fix: forward session token in admin SSR load functions

Admin list queries (users, videos, articles) were using getGraphQLClient without auth credentials, causing silent 403s on server-side loads. Now extract session_token cookie and pass it to getAuthClient so the backend sees the admin session on SSR requests. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-06 12:56:47 +01:00
parent ad7ceee5f8
commit ebab3405b1
6 changed files with 24 additions and 15 deletions
--- a/packages/frontend/src/routes/admin/videos/+page.server.ts
+++ b/packages/frontend/src/routes/admin/videos/+page.server.ts
@@ -1,6 +1,7 @@
 import { adminListVideos } from "$lib/services";

-export async function load({ fetch }) {
-  const videos = await adminListVideos(fetch).catch(() => []);
+export async function load({ fetch, cookies }) {
+  const token = cookies.get("session_token") || "";
+  const videos = await adminListVideos(fetch, token).catch(() => []);
  return { videos };
 }
--- a/packages/frontend/src/routes/admin/videos/[id]/+page.server.ts
+++ b/packages/frontend/src/routes/admin/videos/[id]/+page.server.ts
@@ -1,9 +1,10 @@
 import { adminListVideos, getModels } from "$lib/services";
 import { error } from "@sveltejs/kit";

-export async function load({ params, fetch }) {
+export async function load({ params, fetch, cookies }) {
+  const token = cookies.get("session_token") || "";
  const [allVideos, models] = await Promise.all([
-    adminListVideos(fetch).catch(() => []),
+    adminListVideos(fetch, token).catch(() => []),
    getModels(fetch).catch(() => []),
  ]);