up.

index.html

@@ -128,6 +128,10 @@
         let isGenerating = false;
         let messageCount = 0;
         
+        // ---- OAuth configuration ----
+        const CLIENT_ID = document.querySelector('meta[name="hf-client-id"]')?.content;
+        const REDIRECT_URI = window.location.origin + window.location.pathname;
+        
         // Initialize
         document.addEventListener('DOMContentLoaded', async () => {
             await processRedirect();
@@ -185,7 +189,12 @@
         async function handleLogin() {
             try {
                 // Redirect user to Hugging Face OAuth page
-                const url = await oauthLoginUrl();
+                const url = await oauthLoginUrl({
+                    clientId: CLIENT_ID,
+                    redirectUri: REDIRECT_URI,
+                    // default scopes: openid profile; add inference-api so we can run models
+                    scopes: ['openid','profile','inference-api']
+                });
                 window.location.href = url;
             } catch (error) {
                 console.error("Login redirect error:", error);
@@ -350,7 +359,10 @@
         // Handle OAuth redirect result
         async function processRedirect() {
             try {
-                const oauthResult = await oauthHandleRedirectIfPresent();
+                const oauthResult = await oauthHandleRedirectIfPresent({
+                    clientId: CLIENT_ID,
+                    redirectUri: REDIRECT_URI
+                });
                 if (oauthResult) {
                     const token = oauthResult.accessToken;
                     const info = oauthResult.userInfo || {};