From e869eaff9c931d762bee386cb74a41916d1b692c Mon Sep 17 00:00:00 2001 From: uroma Date: Mon, 19 Jan 2026 17:43:39 +0000 Subject: [PATCH] fix: add credentials to fetch calls for authenticated API requests Fix "Failed to load on projects" error by including credentials in all fetch calls to /api/* endpoints. The session cookie must be sent with requests for requireAuth middleware to authenticate users. Changes: - projects.js: Add credentials: 'include' to all 6 API fetch calls (loadProjects, saveProject, deleteProject, loadDeletedProjects, restoreProject, permanentDeleteProject) - sessions-landing.js: Add credentials to 3 API fetch calls (loadSessionsAndProjects, moveSessionToProject, context menu suggestions) Resolves issue where projects page showed "Failed to load projects" error on https://www.rommark.dev/claude Co-Authored-By: Claude Sonnet 4.5 --- public/claude-ide/projects.js | 18 +++++++++++++----- public/claude-ide/sessions-landing.js | 9 ++++++--- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/public/claude-ide/projects.js b/public/claude-ide/projects.js index c7330292..cb64d10a 100644 --- a/public/claude-ide/projects.js +++ b/public/claude-ide/projects.js @@ -119,7 +119,9 @@ async function loadProjects() { try { projectsGrid.innerHTML = '
Loading projects...
'; - const response = await fetch('/api/projects'); + const response = await fetch('/api/projects', { + credentials: 'include' + }); if (!response.ok) { throw new Error(`HTTP error! status: ${response.status}`); } @@ -157,6 +159,7 @@ async function saveProject(projectData) { headers: { 'Content-Type': 'application/json' }, + credentials: 'include', body: JSON.stringify(projectData) }); @@ -199,7 +202,8 @@ async function deleteProject(projectId) { try { const response = await fetch(`/api/projects/${projectId}`, { - method: 'DELETE' + method: 'DELETE', + credentials: 'include' }); if (!response.ok) { @@ -222,7 +226,9 @@ async function deleteProject(projectId) { */ async function loadDeletedProjects() { try { - const response = await fetch('/api/projects?includeDeleted=true'); + const response = await fetch('/api/projects?includeDeleted=true', { + credentials: 'include' + }); if (!response.ok) { throw new Error(`HTTP error! status: ${response.status}`); } @@ -242,7 +248,8 @@ async function loadDeletedProjects() { async function restoreProject(projectId) { try { const response = await fetch(`/api/projects/${projectId}/restore`, { - method: 'POST' + method: 'POST', + credentials: 'include' }); if (!response.ok) { @@ -270,7 +277,8 @@ async function permanentDeleteProject(projectId) { try { const response = await fetch(`/api/projects/${projectId}/permanent`, { - method: 'DELETE' + method: 'DELETE', + credentials: 'include' }); if (!response.ok) { diff --git a/public/claude-ide/sessions-landing.js b/public/claude-ide/sessions-landing.js index 005b6e05..72d84d51 100644 --- a/public/claude-ide/sessions-landing.js +++ b/public/claude-ide/sessions-landing.js @@ -114,8 +114,8 @@ async function loadSessionsAndProjects() { try { // Fetch both sessions and projects in parallel const [sessionsRes, projectsRes] = await Promise.all([ - fetch('/claude/api/claude/sessions'), - fetch('/api/projects') + fetch('/claude/api/claude/sessions', { credentials: 'include' }), + fetch('/api/projects', { credentials: 'include' }) ]); if (!sessionsRes.ok) throw new Error('Failed to load sessions'); @@ -811,7 +811,9 @@ async function showSessionContextMenu(event, sessionId) { // Fetch project suggestions let suggestions = []; try { - const res = await fetch(`/api/projects/suggestions?sessionId=${sessionId}`); + const res = await fetch(`/api/projects/suggestions?sessionId=${sessionId}`, { + credentials: 'include' + }); if (res.ok) { const data = await res.json(); suggestions = data.suggestions || []; @@ -940,6 +942,7 @@ async function moveSessionToProject(sessionId, projectId) { const res = await fetch(`/api/projects/sessions/${sessionId}/move`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, + credentials: 'include', body: JSON.stringify({ projectId }) });