feat: Auth and User System (#205)

* server-side JWT auth implementation * move oauth routes and strategies, fix bugs * backend modifications for wiring up the frontend login and reg forms * Add frontend data services for login and registration * Add login and registration forms * Implment auth context, functional client side auth * protect routes with jwt auth * finish local strategy (using local storage) * Start setting up google auth * disable token refresh, remove old auth middleware * refactor client, add ApiErrorBoundary context * disable google and facebook strategies * fix: fix presets not displaying specific to user * fix: fix issue with browser refresh * fix: casing issue with User.js (#11) * delete user.js to be renamed * fix: fix casing issue with User.js * comment out api error watcher temporarily * fix: issue with api error watcher (#12) * delete user.js to be renamed * fix: fix casing issue with User.js * comment out api error watcher temporarily * feat: add google auth social login * fix: make google login url dynamic based on dev/prod * fix: bug where UI is briefly displayed before redirecting to login * fix: fix cookie expires value for local auth * Update README.md * Update LOCAL_INSTALL structure * Add local testing instructions * Only load google strategy if client id and secret are provided * Update .env.example files with new params * fix issue with not redirecting to register form * only show google login button if value is set in .env * cleanup log messages * Add label to button for google login on login form * doc: fix client/server url values in .env.example * feat: add error message details to registration failure * Restore preventing paste on confirm password * auto-login user after registering * feat: forgot password (#24) * make login/reg pages look like openai's * add password reset data services * new form designs similar to openai, add password reset pages * add api's for password reset * email utils for password reset * remove bcrypt salt rounds from process.env * refactor: restructure api auth code, consolidate routes (#25) * add api's for password reset * remove bcrypt salt rounds from process.env * refactor: consolidate auth routes, use controller pattern * refactor: code cleanup * feat: migrate data to first user (#26) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes after refactor (#27) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: issue with auto-login when logging out then logging in with new browser window (#28) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: fix issue with auto-login in new tab * doc: Update README and .env.example files with user system information (#29) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: fix issue with auto-login in new tab * doc: update README and .env.example files * Fixup: LOCAL_INSTALL.md PS instructions (#200) (#30) Co-authored-by: alfredo-f <alfredo.fomitchenko@mail.polimi.it> * feat: send user with completion to protect against abuse (#31) * Fixup: LOCAL_INSTALL.md PS instructions (#200) * server-side JWT auth implementation * move oauth routes and strategies, fix bugs * backend modifications for wiring up the frontend login and reg forms * Add frontend data services for login and registration * Add login and registration forms * Implment auth context, functional client side auth * protect routes with jwt auth * finish local strategy (using local storage) * Start setting up google auth * disable token refresh, remove old auth middleware * refactor client, add ApiErrorBoundary context * disable google and facebook strategies * fix: fix presets not displaying specific to user * fix: fix issue with browser refresh * fix: casing issue with User.js (#11) * delete user.js to be renamed * fix: fix casing issue with User.js * comment out api error watcher temporarily * feat: add google auth social login * fix: make google login url dynamic based on dev/prod * fix: bug where UI is briefly displayed before redirecting to login * fix: fix cookie expires value for local auth * Only load google strategy if client id and secret are provided * Update .env.example files with new params * fix issue with not redirecting to register form * only show google login button if value is set in .env * cleanup log messages * Add label to button for google login on login form * doc: fix client/server url values in .env.example * feat: add error message details to registration failure * Restore preventing paste on confirm password * auto-login user after registering * feat: forgot password (#24) * make login/reg pages look like openai's * add password reset data services * new form designs similar to openai, add password reset pages * add api's for password reset * email utils for password reset * remove bcrypt salt rounds from process.env * refactor: restructure api auth code, consolidate routes (#25) * add api's for password reset * remove bcrypt salt rounds from process.env * refactor: consolidate auth routes, use controller pattern * refactor: code cleanup * feat: migrate data to first user (#26) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes after refactor (#27) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: issue with auto-login when logging out then logging in with new browser window (#28) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: fix issue with auto-login in new tab * doc: Update README and .env.example files with user system information (#29) * refactor: use /api for auth routes * fix: use user id instead of username * feat: migrate data to first user on register * fix: fix social login routes * fix: fix issue with auto-login in new tab * doc: update README and .env.example files * Send user id to openai to protect against abuse * add meilisearch to gitignore * Remove webpack --------- Co-authored-by: alfredo-f <alfredo.fomitchenko@mail.polimi.it> --------- Co-authored-by: Danny Avila <110412045+danny-avila@users.noreply.github.com> Co-authored-by: Alfredo Fomitchenko <alfredo.fomitchenko@mail.polimi.it>
