Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
dc1e0bfb28342c7cca0686168c06e6ddcc7d0f00
CapaKraken/apps/web/src/app/auth/signin/page.tsx
T
Hartmut dc1e0bfb28
CI / Architecture Guardrails (push) Failing after 2m25s
Details
CI / Lint (push) Has been cancelled
Details
CI / Unit Tests (push) Has been cancelled
Details
CI / Typecheck (push) Has started running
Details
CI / Assistant Split Regression (push) Has started running
Details
CI / Build (push) Has been cancelled
Details
CI / E2E Tests (push) Has been cancelled
Details
Release Image / Build And Push Images (push) Has been cancelled
Details
Docker Deploy Test / Fresh-Linux Docker Deploy (push) Has been cancelled
Details
fix(auth): use full-page navigation after sign-in to prevent stale dashboard 
router.refresh() + router.push() left the React tree (incl. QueryClient
with staleTime: 60_000 and cached pre-auth query errors) and the Next.js
Router Cache alive across the login boundary. This caused the recurring
bug where the dashboard rendered with empty widgets until the user
pressed Ctrl+R. A full-page navigation guarantees a fresh server request
with the new session cookie and a clean client state.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-12 10:00:07 +02:00

236 lines
9.4 KiB
TypeScript
Raw Blame History

"use client";
import Link from "next/link";
import { signIn } from "next-auth/react";
import { useRouter } from "next/navigation";
import { useRef, useState } from "react";
export default function SignInPage() {
const router = useRouter();
const [email, setEmail] = useState("");
const [password, setPassword] = useState("");
const [totp, setTotp] = useState("");
const [error, setError] = useState("");
const [loading, setLoading] = useState(false);
const [mfaRequired, setMfaRequired] = useState(false);
const totpInputRef = useRef<HTMLInputElement>(null);
async function handleSubmit(e: React.FormEvent) {
e.preventDefault();
setLoading(true);
setError("");
const result = await signIn("credentials", {
email,
password,
...(mfaRequired ? { totp } : {}),
redirect: false,
});
if (result?.error) {
// Auth.js v5: CredentialsSignin subclasses forward their `code` via
// SignInResponse.code (and sometimes also as result.error).
// Check both fields for compatibility across beta versions.
const code = result.code ?? result.error;
if (code === "MFA_REQUIRED_SETUP") {
// User's role requires MFA but it hasn't been set up yet — redirect to setup
setLoading(false);
router.push("/account/security?mfa_required=1");
return;
}
if (code === "MFA_REQUIRED") {
setMfaRequired(true);
setLoading(false);
// Focus the TOTP input after render
setTimeout(() => totpInputRef.current?.focus(), 100);
return;
}
if (code === "INVALID_TOTP") {
setError("Invalid verification code. Please try again.");
setTotp("");
setLoading(false);
return;
}
setError("Invalid email or password");
// Reset MFA state on credential error
if (mfaRequired) {
setMfaRequired(false);
setTotp("");
}
} else {
// Full-page navigation instead of router.push to guarantee a fresh
// server request with the new session cookie. Soft navigation keeps
// the React tree (incl. QueryClient with cached pre-auth errors and
// the Next.js Router Cache) alive, which caused the recurring bug
// where the dashboard rendered with empty widgets until the user
// pressed Ctrl+R. Skipping setLoading(false) prevents a visual flash
// while the navigation happens.
window.location.assign("/dashboard");
return;
}
setLoading(false);
}
function handleBackToLogin() {
setMfaRequired(false);
setTotp("");
setError("");
}
return (
<div className="min-h-screen bg-[radial-gradient(circle_at_top_left,rgba(255,255,255,0.9),transparent_26rem),linear-gradient(135deg,rgba(240,249,255,1),rgba(232,245,255,0.85)_40%,rgba(255,255,255,1))] px-4 py-12 dark:bg-[radial-gradient(circle_at_top_left,rgba(14,165,233,0.14),transparent_24rem),linear-gradient(180deg,rgba(12,17,29,1),rgba(10,15,25,1))]">
<div className="mx-auto grid w-full max-w-6xl gap-8 lg:grid-cols-[1.05fr,0.95fr]">
<div className="hidden rounded-[2rem] border border-white/70 bg-white/75 p-10 shadow-2xl backdrop-blur lg:flex lg:flex-col lg:justify-between dark:border-slate-800 dark:bg-slate-950/60">
<div>
<span className="inline-flex rounded-full border border-brand-200 bg-brand-50 px-3 py-1 text-[11px] font-semibold uppercase tracking-[0.18em] text-brand-700 dark:border-brand-900/50 dark:bg-brand-900/20 dark:text-brand-300">
CapaKraken Control Center
</span>
<h1 className="mt-6 font-display text-5xl font-semibold leading-tight text-gray-900 dark:text-gray-50">
Resource planning that stays readable under pressure.
