diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminBase.cs b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminBase.cs
index 75c9be8e..79522cb9 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminBase.cs
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminBase.cs
@@ -10,6 +10,18 @@ namespace WebClientTpos.Client.Pages.Admin;
public abstract class AdminBase : ComponentBase
{
[Inject] protected NavigationManager NavigationManager { get; set; } = default!;
+ [Inject] protected Services.AuthService AuthService { get; set; } = default!;
+
+ ///
+ /// EN: Restore auth session from localStorage so API calls have JWT token.
+ /// Subclasses that override OnInitializedAsync MUST call base.OnInitializedAsync().
+ /// VI: Khôi phục session auth từ localStorage để API calls có JWT token.
+ /// Các lớp con override OnInitializedAsync PHẢI gọi base.OnInitializedAsync().
+ ///
+ protected override async Task OnInitializedAsync()
+ {
+ await AuthService.TryRestoreSessionAsync();
+ }
///
/// EN: Page title shown in topbar.
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminSettings.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminSettings.razor
index 20b44918..1adf0f15 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminSettings.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/AdminSettings.razor
@@ -222,6 +222,7 @@
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
try
{
var shops = await DataService.GetShopsAsync();
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Dashboard.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Dashboard.razor
index f1aba2b8..337e5df6 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Dashboard.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Dashboard.razor
@@ -204,6 +204,7 @@
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
IsLoading = true;
try
{
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopOverview.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopOverview.razor
index c6028bbb..3a149cb7 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopOverview.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopOverview.razor
@@ -232,6 +232,7 @@
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
IsLoading = true;
try
{
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopPage.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopPage.razor
index c346c32e..f6eb8742 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopPage.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Shop/ShopPage.razor
@@ -2055,7 +2055,11 @@
private string? _recipeFormMessage;
private bool _recipeFormSuccess;
- protected override async Task OnInitializedAsync() => await LoadData();
+ protected override async Task OnInitializedAsync()
+ {
+ await base.OnInitializedAsync();
+ await LoadData();
+ }
protected override async Task OnParametersSetAsync()
{
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/RolePermissions.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/RolePermissions.razor
index d0e8e0d4..a5e6c3bd 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/RolePermissions.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/RolePermissions.razor
@@ -214,6 +214,7 @@ else
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
await LoadRoles();
}
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/UserManagement.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/UserManagement.razor
index c83922c9..1ee8f489 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/UserManagement.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Staff/UserManagement.razor
@@ -252,6 +252,7 @@ else
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
await LoadData();
}
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Store/StoreList.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Store/StoreList.razor
index b9992dea..dcdec77e 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Store/StoreList.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/Store/StoreList.razor
@@ -194,7 +194,11 @@
|| (s.Slug?.Contains(SearchQuery, StringComparison.OrdinalIgnoreCase) ?? false)
|| (s.Category?.Contains(SearchQuery, StringComparison.OrdinalIgnoreCase) ?? false));
- protected override async Task OnInitializedAsync() => await LoadData();
+ protected override async Task OnInitializedAsync()
+ {
+ await base.OnInitializedAsync();
+ await LoadData();
+ }
private async Task LoadData()
{
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/AuditLog.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/AuditLog.razor
index dfff8eca..f11abfc0 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/AuditLog.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/AuditLog.razor
@@ -132,6 +132,7 @@ else
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
try { _logs = await IamService.GetAuditLogsAsync(); }
catch { _logs = new(); }
finally { _loading = false; }
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/DeviceManagement.razor b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/DeviceManagement.razor
index 72feafd5..a1718a1e 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/DeviceManagement.razor
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Pages/Admin/SystemAdmin/DeviceManagement.razor
@@ -71,6 +71,7 @@
protected override async Task OnInitializedAsync()
{
+ await base.OnInitializedAsync();
IsLoading = true;
try { _devices = await DataService.GetDevicesAsync(); }
catch { } finally { IsLoading = false; }
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Server/Infrastructure/BffHttpClient.cs b/apps/web-client-tpos-net/src/WebClientTpos.Server/Infrastructure/BffHttpClient.cs
index dd017884..1258cce9 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Server/Infrastructure/BffHttpClient.cs
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Server/Infrastructure/BffHttpClient.cs
@@ -11,10 +11,12 @@ namespace WebClientTpos.Server.Infrastructure;
public class AuthForwardingHandler : DelegatingHandler
{
private readonly IHttpContextAccessor _httpContextAccessor;
+ private readonly ILogger _logger;
- public AuthForwardingHandler(IHttpContextAccessor httpContextAccessor)
+ public AuthForwardingHandler(IHttpContextAccessor httpContextAccessor, ILogger logger)
{
_httpContextAccessor = httpContextAccessor;
+ _logger = logger;
}
protected override Task SendAsync(
@@ -23,8 +25,15 @@ public class AuthForwardingHandler : DelegatingHandler
var incomingRequest = _httpContextAccessor.HttpContext?.Request;
if (incomingRequest?.Headers.ContainsKey("Authorization") == true)
{
- request.Headers.TryAddWithoutValidation(
- "Authorization", incomingRequest.Headers["Authorization"].ToString());
+ var authHeader = incomingRequest.Headers["Authorization"].ToString();
+ request.Headers.TryAddWithoutValidation("Authorization", authHeader);
+ _logger.LogDebug("EN: Auth header forwarded ({Length} chars) to {Uri}",
+ authHeader.Length, request.RequestUri);
+ }
+ else
+ {
+ _logger.LogWarning("EN: No Authorization header found in incoming request for {Uri}. HttpContext null: {IsNull}",
+ request.RequestUri, _httpContextAccessor.HttpContext == null);
}
return base.SendAsync(request, cancellationToken);
}