import React, { useState, useEffect } from "react"; import { cn } from "@/lib/utils.ts"; import { Button } from "@/components/ui/button.tsx"; import { Input } from "@/components/ui/input.tsx"; import { PasswordInput } from "@/components/ui/password-input.tsx"; import { Label } from "@/components/ui/label.tsx"; import { Alert, AlertTitle, AlertDescription } from "@/components/ui/alert.tsx"; import { useTranslation } from "react-i18next"; import { LanguageSwitcher } from "@/ui/Desktop/User/LanguageSwitcher.tsx"; import { registerUser, loginUser, getUserInfo, getRegistrationAllowed, getOIDCConfig, getSetupRequired, initiatePasswordReset, verifyPasswordResetCode, completePasswordReset, getOIDCAuthorizeUrl, verifyTOTPLogin, setCookie, getCookie, getServerConfig, isElectron, } from "../../main-axios.ts"; import { ServerConfig as ServerConfigComponent } from "@/ui/Desktop/Electron Only/ServerConfig.tsx"; interface HomepageAuthProps extends React.ComponentProps<"div"> { setLoggedIn: (loggedIn: boolean) => void; setIsAdmin: (isAdmin: boolean) => void; setUsername: (username: string | null) => void; setUserId: (userId: string | null) => void; loggedIn: boolean; authLoading: boolean; dbError: string | null; setDbError: (error: string | null) => void; onAuthSuccess: (authData: { isAdmin: boolean; username: string | null; userId: string | null; }) => void; } export function HomepageAuth({ className, setLoggedIn, setIsAdmin, setUsername, setUserId, loggedIn, authLoading, dbError, setDbError, onAuthSuccess, ...props }: HomepageAuthProps) { const { t } = useTranslation(); const [tab, setTab] = useState<"login" | "signup" | "external" | "reset">( "login", ); const [localUsername, setLocalUsername] = useState(""); const [password, setPassword] = useState(""); const [signupConfirmPassword, setSignupConfirmPassword] = useState(""); const [loading, setLoading] = useState(false); const [oidcLoading, setOidcLoading] = useState(false); const [visibility, setVisibility] = useState({ password: false, signupConfirm: false, resetNew: false, resetConfirm: false, }); const toggleVisibility = (field: keyof typeof visibility) => { setVisibility((prev) => ({ ...prev, [field]: !prev[field] })); }; const [error, setError] = useState(null); const [internalLoggedIn, setInternalLoggedIn] = useState(false); const [firstUser, setFirstUser] = useState(false); const [registrationAllowed, setRegistrationAllowed] = useState(true); const [oidcConfigured, setOidcConfigured] = useState(false); const [resetStep, setResetStep] = useState< "initiate" | "verify" | "newPassword" >("initiate"); const [resetCode, setResetCode] = useState(""); const [newPassword, setNewPassword] = useState(""); const [confirmPassword, setConfirmPassword] = useState(""); const [tempToken, setTempToken] = useState(""); const [resetLoading, setResetLoading] = useState(false); const [resetSuccess, setResetSuccess] = useState(false); const [totpRequired, setTotpRequired] = useState(false); const [totpCode, setTotpCode] = useState(""); const [totpTempToken, setTotpTempToken] = useState(""); const [totpLoading, setTotpLoading] = useState(false); useEffect(() => { setInternalLoggedIn(loggedIn); }, [loggedIn]); useEffect(() => { getRegistrationAllowed().then((res) => { setRegistrationAllowed(res.allowed); }); }, []); useEffect(() => { getOIDCConfig() .then((response) => { if (response) { setOidcConfigured(true); } else { setOidcConfigured(false); } }) .catch((error) => { if (error.response?.status === 404) { setOidcConfigured(false); } else { setOidcConfigured(false); } }); }, []); useEffect(() => { getSetupRequired() .then((res) => { if (res.setup_required) { setFirstUser(true); setTab("signup"); } else { setFirstUser(false); } setDbError(null); }) .catch(() => { setDbError(t("errors.databaseConnection")); }); }, [setDbError]); async function handleSubmit(e: React.FormEvent) { e.preventDefault(); setError(null); setLoading(true); if (!localUsername.trim()) { setError(t("errors.requiredField")); setLoading(false); return; } try { let res, meRes; if (tab === "login") { res = await loginUser(localUsername, password); } else { if (password !== signupConfirmPassword) { setError(t("errors.passwordMismatch")); setLoading(false); return; } if (password.length < 6) { setError(t("errors.minLength", { min: 6 })); setLoading(false); return; } await registerUser(localUsername, password); res = await loginUser(localUsername, password); } if (res.requires_totp) { setTotpRequired(true); setTotpTempToken(res.temp_token); setLoading(false); return; } if (!res || !res.token) { throw new Error(t("errors.noTokenReceived")); } setCookie("jwt", res.token); // DEBUG: Verify JWT was set correctly const verifyJWT = getCookie("jwt"); console.log("JWT Set Debug:", { originalToken: res.token.substring(0, 20) + "...", retrievedToken: verifyJWT ? verifyJWT.substring(0, 20) + "..." : null, match: res.token === verifyJWT, tokenLength: res.token.length, retrievedLength: verifyJWT?.length || 0 }); [meRes] = await Promise.all([getUserInfo()]); setInternalLoggedIn(true); setLoggedIn(true); setIsAdmin(!!meRes.is_admin); setUsername(meRes.username || null); setUserId(meRes.id || null); setDbError(null); onAuthSuccess({ isAdmin: !!meRes.is_admin, username: meRes.username || null, userId: meRes.id || null, }); setInternalLoggedIn(true); if (tab === "signup") { setSignupConfirmPassword(""); } setTotpRequired(false); setTotpCode(""); setTotpTempToken(""); } catch (err: any) { setError( err?.response?.data?.error || err?.message || t("errors.unknownError"), ); setInternalLoggedIn(false); setLoggedIn(false); setIsAdmin(false); setUsername(null); setUserId(null); setCookie("jwt", "", -1); if (err?.response?.data?.error?.includes("Database")) { setDbError(t("errors.databaseConnection")); } else { setDbError(null); } } finally { setLoading(false); } } async function handleInitiatePasswordReset() { setError(null); setResetLoading(true); try { const result = await initiatePasswordReset(localUsername); setResetStep("verify"); setError(null); } catch (err: any) { setError( err?.response?.data?.error || err?.message || t("errors.failedPasswordReset"), ); } finally { setResetLoading(false); } } async function handleVerifyResetCode() { setError(null); setResetLoading(true); try { const response = await verifyPasswordResetCode(localUsername, resetCode); setTempToken(response.tempToken); setResetStep("newPassword"); setError(null); } catch (err: any) { setError(err?.response?.data?.error || t("errors.failedVerifyCode")); } finally { setResetLoading(false); } } async function handleCompletePasswordReset() { setError(null); setResetLoading(true); if (newPassword !== confirmPassword) { setError(t("errors.passwordMismatch")); setResetLoading(false); return; } if (newPassword.length < 6) { setError(t("errors.minLength", { min: 6 })); setResetLoading(false); return; } try { await completePasswordReset(localUsername, tempToken, newPassword); setResetStep("initiate"); setResetCode(""); setNewPassword(""); setConfirmPassword(""); setTempToken(""); setError(null); setResetSuccess(true); } catch (err: any) { setError(err?.response?.data?.error || t("errors.failedCompleteReset")); } finally { setResetLoading(false); } } function resetPasswordState() { setResetStep("initiate"); setResetCode(""); setNewPassword(""); setConfirmPassword(""); setTempToken(""); setError(null); setResetSuccess(false); setSignupConfirmPassword(""); } function clearFormFields() { setPassword(""); setSignupConfirmPassword(""); setError(null); } async function handleTOTPVerification() { if (totpCode.length !== 6) { setError(t("auth.enterCode")); return; } setError(null); setTotpLoading(true); try { const res = await verifyTOTPLogin(totpTempToken, totpCode); if (!res || !res.token) { throw new Error(t("errors.noTokenReceived")); } setCookie("jwt", res.token); const meRes = await getUserInfo(); setInternalLoggedIn(true); setLoggedIn(true); setIsAdmin(!!meRes.is_admin); setUsername(meRes.username || null); setUserId(meRes.id || null); setDbError(null); onAuthSuccess({ isAdmin: !!meRes.is_admin, username: meRes.username || null, userId: meRes.id || null, }); setInternalLoggedIn(true); setTotpRequired(false); setTotpCode(""); setTotpTempToken(""); } catch (err: any) { setError( err?.response?.data?.error || err?.message || t("errors.invalidTotpCode"), ); } finally { setTotpLoading(false); } } async function handleOIDCLogin() { setError(null); setOidcLoading(true); try { const authResponse = await getOIDCAuthorizeUrl(); const { auth_url: authUrl } = authResponse; if (!authUrl || authUrl === "undefined") { throw new Error(t("errors.invalidAuthUrl")); } window.location.replace(authUrl); } catch (err: any) { setError( err?.response?.data?.error || err?.message || t("errors.failedOidcLogin"), ); setOidcLoading(false); } } useEffect(() => { const urlParams = new URLSearchParams(window.location.search); const success = urlParams.get("success"); const token = urlParams.get("token"); const error = urlParams.get("error"); if (error) { setError(`${t("errors.oidcAuthFailed")}: ${error}`); setOidcLoading(false); window.history.replaceState({}, document.title, window.location.pathname); return; } if (success && token) { setOidcLoading(true); setError(null); setCookie("jwt", token); getUserInfo() .then((meRes) => { setInternalLoggedIn(true); setLoggedIn(true); setIsAdmin(!!meRes.is_admin); setUsername(meRes.username || null); setUserId(meRes.id || null); setDbError(null); onAuthSuccess({ isAdmin: !!meRes.is_admin, username: meRes.username || null, userId: meRes.id || null, }); setInternalLoggedIn(true); window.history.replaceState( {}, document.title, window.location.pathname, ); }) .catch((err) => { setError(t("errors.failedUserInfo")); setInternalLoggedIn(false); setLoggedIn(false); setIsAdmin(false); setUsername(null); setUserId(null); setCookie("jwt", "", -1); window.history.replaceState( {}, document.title, window.location.pathname, ); }) .finally(() => { setOidcLoading(false); }); } }, []); const Spinner = ( ); const [showServerConfig, setShowServerConfig] = useState( null, ); const [currentServerUrl, setCurrentServerUrl] = useState(""); useEffect(() => { const checkServerConfig = async () => { if (isElectron()) { try { const config = await getServerConfig(); setCurrentServerUrl(config?.serverUrl || ""); setShowServerConfig(!config || !config.serverUrl); } catch (error) { setShowServerConfig(true); } } else { setShowServerConfig(false); } }; checkServerConfig(); }, []); if (showServerConfig === null) { return (
); } if (showServerConfig) { return (
{ window.location.reload(); }} onCancel={() => { setShowServerConfig(false); }} isFirstTime={!currentServerUrl} />
); } return (
{dbError && ( Error {dbError} )} {firstUser && !dbError && !internalLoggedIn && ( {t("auth.firstUser")} {t("auth.firstUserMessage")}{" "} GitHub Issue . )} {!registrationAllowed && !internalLoggedIn && ( {t("auth.registerTitle")} {t("messages.registrationDisabled")} )} {totpRequired && (