2025-12-19 09:50:15 +01:00 · 2023-05-07 10:04:51 -07:00 · 2023-05-07 10:04:51 -07:00 · dac19038a3
commit dac19038a3
parent 65543eb084
68 changed files with 3968 additions and 3394 deletions
--- a/client/src/components/Auth/RequestPasswordReset.tsx
+++ b/client/src/components/Auth/RequestPasswordReset.tsx
@ -0,0 +1,115 @@
+import { useState } from "react";
+import { useForm } from "react-hook-form";
+import { useRequestPasswordResetMutation, TRequestPasswordReset } from "~/data-provider";
+
+function RequestPasswordReset() {
+  const {
+    register,
+    handleSubmit,
+    formState: { errors },
+  } = useForm<TRequestPasswordReset>();
+  const requestPasswordReset = useRequestPasswordResetMutation();
+  const [success, setSuccess] = useState<boolean>(false);
+  const [requestError, setRequestError] = useState<boolean>(false);
+  const [resetLink, setResetLink] = useState<string>("");
+
+  const onSubmit = (data: TRequestPasswordReset) => {
+    requestPasswordReset.mutate(data, {
+      onSuccess: (data) => {
+        setSuccess(true);
+        setResetLink(data.link);
+      },
+      onError: () => {
+        setRequestError(true);
+        setTimeout(() => {
+          setRequestError(false);
+        }, 5000);
+      }
+    });
+  };
+
+  return (
+    <div className="flex min-h-screen flex-col items-center pt-6 justify-center sm:pt-0 bg-white">
+      <div className="mt-6 overflow-hidden bg-white px-6 py-4 sm:max-w-md sm:rounded-lg w-96">
+        <h1 className="text-center text-3xl font-semibold mb-4">
+          Reset your password
+        </h1>
+        {success && (
+          <div
+            className="mt-4 bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded relative"
+            role="alert"
+          >
+            Click <a className="text-green-600 hover:underline" href={resetLink}>HERE</a> to reset your password.
+            {/* An email has been sent with instructions on how to reset your password. */}
+          </div>
+        )}
+        {requestError && (
+          <div
+            className="mt-4 bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative"
+            role="alert"
+          >
+           There was a problem resetting your password. There was no user found with the email address provided. Please try again.
+          </div>
+        )}
+        <form
+          className="mt-6"
+          aria-label="Password reset form"
+          method="POST"
+          onSubmit={handleSubmit(onSubmit)}
+        >
+          <div className="mb-2">
+            <div className="relative">
+            <input
+                type="email"
+                id="email"
+                autoComplete="off"
+                aria-label="Email"
+                {...register("email", {
+                  required: "Email is required",
+                  minLength: {
+                    value: 3,
+                    message: "Email must be at least 6 characters",
+                  },
+                  maxLength: {
+                    value: 120,
+                    message: "Email should not be longer than 120 characters",
+                  },
+                  pattern: {
+                    value: /\S+@\S+\.\S+/,
+                    message: "You must enter a valid email address",
+                  },
+                })}
+                aria-invalid={!!errors.email}
+                className="block rounded-t-md px-2.5 pb-2.5 pt-5 w-full text-sm text-gray-900 bg-gray-50 border-0 border-b-2 border-gray-300 appearance-none focus:outline-none focus:ring-0 focus:border-green-500 peer"
+                placeholder=" "
+              ></input>
+              <label
+                htmlFor="email"
+                className="absolute text-gray-500 duration-300 transform -translate-y-4 scale-75 top-4 z-10 origin-[0] left-2.5 peer-focus:text-green-500 peer-placeholder-shown:scale-100 peer-placeholder-shown:translate-y-0 peer-focus:scale-75 peer-focus:-translate-y-4"
+              >
+                Email address
+              </label>
+            </div>
+            {errors.email && (
+              <span role="alert" className="mt-1 text-sm text-red-600">
+                {/* @ts-ignore */}
+                {errors.email.message}
+              </span>
+            )}
+          </div>
+          <div className="mt-6">
+            <button
+              type="submit"
+              disabled={ !!errors.email }
+              className="w-full py-2 px-4 border border-transparent rounded-sm shadow-sm text-sm font-medium text-white bg-green-500 hover:bg-green-600 focus:outline-none active:bg-green-500"
+            >
+              Continue
+            </button>
+          </div>
+        </form>
+      </div>
+    </div>
+  );
+}
+
+export default RequestPasswordReset;