</h1>
<p className="mt-5 max-w-xl text-lg text-gray-600 dark:text-gray-300">
Estimates, staffing, chargeability, and timelines in one workspace with sharper
structure for day-to-day planning.
</p>
</div>
<div className="grid gap-4 sm:grid-cols-3">
<div className="app-surface p-5">
<p className="app-label">Visibility</p>
<p className="text-sm text-gray-700 dark:text-gray-300">
Clearer data density, stronger contrast, faster scanning.
</p>
</div>
<div className="app-surface p-5">
<p className="app-label">Planning</p>
<p className="text-sm text-gray-700 dark:text-gray-300">
Dynamic staffing, resources, and chargeability in one flow.
</p>
</div>
<div className="app-surface p-5">
<p className="app-label">Control</p>
<p className="text-sm text-gray-700 dark:text-gray-300">
Theme-aware UI that works in bright and dark environments.
</p>
</div>
</div>
</div>
<div className="w-full max-w-md lg:ml-auto lg:max-w-lg">
<div className="app-surface-strong p-8">
<div className="mb-8">
<p className="text-xs font-semibold uppercase tracking-[0.18em] text-brand-600">
Welcome Back
</p>
<h2 className="mt-3 font-display text-4xl font-semibold text-gray-900 dark:text-gray-50">
{mfaRequired ? "Two-Factor Authentication" : "Sign in to CapaKraken"}
</h2>
<p className="mt-2 text-sm text-gray-500">
{mfaRequired
? "Enter the 6-digit code from your authenticator app."
: "Resource Planning, staffing, and forecasting."}
</p>
</div>
<form onSubmit={handleSubmit} className="space-y-4">
{error && (
<div className="rounded-2xl border border-red-200 bg-red-50 px-4 py-3 text-sm text-red-700 dark:border-red-900/60 dark:bg-red-950/40 dark:text-red-300">
{error}
</div>
)}
{!mfaRequired && (
<>
<div>
<label htmlFor="email" className="app-label">
Email
</label>
<input
id="email"
type="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
className="app-input"
placeholder="you@company.com"
required
/>
</div>
<div>
<div className="flex items-center justify-between mb-1">
<label htmlFor="password" className="app-label">
Password
</label>
<Link
href="/auth/forgot-password"
className="text-xs text-brand-600 hover:text-brand-700 dark:text-brand-400 dark:hover:text-brand-300"
>
Forgot password?
</Link>
</div>
<input
id="password"
type="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
className="app-input"
placeholder="--------"
required
autoComplete="current-password"
/>
</div>
</>
)}
{mfaRequired && (
<div>
<label htmlFor="totp" className="app-label">
Verification Code
</label>
<input
ref={totpInputRef}
id="totp"
type="text"
inputMode="numeric"
autoComplete="one-time-code"
maxLength={6}
pattern="[0-9]{6}"
value={totp}
onChange={(e) => setTotp(e.target.value.replace(/\D/g, "").slice(0, 6))}
className="app-input text-center text-2xl font-mono tracking-[0.4em]"
placeholder="000000"
required
/>
<p className="mt-2 text-xs text-gray-500 dark:text-gray-400">
Open your authenticator app (e.g. Google Authenticator, Authy) and enter the
current code.
</p>
</div>
)}
<button
type="submit"
disabled={loading || (mfaRequired && totp.length !== 6)}
className="w-full rounded-2xl bg-brand-600 px-4 py-3 text-sm font-semibold text-white shadow-lg shadow-brand-600/25 transition-colors hover:bg-brand-700 disabled:opacity-50"
>
{loading ? "Signing in..." : mfaRequired ? "Verify" : "Sign in"}
</button>
{mfaRequired && (
<button
type="button"
onClick={handleBackToLogin}
className="w-full text-center text-sm text-gray-500 hover:text-gray-700 dark:text-gray-400 dark:hover:text-gray-200"
>
Back to login
</button>
)}
</form>
</div>
</div>
</div>
</div>
);
}
Reference in New Issue View Git Blame Copy Permalink