this change. Co-Authored-By: Claude Opus 4.5 --- .../components/HomeComponents/Tasks/__tests__/hooks.test.ts | 4 ++++ .../HomeComponents/Tasks/__tests__/tasks-utils.test.ts | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/frontend/src/components/HomeComponents/Tasks/__tests__/hooks.test.ts b/frontend/src/components/HomeComponents/Tasks/__tests__/hooks.test.ts index 8be41e4d..12c95926 100644 --- a/frontend/src/components/HomeComponents/Tasks/__tests__/hooks.test.ts +++ b/frontend/src/components/HomeComponents/Tasks/__tests__/hooks.test.ts @@ -45,6 +45,7 @@ describe('fetchTaskwarriorTasks', () => { expect(fetch).toHaveBeenCalledWith('http://localhost:8080/tasks', { method: 'GET', + credentials: 'include', headers: { 'Content-Type': 'application/json', 'X-User-Email': 'user@test.com', @@ -110,6 +111,7 @@ describe('addTaskToBackend', () => { expect(fetch).toHaveBeenCalledWith('http://backend/add-task', { method: 'POST', + credentials: 'include', body: expect.any(String), headers: { 'Content-Type': 'application/json', @@ -436,6 +438,7 @@ describe('editTaskOnBackend', () => { expect(fetch).toHaveBeenCalledWith('http://backend/edit-task', { method: 'POST', + credentials: 'include', body: expect.any(String), headers: { 'Content-Type': 'application/json', @@ -551,6 +554,7 @@ describe('modifyTaskOnBackend', () => { expect(fetch).toHaveBeenCalledWith('http://backend/modify-task', { method: 'POST', + credentials: 'include', body: expect.any(String), headers: { 'Content-Type': 'application/json', diff --git a/frontend/src/components/HomeComponents/Tasks/__tests__/tasks-utils.test.ts b/frontend/src/components/HomeComponents/Tasks/__tests__/tasks-utils.test.ts index 4f2b6366..46ed2b5e 100644 --- a/frontend/src/components/HomeComponents/Tasks/__tests__/tasks-utils.test.ts +++ b/frontend/src/components/HomeComponents/Tasks/__tests__/tasks-utils.test.ts @@ -241,6 +241,7 @@ describe('markTaskAsCompleted', () => { expect(fetch).toHaveBeenCalledWith(backendURL, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email: email, encryptionSecret: encryptionSecret, @@ -269,6 +270,7 @@ describe('markTaskAsDeleted', () => { expect(fetch).toHaveBeenCalledWith(backendURL, { method: 'POST', + credentials: 'include', body: JSON.stringify({ email: email, encryptionSecret: encryptionSecret, @@ -416,6 +418,7 @@ describe('bulkMarkTasksAsCompleted', () => { expect.stringContaining('complete-tasks'), { method: 'POST', + credentials: 'include', headers: { 'Content-Type': 'application/json', }, @@ -486,6 +489,7 @@ describe('bulkMarkTasksAsDeleted', () => { expect(fetch).toHaveBeenCalledWith(backendURL, { method: 'POST', + credentials: 'include', headers: { 'Content-Type': 'application/json', },