mirror of
https://github.com/screentinker/screentinker.git
synced 2026-06-15 10:43:36 -06:00
399af54839
Slice 2C: hash route #/accept-invite/{id} with full flow support across
all six auth entry points (login/register/Google/Microsoft/support/setup)
via app-boot consumer pattern rather than per-handler hooks. Stash
mechanism uses localStorage with timestamp + staleness check
(INVITE_EXPIRY_DAYS_FRONTEND = 7, mirrors backend default). On success:
switch workspace, reload, show toast post-reload via scoped
pending_invite_toast key. On error: showToast directly, no reload.
Non-reentrant guard prevents double-consume across the synthetic
hashchange that fires before reload completes.
Two bugs surfaced during Playwright-driven verification (slice 1 left
two latent issues that only manifested when the full accept-invite
flow ran end-to-end):
1. Email URL path: workspaces.js constructed
${publicBase}/#/accept-invite/X which lands on the marketing landing
page (the SPA is at /app). Fixed to use
${publicBase}/app#/accept-invite/X. Any invite email sent before
this fix would have produced an unfollowable link.
2. Synchronous hashchange race: location.hash = '#/' followed by
reload() fires hashchange BEFORE the reload unloads the page. The
intermediate route() call would consume the toast key against a DOM
about to be destroyed, so the post-reload page had no toast. Fixed
with history.replaceState which mutates hash without firing
hashchange.
Files:
- server/routes/workspaces.js (+4/-1, /app path fix + comment)
- frontend/js/api.js (+3 LOC, acceptInvite helper)
- frontend/js/app.js (+154 LOC, accept-invite plumbing)
- frontend/js/i18n/en.js (+9 LOC, accept.* keys)
Browser verification: 11/11 assertions PASS via Playwright suite
covering all 5 D-cases (unauthed flow, authed direct, wrong account,
stale stash, already-member). Script stashed at
~/Documents/screentinker-2c-playwright-2026-05.py.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
539 lines
21 KiB
JavaScript
539 lines
21 KiB
JavaScript
import { connectSocket } from './socket.js';
|
|
import * as dashboard from './views/dashboard.js';
|
|
import * as deviceDetail from './views/device-detail.js';
|
|
import * as contentLibrary from './views/content-library.js';
|
|
import * as settings from './views/settings.js';
|
|
import * as login from './views/login.js';
|
|
import * as billing from './views/billing.js';
|
|
import * as layoutEditor from './views/layout-editor.js';
|
|
import * as schedule from './views/schedule.js';
|
|
import * as widgets from './views/widgets.js';
|
|
import * as videoWall from './views/video-wall.js';
|
|
import * as reports from './views/reports.js';
|
|
import * as activity from './views/activity.js';
|
|
import * as kiosk from './views/kiosk.js';
|
|
import * as onboarding from './views/onboarding.js';
|
|
import * as help from './views/help.js';
|
|
import * as teams from './views/teams.js';
|
|
import * as admin from './views/admin.js';
|
|
import * as adminPlayerDebug from './views/admin-player-debug.js';
|
|
import * as designer from './views/designer.js';
|
|
import * as playlists from './views/playlists.js';
|
|
import * as workspaceMembers from './views/workspace-members.js';
|
|
import { applyBranding } from './branding.js';
|
|
import { t } from './i18n.js';
|
|
import { isPlatformAdmin } from './utils.js';
|
|
import { renderWorkspaceSwitcher } from './components/workspace-switcher.js';
|
|
import { showToast } from './components/toast.js';
|
|
import { api } from './api.js';
|
|
|
|
const app = document.getElementById('app');
|
|
const sidebar = document.querySelector('.sidebar');
|
|
let currentView = null;
|
|
|
|
// ==================== Slice 2C: accept-invite plumbing ====================
|
|
//
|
|
// Flow shape (covers all six auth entry points - login, register, support,
|
|
// Google, Microsoft, first-user-setup - because they all funnel through
|
|
// onAuthSuccess() in login.js which calls window.location.reload()):
|
|
//
|
|
// 1. Hash route #/accept-invite/{id}:
|
|
// - unauthed: stash inviteId in localStorage, redirect to login
|
|
// - authed: call consumeAcceptInvite() directly (no stash)
|
|
// 2. App boot (every route() call once auth checks pass): if a valid
|
|
// non-stale stash is present, fire consumeAcceptInvite. After login
|
|
// reload lands here and picks it up automatically.
