ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(expense): authenticated receipt download + correct delete confirm

Browse Source 
The receipt <a href target=_blank> was an unauthenticated browser navigation
that the API's [Authorize] rejects with 401. Replace with a HttpClient blob
download (downloadReceipt) so the auth interceptor attaches the JWT, opened
via an object URL. Also fix the delete button: confirm() must run inside the
component method (matching givings-page), not as a template expression where
confirm is not a component member.
This commit is contained in:
Chris Chen
2026-05-29 18:51:04 -07:00
parent 18b9707e44
commit 4704d33b4a
3 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
APP/src/app/features/expense/services/expense-api.service.ts
+8 -1
View File
@@ -41,5 +41,12 @@ export class ExpenseApiService {
const form = new FormData(); form.append('file', file);
return this.http.post<void>(`${this.endpoint}/${id}/receipt`, form);
}
receiptUrl(id: number): string { return `${this.endpoint}/${id}/receipt`; }
/**
* Fetches the receipt as a Blob via HttpClient so the auth interceptor attaches
* the JWT. A plain <a href> / window.open on the API URL would be an unauthenticated
* browser navigation and the API's [Authorize] would reject it with 401.
*/
downloadReceipt(id: number): Observable<Blob> {
return this.http.get(`${this.endpoint}/${id}/receipt`, { responseType: 'blob' });
}
}