hardening

frontend/app/lib/auth.ts

@@ -23,3 +23,37 @@ export const authFetch = (input: RequestInfo | URL, init?: RequestInit) => {
   }
   return fetch(input, { ...init, headers })
 }
+
+export class UnauthorizedError extends Error {
+  constructor() {
+    super('Unauthorized')
+    this.name = 'UnauthorizedError'
+  }
+}
+
+export class ForbiddenError extends Error {
+  constructor() {
+    super('Forbidden')
+    this.name = 'ForbiddenError'
+  }
+}
+
+export const authFetchOrThrow = async (input: RequestInfo | URL, init?: RequestInit) => {
+  const response = await authFetch(input, init)
+  if (response.status === 401) {
+    clearToken()
+    throw new UnauthorizedError()
+  }
+  if (response.status === 403) {
+    throw new ForbiddenError()
+  }
+  return response
+}
+
+export const readResponseText = async (response: Response) => {
+  try {
+    return (await response.text()).trim()
+  } catch {
+    return ''
+  }
+}