|
|
// 3. consumeAcceptInvite on success: stash toast text, switch workspace,
|
|
// reload. Reload re-fires route() which picks up the toast stash and
|
|
// shows it on dashboard. Reload is needed for the new JWT/socket/
|
|
// sidebar /me to pick up the new workspace context.
|
|
// 4. consumeAcceptInvite on error: showToast directly + clear stash.
|
|
// No reload (no state change to propagate).
|
|
|
|
const PENDING_INVITE_KEY = 'pending_invite';
|
|
const PENDING_INVITE_TOAST_KEY = 'pending_invite_toast';
|
|
// Mirrors the backend INVITE_EXPIRY_DAYS default (7). If an operator changes
|
|
// the backend default, this should be updated to match - tracked in handoff.
|
|
const INVITE_EXPIRY_DAYS_FRONTEND = 7;
|
|
|
|
// Non-reentrant guard: route() can fire multiple times (hashchange events).
|
|
// Once consume is in flight, additional calls no-op until reload completes.
|
|
let _acceptInFlight = false;
|
|
|
|
function stashPendingInvite(inviteId) {
|
|
localStorage.setItem(PENDING_INVITE_KEY, JSON.stringify({
|
|
inviteId,
|
|
stashedAt: Math.floor(Date.now() / 1000),
|
|
}));
|
|
}
|
|
|
|
function readPendingInvite() {
|
|
const raw = localStorage.getItem(PENDING_INVITE_KEY);
|
|
if (!raw) return null;
|
|
let parsed;
|
|
try { parsed = JSON.parse(raw); }
|
|
catch { localStorage.removeItem(PENDING_INVITE_KEY); return null; }
|
|
if (!parsed?.inviteId || !parsed?.stashedAt) {
|
|
localStorage.removeItem(PENDING_INVITE_KEY);
|
|
return null;
|
|
}
|
|
const ageSecs = Math.floor(Date.now() / 1000) - parsed.stashedAt;
|
|
if (ageSecs > INVITE_EXPIRY_DAYS_FRONTEND * 86400) {
|
|
localStorage.removeItem(PENDING_INVITE_KEY);
|
|
return null;
|
|
}
|
|
return parsed.inviteId;
|
|
}
|
|
|
|
function clearPendingInvite() {
|
|
localStorage.removeItem(PENDING_INVITE_KEY);
|
|
}
|
|
|
|
// Map backend error message text to a translated toast string. We match
|
|
// English text because api.js doesn't surface HTTP status codes today;
|
|
// refactor to err.status when that lands - tracked in handoff doc.
|
|
function mapAcceptError(err) {
|
|
const msg = err?.message || '';
|
|
if (/Invite not found/i.test(msg)) return t('accept.error.not_found');
|
|
if (/Invite has expired|Workspace no longer exists/i.test(msg)) return t('accept.error.expired');
|
|
if (/different email address/i.test(msg)) return t('accept.error.wrong_account');
|
|
return t('accept.error.generic');
|
|
}
|
|
|
|
async function consumeAcceptInvite(inviteId) {
|
|
if (_acceptInFlight) return;
|
|
_acceptInFlight = true;
|
|
try {
|
|
const result = await api.acceptInvite(inviteId);
|
|
|
|
// Switch to the joined workspace. New JWT carries the workspace context;
|
|
// reload picks it up for sidebar /me + socket rooms + data fetches. If
|
|
// the switch fails, log and reload anyway - the membership was created
|
|
// so the user can switch manually via the dropdown.
|
|
try {
|
|
const sw = await api.switchWorkspace(result.workspace_id);
|
|
if (sw?.token) localStorage.setItem('token', sw.token);
|
|
} catch (e) {
|
|
console.warn('switchWorkspace after accept failed (non-fatal):', e.message);
|
|
}
|
|
|
|
// Stash the toast text in a scoped key (not a generic pending-toast
|
|
// channel) so app boot below fires it after reload.
