Hide content actions when not creator. Adds token introspection in authStore.

src/stores/authStore.js

@@ -3,17 +3,31 @@ import {computed, ref} from "vue";
 import {useRouter} from "vue-router";
 import {useClient} from "@/plugins/api.js";
 import {useSessionStorage} from "@vueuse/core";
+import {jwtDecode} from "jwt-decode";
+
+function getClaimsFromToken(token) {
+    try {
+        return jwtDecode(token);
+    } catch (error) {
+        console.error('Invalid token:', error);
+        return null;
+    }
+}
 
 export const useAuthStore = defineStore(
     'auth',
     () => {
         const clientApi = useClient()
         const router = useRouter()
-   
+
         const accessToken = useSessionStorage('auth-accessToken', undefined)
         const refreshToken = useSessionStorage('auth-refreshToken', undefined)
-        
+
         const isAuthenticated = computed(() => !!accessToken.value)
+        const userId = computed(() => {
+            const claims = getClaimsFromToken(accessToken.value)
+            return claims.sub;
+        })
 
         function updateTokens(data) {
             accessToken.value = data.accessToken
@@ -81,6 +95,6 @@ export const useAuthStore = defineStore(
             }
         }
 
-        return {accessToken, refreshToken, isAuthenticated, login, loginGoogle, logout}
+        return {accessToken, refreshToken, isAuthenticated, userId, login, loginGoogle, logout}
     })