{t("auth.twoFactorAuth")}

{t("auth.enterCode")}

setTotpCode(e.target.value.replace(/\D/g, ""))} disabled={totpLoading} className="text-center text-2xl tracking-widest font-mono" autoComplete="one-time-code" />

{t("auth.backupCode")}

)} {!internalLoggedIn && (!authLoading || !getCookie("jwt")) && !totpRequired && ( <>
{oidcConfigured && ( )}

{tab === "login" ? t("auth.loginTitle") : tab === "signup" ? t("auth.registerTitle") : tab === "external" ? t("auth.loginWithExternal") : t("auth.forgotPassword")}

{tab === "external" || tab === "reset" ? (
{tab === "external" && ( <>

{t("auth.loginWithExternalDesc")}

{(() => { if (isElectron()) { return (

{t("auth.externalNotSupportedInElectron")}

); } else { return ( ); } })()} )} {tab === "reset" && ( <> {resetStep === "initiate" && ( <>

{t("auth.resetCodeDesc")}

setLocalUsername(e.target.value)} disabled={resetLoading} />
)} {resetStep === "verify" && ( <> o

{t("auth.enterResetCode")}{" "} {localUsername}

setResetCode(e.target.value.replace(/\D/g, "")) } disabled={resetLoading} placeholder="000000" />
)} {resetSuccess && ( <> {t("auth.passwordResetSuccess")} {t("auth.passwordResetSuccessDesc")} )} {resetStep === "newPassword" && !resetSuccess && ( <>

{t("auth.enterNewPassword")}{" "} {localUsername}

setNewPassword(e.target.value)} disabled={resetLoading} autoComplete="new-password" />
setConfirmPassword(e.target.value) } disabled={resetLoading} autoComplete="new-password" />
)} )}
) : (
setLocalUsername(e.target.value)} disabled={loading || internalLoggedIn} />
setPassword(e.target.value)} disabled={loading || internalLoggedIn} />
{tab === "signup" && (
setSignupConfirmPassword(e.target.value)} disabled={loading || internalLoggedIn} />
)} {tab === "login" && ( )}
)}
{isElectron() && currentServerUrl && (
{currentServerUrl}
)}
)} {error && ( Error {error} )}
); }