|
|
const toastKey = result.already_member ? 'accept.already_member' : 'accept.success';
|
|
localStorage.setItem(PENDING_INVITE_TOAST_KEY, JSON.stringify({
|
|
message: t(toastKey, { name: result.workspace_name }),
|
|
kind: 'success',
|
|
}));
|
|
|
|
clearPendingInvite();
|
|
// history.replaceState mutates the hash WITHOUT firing hashchange.
|
|
// Important: a plain `location.hash = '#/'` would fire hashchange
|
|
// synchronously, causing route() to fire a second time before the
|
|
// reload runs - that second route() call would consume the toast key
|
|
// and attach the toast to a DOM that's about to be destroyed by the
|
|
// reload. Using replaceState bypasses that race so the post-reload
|
|
// route() is the only one that picks up the toast.
|
|
history.replaceState(null, '', window.location.pathname + '#/');
|
|
window.location.reload();
|
|
} catch (err) {
|
|
showToast(mapAcceptError(err), 'error');
|
|
clearPendingInvite();
|
|
_acceptInFlight = false;
|
|
}
|
|
}
|
|
|
|
// Fires once per page load (single-shot key in localStorage). If the
|
|
// previous routeApp cycle stashed a toast across reload, show it now.
|
|
function consumePendingInviteToast() {
|
|
const raw = localStorage.getItem(PENDING_INVITE_TOAST_KEY);
|
|
if (!raw) return;
|
|
localStorage.removeItem(PENDING_INVITE_TOAST_KEY);
|
|
try {
|
|
const { message, kind } = JSON.parse(raw);
|
|
if (message) showToast(message, kind || 'info');
|
|
} catch {}
|
|
}
|
|
|
|
// Map nav-link data-view to its translation key.
|
|
const NAV_LABEL_KEYS = {
|
|
dashboard: 'nav.displays',
|
|
content: 'nav.content',
|
|
playlists: 'nav.playlists',
|
|
layouts: 'nav.layouts',
|
|
widgets: 'nav.widgets',
|
|
schedule: 'nav.schedule',
|
|
walls: 'nav.walls',
|
|
reports: 'nav.reports',
|
|
kiosk: 'nav.kiosk',
|
|
designer: 'nav.designer',
|
|
activity: 'nav.activity',
|
|
teams: 'nav.teams',
|
|
help: 'nav.help',
|
|
settings: 'nav.settings',
|
|
billing: 'nav.subscription',
|
|
admin: 'nav.admin',
|
|
};
|
|
|
|
function renderNavLabels() {
|
|
document.querySelectorAll('.nav-link').forEach((link) => {
|
|
const key = NAV_LABEL_KEYS[link.dataset.view];
|
|
if (!key) return;
|
|
const span = link.querySelector('span');
|
|
if (span) span.textContent = t(key);
|
|
});
|
|
}
|
|
|
|
// Translate any element marked with data-i18n / data-i18n-placeholder /
|
|
// data-i18n-html. Runs on init and on every language change. Used for static
|
|
// HTML in index.html (e.g. the Add-Display modal) where t() can't be inlined
|
|
// at template time.
|
|
function translateStaticDom(root = document) {
|
|
root.querySelectorAll('[data-i18n]').forEach((el) => {
|
|
const key = el.getAttribute('data-i18n');
|
|
el.textContent = t(key);
|
|
});
|
|
root.querySelectorAll('[data-i18n-html]').forEach((el) => {
|
|
el.innerHTML = t(el.getAttribute('data-i18n-html'));
|
|
});
|
|
root.querySelectorAll('[data-i18n-placeholder]').forEach((el) => {
|
|
el.placeholder = t(el.getAttribute('data-i18n-placeholder'));
|
|
});
|
|
}
|
|
|
|
function isAuthenticated() {
|
|
return !!localStorage.getItem('token');
|
|
}
|
|
|
|
function getCurrentUser() {
|
|
try {
|
|
return JSON.parse(localStorage.getItem('user'));
|
|
} catch { return null; }
|
|
}
|
|
|
|
// Refresh the cached user from the server. The server reads plan_id fresh
|
|
// from the DB on every request, but the frontend only wrote `user` into
|
|
// localStorage at login — so plan/role changes made by an admin weren't
|
|
// visible until the user logged out and back in.
