- index.html: load https://auth.queo.ru/widget.js
- auth.ts: openLogin() opens widget modal; useAuth() subscribes to widget
onAuthChange so login in any tab updates the app instantly. Falls back
to hosted login redirect if widget isn't loaded yet.
- App.tsx: render Landing page for unauthenticated state instead of
hard redirect. Display username; add Logout button to topbar and
Forbidden screen. Header uses username || email || sub.
- api.ts: throw ApiError(401) on 401 instead of redirecting — App.tsx
re-fetches /api/me and shows the landing.
- @doc-manager/shared AuthPayload: email is optional now, username and
displayName accepted. Backend /api/me returns username.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Claude
0c6deed98d