Update: nueva version Horux Despachos

apps/web/lib/api/client.ts

@@ -0,0 +1,79 @@
+import axios from 'axios';
+
+export const apiClient = axios.create({
+  baseURL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:4000/api',
+  headers: {
+    'Content-Type': 'application/json',
+  },
+});
+
+apiClient.interceptors.request.use((config) => {
+  if (typeof window !== 'undefined') {
+    const token = localStorage.getItem('accessToken');
+    if (token) {
+      config.headers.Authorization = `Bearer ${token}`;
+    }
+
+    // Add viewing tenant header for admin users
+    const tenantViewStore = localStorage.getItem('horux-tenant-view');
+    if (tenantViewStore) {
+      try {
+        const { state } = JSON.parse(tenantViewStore);
+        if (state?.viewingTenantId) {
+          config.headers['X-View-Tenant'] = state.viewingTenantId;
+        }
+      } catch {
+        // Ignore parse errors
+      }
+    }
+  }
+  return config;
+});
+
+apiClient.interceptors.response.use(
+  (response) => response,
+  async (error) => {
+    const originalRequest = error.config;
+
+    // Rate limit hit. El backend envía { message } — lo preservamos para que los
+    // try/catch existentes (que leen err.response.data.message) muestren la razón
+    // correcta. Además mostramos un alert visible como fallback si nadie maneja.
+    if (error.response?.status === 429) {
+      const msg =
+        error.response?.data?.message ||
+        'Demasiadas solicitudes. Espera unos minutos e intenta de nuevo.';
+      if (typeof window !== 'undefined' && !originalRequest?._rateLimitHandled) {
+        originalRequest._rateLimitHandled = true;
+        console.warn('[rate-limit]', msg);
+      }
+      return Promise.reject(error);
+    }
+
+    if (error.response?.status === 401 && !originalRequest._retry) {
+      originalRequest._retry = true;
+
+      try {
+        const refreshToken = localStorage.getItem('refreshToken');
+        if (refreshToken) {
+          const response = await axios.post(
+            `${process.env.NEXT_PUBLIC_API_URL || 'http://localhost:4000/api'}/auth/refresh`,
+            { refreshToken }
+          );
+
+          const { accessToken, refreshToken: newRefreshToken } = response.data;
+          localStorage.setItem('accessToken', accessToken);
+          localStorage.setItem('refreshToken', newRefreshToken);
+
+          originalRequest.headers.Authorization = `Bearer ${accessToken}`;
+          return apiClient(originalRequest);
+        }
+      } catch {
+        localStorage.removeItem('accessToken');
+        localStorage.removeItem('refreshToken');
+        window.location.href = '/login';
+      }
+    }
+
+    return Promise.reject(error);
+  }
+);