|
|
async function refreshCurrentUser() {
|
|
const token = localStorage.getItem('token');
|
|
if (!token) return;
|
|
try {
|
|
const res = await fetch('/api/auth/me', { headers: { Authorization: `Bearer ${token}` } });
|
|
if (!res.ok) return;
|
|
const fresh = await res.json();
|
|
localStorage.setItem('user', JSON.stringify(fresh));
|
|
// Re-render the workspace switcher on every /me refresh - cheap, and keeps
|
|
// the dropdown in sync if a workspace was added/removed in another tab.
|
|
renderWorkspaceSwitcher(fresh);
|
|
window.dispatchEvent(new CustomEvent('user-refreshed', { detail: fresh }));
|
|
} catch {}
|
|
}
|
|
|
|
function route() {
|
|
// Cleanup previous view
|
|
if (currentView && currentView.cleanup) currentView.cleanup();
|
|
|
|
const hash = window.location.hash || '#/';
|
|
|
|
// Slice 2C - direct hits on #/accept-invite/{id}. Handle BEFORE the
|
|
// auth-redirect-to-login because an unauthed visit needs to stash the
|
|
// inviteId so it survives the redirect.
|
|
if (hash.startsWith('#/accept-invite/')) {
|
|
const inviteId = hash.split('#/accept-invite/')[1].split('/')[0];
|
|
if (inviteId) {
|
|
if (!isAuthenticated()) {
|
|
stashPendingInvite(inviteId);
|
|
window.location.hash = '#/login';
|
|
return;
|
|
}
|
|
consumeAcceptInvite(inviteId); // helper handles routing (reload to '#/')
|
|
return;
|
|
}
|
|
}
|
|
|
|
// Auth check - redirect to login if not authenticated
|
|
if (!isAuthenticated() && hash !== '#/login') {
|
|
window.location.hash = '#/login';
|
|
return;
|
|
}
|
|
|
|
// If authenticated and on login page, redirect to dashboard or onboarding
|
|
if (isAuthenticated() && hash === '#/login') {
|
|
window.location.hash = localStorage.getItem('rd_onboarded') ? '#/' : '#/onboarding';
|
|
return;
|
|
}
|
|
|
|
// Slice 2C - past the auth gates. (a) Show any toast stashed across the
|
|
// accept-invite reload boundary. (b) If a stash exists (from an unauthed
|
|
// accept-invite visit + subsequent login/register), consume it now. The
|
|
// helper's in-flight guard prevents double-fire on subsequent hashchanges.
