fix: forward session token in admin SSR load functions

Admin list queries (users, videos, articles) were using getGraphQLClient without auth credentials, causing silent 403s on server-side loads. Now extract session_token cookie and pass it to getAuthClient so the backend sees the admin session on SSR requests. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-06 12:56:47 +01:00
parent ad7ceee5f8
commit ebab3405b1
6 changed files with 24 additions and 15 deletions
--- a/packages/frontend/src/routes/admin/articles/+page.server.ts
+++ b/packages/frontend/src/routes/admin/articles/+page.server.ts
@@ -1,6 +1,7 @@
 import { adminListArticles } from "$lib/services";

-export async function load({ fetch }) {
-  const articles = await adminListArticles(fetch).catch(() => []);
+export async function load({ fetch, cookies }) {
+  const token = cookies.get("session_token") || "";
+  const articles = await adminListArticles(fetch, token).catch(() => []);
  return { articles };
 }
--- a/packages/frontend/src/routes/admin/articles/[id]/+page.server.ts
+++ b/packages/frontend/src/routes/admin/articles/[id]/+page.server.ts
@@ -1,8 +1,9 @@
 import { adminListArticles } from "$lib/services";
 import { error } from "@sveltejs/kit";

-export async function load({ params, fetch }) {
-  const articles = await adminListArticles(fetch).catch(() => []);
+export async function load({ params, fetch, cookies }) {
+  const token = cookies.get("session_token") || "";
+  const articles = await adminListArticles(fetch, token).catch(() => []);
  const article = articles.find((a) => a.id === params.id);
  if (!article) throw error(404, "Article not found");
  return { article };