This fixes the "Authorization header required for API calls" error during
vendor onboarding after signup.
Changes:
- Generate JWT access token on signup completion
- Set vendor_token cookie for page navigation
- Return access_token in signup response for localStorage
- Store vendor_token in localStorage after signup completion
- Make clearTokens() context-aware to prevent cross-portal interference
- Fix vendor logout to not clear admin/customer tokens
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Extended path-based token selection to include customer tokens:
- /shop/* routes now use customer_token
- Fallback order: admin_token || vendor_token || customer_token
This ensures the correct token is used when logged into multiple
portals (admin, vendor, customer) simultaneously.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The apiClient.getToken() now detects the current path to select
the appropriate token:
- /vendor/* routes use vendor_token
- /admin/* routes use admin_token
This fixes the "Vendor access only" error when logged in as both
admin and vendor in different browser tabs.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