|
|
if (isAuthenticated()) {
|
|
consumePendingInviteToast();
|
|
const stashedInviteId = readPendingInvite();
|
|
if (stashedInviteId) {
|
|
consumeAcceptInvite(stashedInviteId);
|
|
return;
|
|
}
|
|
}
|
|
|
|
// Onboarding for new users
|
|
if (hash === '#/onboarding' && isAuthenticated()) {
|
|
sidebar.style.display = 'none';
|
|
app.style.marginLeft = '0';
|
|
currentView = onboarding;
|
|
onboarding.render(app);
|
|
return;
|
|
}
|
|
|
|
// Login page - hide sidebar
|
|
if (hash === '#/login') {
|
|
sidebar.style.display = 'none';
|
|
app.style.marginLeft = '0';
|
|
const mb = document.getElementById('mobileMenuBtn');
|
|
if (mb) mb.style.display = 'none';
|
|
currentView = login;
|
|
login.render(app);
|
|
return;
|
|
}
|
|
|
|
// Show sidebar for authenticated views
|
|
sidebar.style.display = '';
|
|
app.style.marginLeft = '';
|
|
const mb = document.getElementById('mobileMenuBtn');
|
|
if (mb) mb.style.display = '';
|
|
|
|
// Update user info in sidebar
|
|
updateSidebarUser();
|
|
|
|
const navLinks = document.querySelectorAll('.nav-link');
|
|
navLinks.forEach(link => {
|
|
link.classList.remove('active');
|
|
if (hash === '#/' && link.dataset.view === 'dashboard') link.classList.add('active');
|
|
else if (hash.startsWith('#/content') && link.dataset.view === 'content') link.classList.add('active');
|
|
else if (hash.startsWith('#/settings') && link.dataset.view === 'settings') link.classList.add('active');
|
|
else if (hash.startsWith('#/billing') && link.dataset.view === 'billing') link.classList.add('active');
|
|
else if ((hash.startsWith('#/layout') || hash === '#/layouts') && link.dataset.view === 'layouts') link.classList.add('active');
|
|
else if ((hash === '#/playlists' || hash.startsWith('#/playlists/')) && link.dataset.view === 'playlists') link.classList.add('active');
|
|
else if (hash === '#/schedule' && link.dataset.view === 'schedule') link.classList.add('active');
|
|
else if (hash === '#/widgets' && link.dataset.view === 'widgets') link.classList.add('active');
|
|
else if ((hash.startsWith('#/wall') || hash === '#/walls') && link.dataset.view === 'walls') link.classList.add('active');
|
|
else if (hash === '#/reports' && link.dataset.view === 'reports') link.classList.add('active');
|
|
else if (hash === '#/activity' && link.dataset.view === 'activity') link.classList.add('active');
|
|
else if (hash === '#/designer' && link.dataset.view === 'designer') link.classList.add('active');
|
|
else if ((hash === '#/kiosk' || hash.startsWith('#/kiosk/')) && link.dataset.view === 'kiosk') link.classList.add('active');
|
|
else if (hash === '#/help' && link.dataset.view === 'help') link.classList.add('active');
|
|
else if (hash.startsWith('#/device/') && link.dataset.view === 'dashboard') link.classList.add('active');
|
|
});
|
|
|
|
// Route to view
|
|
if (hash === '#/' || hash === '#' || hash === '') {
|
|
currentView = dashboard;
|
|
dashboard.render(app);
|
|
} else if (hash.startsWith('#/device/')) {
|
|
const deviceId = hash.split('#/device/')[1].split('/')[0];
|
|
currentView = deviceDetail;
|
|
deviceDetail.render(app, deviceId);
|
|
} else if (hash === '#/content') {
|
|
currentView = contentLibrary;
|
|
contentLibrary.render(app);
|
|
} else if (hash === '#/playlists' || hash.startsWith('#/playlists/')) {
|
|
currentView = playlists;
|
|
playlists.render(app);
|
|
} else if (hash === '#/layouts' || hash.startsWith('#/layout/')) {
|
|
currentView = layoutEditor;
|
|
layoutEditor.render(app);
|
|
} else if (hash === '#/schedule') {
|
|
currentView = schedule;
|
|
schedule.render(app);
|
|
} else if (hash === '#/widgets') {
|
|
currentView = widgets;
|
|
widgets.render(app);
|
|
} else if (hash === '#/walls' || hash.startsWith('#/wall/')) {
|
|
currentView = videoWall;
|
|
videoWall.render(app);
|
|
} else if (hash === '#/reports') {
|
|
currentView = reports;
|
|
reports.render(app);
|
|
} else if (hash === '#/kiosk' || hash.startsWith('#/kiosk/')) {
|
|
currentView = kiosk;
|
|
kiosk.render(app);
|
|
} else if (hash === '#/designer') {
|
|
currentView = designer;
|
|
designer.render(app);
|
|
} else if (hash === '#/activity') {
|
|
currentView = activity;
|
|
activity.render(app);
|
|
} else if (hash === '#/teams' || hash.startsWith('#/team/')) {
|
|
currentView = teams;
|
|
teams.render(app);
|
|
} else if (hash.startsWith('#/workspace/') && hash.includes('/members')) {
|
|
const wsId = hash.split('#/workspace/')[1].split('/')[0];
|
|
currentView = workspaceMembers;
|
|
workspaceMembers.render(app, wsId);
|
|
} else if (hash === '#/help' || hash.startsWith('#/help')) {
|
|
currentView = help;
|
|
help.render(app);
|
|
} else if (hash.startsWith('#/admin/player-debug')) {
|
|
// Match prefix so query params (?page=2&ua=Tizen) route correctly.
