Anthony/nextstep
1
0
Fork 0
mirror of https://github.com/Tony0410/nextstep.git synced 2026-05-24 21:31:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1bb88288f4532dc7318623289db8a0dc6305ecf3
nextstep/src/app/login/page.tsx
Tony0410 1bb88288f4 fix: login loop and repeated medication notifications 
- Fix login loop: secure cookie detection now uses x-forwarded-proto/origin
  headers to correctly identify HTTPS requests through Tailscale Funnel
- Add credentials: include to login/register fetch calls
- Verify session after login/registration before redirecting to prevent race conditions
- Fix repeated medication reminders: isDue() now matches exact minute instead of
  5-minute tolerance window, preventing duplicate notifications when sender runs
  every minute
- Add tests for cookie security and notification scheduling
- Extract isDue() to separate module for better testability
2026-03-15 12:17:42 +00:00

133 lines
4.0 KiB
TypeScript
Raw Blame History

'use client'
import { Suspense, useState } from 'react'
import { useRouter, useSearchParams } from 'next/navigation'
import Link from 'next/link'
import { Heart } from 'lucide-react'
import { Button, Input, Card, showToast } from '@/components/ui'
function LoginForm() {
const router = useRouter()
const searchParams = useSearchParams()
const redirectTo = searchParams.get('redirect')
const [email, setEmail] = useState('')
const [password, setPassword] = useState('')
const [loading, setLoading] = useState(false)
const [error, setError] = useState('')
const handleSubmit = async (e: React.FormEvent) => {
e.preventDefault()
setError('')
setLoading(true)
try {
const response = await fetch('/api/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify({ email, password }),
})
const data = await response.json()
if (!response.ok) {
setError(data.error || 'Login failed')
return
}
// Check if user needs to change password
if (data.forcePasswordReset) {
showToast('Please change your password to continue', 'info')
router.push('/change-password')
router.refresh()
return
}
const sessionResponse = await fetch('/api/auth/me', {
credentials: 'include',
cache: 'no-store',
})
if (!sessionResponse.ok) {
throw new Error('Your session was created but is not available yet. Please try again.')
}
showToast('Welcome back!', 'success')
// If there's a redirect param (e.g., from invite link), go there
router.push(redirectTo || '/today')
router.refresh()
} catch {
setError('Something went wrong. Please try again.')
} finally {
setLoading(false)
}
}
return (
<div className="min-h-screen bg-background flex flex-col items-center justify-center p-4">
<div className="w-full max-w-sm">
{/* Logo */}
<div className="text-center mb-8">
<div className="w-16 h-16 bg-primary-500 rounded-2xl flex items-center justify-center mx-auto mb-4">
<Heart className="w-8 h-8 text-white" />
</div>
<h1 className="text-2xl font-bold text-secondary-900">Next Step</h1>
<p className="text-secondary-500 mt-1">Health management made simple</p>
</div>
<Card className="mb-6">
<form onSubmit={handleSubmit} className="space-y-4">
<Input
label="Email"
type="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
placeholder="you@example.com"
required
autoComplete="email"
/>
<Input
label="Password"
type="password"
value={password}
onChange={(e) => setPassword(e.target.value)}
placeholder="••••••••"
required
autoComplete="current-password"
/>
{error && (
<p className="text-sm text-red-600 bg-red-50 px-3 py-2 rounded-button">
{error}
</p>
)}
<Button type="submit" fullWidth loading={loading}>
Sign In
</Button>
</form>
</Card>
<p className="text-center text-secondary-500">
Don't have an account?{' '}
<Link href="/register" className="text-primary-600 font-medium hover:text-primary-700">
Create one
</Link>
</p>
</div>
</div>
)
}
export default function LoginPage() {
return (
<Suspense fallback={
<div className="min-h-screen bg-background flex items-center justify-center">
<div className="w-8 h-8 border-2 border-primary-500 border-t-transparent rounded-full animate-spin" />
</div>
}>
<LoginForm />
</Suspense>
)
}
Reference in New Issue View Git Blame Copy Permalink