|
|
currentView = adminPlayerDebug;
|
|
adminPlayerDebug.render(app);
|
|
} else if (hash === '#/admin') {
|
|
currentView = admin;
|
|
admin.render(app);
|
|
} else if (hash === '#/settings') {
|
|
currentView = settings;
|
|
settings.render(app);
|
|
} else if (hash === '#/billing') {
|
|
currentView = billing;
|
|
billing.render(app);
|
|
} else {
|
|
currentView = dashboard;
|
|
dashboard.render(app);
|
|
}
|
|
}
|
|
|
|
function updateSidebarUser() {
|
|
const user = getCurrentUser();
|
|
if (!user) return;
|
|
|
|
// Show admin nav only for platform admins (legacy 'superadmin' or Phase 1 renamed 'platform_admin')
|
|
const adminNav = document.getElementById('adminNavItem');
|
|
if (adminNav) adminNav.style.display = isPlatformAdmin(user) ? '' : 'none';
|
|
|
|
let userEl = document.getElementById('sidebarUser');
|
|
if (!userEl) {
|
|
const footer = document.querySelector('.sidebar-footer');
|
|
userEl = document.createElement('div');
|
|
userEl.id = 'sidebarUser';
|
|
userEl.style.cssText = 'display:flex;align-items:center;gap:8px;margin-bottom:12px;padding-bottom:12px;border-bottom:1px solid var(--border)';
|
|
footer.insertBefore(userEl, footer.firstChild);
|
|
}
|
|
|
|
userEl.innerHTML = `
|
|
${user.avatar_url ? `<img src="${user.avatar_url}" style="width:28px;height:28px;border-radius:50%">` :
|
|
`<div style="width:28px;height:28px;border-radius:50%;background:var(--accent);display:flex;align-items:center;justify-content:center;font-size:12px;font-weight:600;color:white">${(user.name || user.email)[0].toUpperCase()}</div>`}
|
|
<div style="flex:1;min-width:0">
|
|
<div style="font-size:12px;font-weight:500;white-space:nowrap;overflow:hidden;text-overflow:ellipsis">${user.name || user.email}</div>
|
|
<div style="font-size:10px;color:var(--text-muted)">${user.role}</div>
|
|
</div>
|
|
<button id="logoutBtn" class="btn-icon" title="${t('auth.sign_out')}" style="flex-shrink:0">
|
|
<svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
|
|
<path d="M9 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h4"/>
|
|
<polyline points="16 17 21 12 16 7"/>
|
|
<line x1="21" y1="12" x2="9" y2="12"/>
|
|
</svg>
|
|
</button>
|
|
`;
|
|
|
|
document.getElementById('logoutBtn')?.addEventListener('click', () => {
|
|
localStorage.removeItem('token');
|
|
localStorage.removeItem('user');
|
|
window.location.hash = '#/login';
|
|
window.location.reload();
|
|
});
|
|
}
|
|
|
|
// Initialize
|
|
renderNavLabels();
|
|
translateStaticDom();
|
|
window.addEventListener('language-changed', () => {
|
|
renderNavLabels();
|
|
translateStaticDom();
|
|
});
|
|
|
|
if (isAuthenticated()) {
|
|
connectSocket();
|
|
applyBranding();
|
|
refreshCurrentUser().then(() => updateSidebarUser());
|
|
}
|
|
|
|
// Refresh the cached user on every route transition so plan/role changes
|
|
// made by an admin propagate without requiring a re-login.
|
|
window.addEventListener('hashchange', () => { if (isAuthenticated()) refreshCurrentUser(); });
|
|
|
|
// Register PWA service worker
|
|
if ('serviceWorker' in navigator) {
|
|
navigator.serviceWorker.register('/sw-admin.js').catch(() => {});
|
|
}
|
|
|
|
// Mobile sidebar: open/close via hamburger, backdrop, nav tap, Escape
|
|
const sidebarEl = document.querySelector('.sidebar');
|
|
const backdropEl = document.getElementById('sidebarBackdrop');
|
|
const menuBtn = document.getElementById('mobileMenuBtn');
|
|
|
|
function setMobileNav(open) {
|
|
if (!sidebarEl || !backdropEl) return;
|
|
sidebarEl.classList.toggle('open', open);
|
|
backdropEl.classList.toggle('open', open);
|
|
menuBtn?.setAttribute('aria-expanded', open ? 'true' : 'false');
|
|
}
|
|
|
|
menuBtn?.addEventListener('click', () => {
|
|
setMobileNav(!sidebarEl.classList.contains('open'));
|
|
});
|
|
backdropEl?.addEventListener('click', () => setMobileNav(false));
|
|
window.addEventListener('hashchange', () => setMobileNav(false));
|
|
window.addEventListener('keydown', (e) => {
|
|
if (e.key === 'Escape' && sidebarEl?.classList.contains('open')) setMobileNav(false);
|
|
});
|
|
|
|
// Auto-reload on frontend update (no more hard refresh needed)
|
|
let knownHash = null;
|
|
setInterval(async () => {
|
|
try {
|
|
const res = await fetch('/api/version');
|
|
const { hash } = await res.json();
|
|
if (knownHash === null) { knownHash = hash; return; }
|
|
if (hash !== knownHash) {
|
|
knownHash = hash;
|
|
const toast = document.getElementById('toastContainer');
|
|
if (toast) {
|
|
const notice = document.createElement('div');
|
|
notice.className = 'toast info';
|
|
notice.innerHTML = '<span>Dashboard updated. <a href="javascript:location.reload()" style="color:var(--accent);text-decoration:underline;font-weight:600">Reload now</a></span>';
|
|
toast.appendChild(notice);
|
|
}
|
|
}
|
|
} catch {}
|
|
}, 15000);
|
|
|
|
// Session timeout warning - check JWT expiry every minute
|
|
if (isAuthenticated()) {
|
|
setInterval(() => {
|
|
const token = localStorage.getItem('token');
|
|
if (!token) return;
|
|
try {
|
|
const payload = JSON.parse(atob(token.split('.')[1]));
|
|
const expiresIn = (payload.exp * 1000) - Date.now();
|
|
const minutesLeft = Math.floor(expiresIn / 60000);
|
|
if (minutesLeft <= 0) {
|
|
localStorage.removeItem('token');
|
|
localStorage.removeItem('user');
|
|
window.location.hash = '#/login';
|
|
window.location.reload();
|
|
} else if (minutesLeft <= 30 && minutesLeft % 10 === 0) {
|
|
// Warn at 30, 20, 10 minutes
|
|
const toast = document.getElementById('toastContainer');
|
|
if (toast && !toast.querySelector('.session-warn')) {
|
|
const warn = document.createElement('div');
|
|
warn.className = 'toast info session-warn';
|
|
warn.innerHTML = `<span>Session expires in ${minutesLeft} minutes. <a href="#/login" style="color:var(--accent);text-decoration:underline" onclick="localStorage.removeItem('token');localStorage.removeItem('user')">Re-login</a></span>`;
|
|
toast.appendChild(warn);
|
|
setTimeout(() => warn.remove(), 10000);
|
|
}
|
|
}
|
|
} catch {}
|
|
}, 60000);
|
|
}
|
|
window.addEventListener('hashchange', route);
|
|
route();
|
|
|
|
// Close-modal buttons (replaces inline onclick handlers — required for CSP).
|
|
document.addEventListener('click', (e) => {
|
|
const closer = e.target.closest('[data-close-modal]');
|
|
if (!closer) return;
|
|
const id = closer.dataset.closeModal;
|
|
const modal = document.getElementById(id);
|
|
if (modal) modal.style.display = 'none';
|
|
});
|