Update login workflow

Josh-XT · Josh-XT · commit f0d792b5740c · 2026-01-24T15:55:20.000-05:00
diff --git a/agixt-sdk/src/client/mod.rs b/agixt-sdk/src/client/mod.rs
@@ -50,11 +50,69 @@ impl AGiXTSDK {
 
     // ==================== Authentication ====================
 
-    /// Login to the AGiXT server.
-    pub async fn login(&self, email: &str, otp: &str) -> Result<Option<String>> {
+    /// Login with username/password authentication.
+    ///
+    /// # Arguments
+    /// * `username` - Username or email address
+    /// * `password` - User's password
+    /// * `mfa_token` - Optional TOTP code if MFA is enabled
+    ///
+    /// # Returns
+    /// JWT token on success, or None on failure
+    pub async fn login(&self, username: &str, password: &str, mfa_token: Option<&str>) -> Result<Option<String>> {
+        let mut payload = serde_json::json!({
+            "username": username,
+            "password": password,
+        });
+        if let Some(token) = mfa_token {
+            payload["mfa_token"] = serde_json::json!(token);
+        }
+
         let response = self
             .client
             .post(&format!("{}/v1/login", self.base_uri))
+            .json(&payload)
+            .send()
+            .await?;
+
+        let status = response.status();
+        let text = response.text().await?;
+
+        if self.verbose {
+            self.parse_response(status, &text).await?;
+        }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+        
+        // Check for token in response (new auth flow)
+        if status.is_success() {
+            if let Some(token) = json.get("token").and_then(|t| t.as_str()) {
+                let mut headers = self.headers.lock().await;
+                if let Ok(value) = HeaderValue::from_str(token) {
+                    headers.insert(AUTHORIZATION, value);
+                }
+                if self.verbose {
+                    println!("Logged in successfully");
+                }
+                return Ok(Some(token.to_string()));
+            }
+        }
+        Ok(None)
+    }
+
+    /// Legacy login with magic link (email + OTP token).
+    /// Maintained for backward compatibility.
+    ///
+    /// # Arguments
+    /// * `email` - User's email address
+    /// * `otp` - TOTP code from authenticator app
+    ///
+    /// # Returns
+    /// JWT token on success, or None on failure
+    pub async fn login_magic_link(&self, email: &str, otp: &str) -> Result<Option<String>> {
+        let response = self
+            .client
+            .post(&format!("{}/v1/login/magic-link", self.base_uri))
             .json(&serde_json::json!({
                 "email": email,
                 "token": otp,
@@ -70,10 +128,7 @@ impl AGiXTSDK {
         }
 
         let json: serde_json::Value = serde_json::from_str(&text)?;
-        self.process_login_response(json).await
-    }
-
-    async fn process_login_response(&self, json: serde_json::Value) -> Result<Option<String>> {
+        
         if let Some(detail) = json.get("detail").and_then(|d| d.as_str()) {
             if detail.contains("?token=") {
                 let token = detail.split("token=").nth(1).unwrap_or_default();
@@ -88,15 +143,184 @@ impl AGiXTSDK {
         Ok(None)
     }
 
-    /// Register a new user.
-    pub async fn register_user(&self, email: &str, first_name: &str, last_name: &str) -> Result<String> {
+    /// Register a new user with username/password authentication.
+    ///
+    /// # Arguments
+    /// * `email` - User's email address
+    /// * `password` - User's password
+    /// * `confirm_password` - Password confirmation
+    /// * `first_name` - User's first name (optional)
+    /// * `last_name` - User's last name (optional)
+    /// * `username` - Desired username (optional)
+    /// * `organization_name` - Company/organization name (optional)
+    ///
+    /// # Returns
+    /// Response JSON with user_id, username, token on success
+    pub async fn register_user(
+        &self,
+        email: &str,
+        password: &str,
+        confirm_password: &str,
+        first_name: Option<&str>,
+        last_name: Option<&str>,
+        username: Option<&str>,
+        organization_name: Option<&str>,
+    ) -> Result<serde_json::Value> {
+        let mut payload = serde_json::json!({
+            "email": email,
+            "password": password,
+            "confirm_password": confirm_password,
+            "first_name": first_name.unwrap_or(""),
+            "last_name": last_name.unwrap_or(""),
+        });
+        if let Some(u) = username {
+            payload["username"] = serde_json::json!(u);
+        }
+        if let Some(org) = organization_name {
+            payload["organization_name"] = serde_json::json!(org);
+        }
+
         let response = self
             .client
             .post(&format!("{}/v1/user", self.base_uri))
+            .json(&payload)
+            .send()
+            .await?;
+
+        let status = response.status();
+        let text = response.text().await?;
+
+        if self.verbose {
+            self.parse_response(status, &text).await?;
+        }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+
+        // Auto-login if token is returned
+        if status.is_success() {
+            if let Some(token) = json.get("token").and_then(|t| t.as_str()) {
+                let mut headers = self.headers.lock().await;
+                if let Ok(value) = HeaderValue::from_str(token) {
+                    headers.insert(AUTHORIZATION, value);
+                }
+                if self.verbose {
+                    println!("Registered and logged in as {}", json.get("username").and_then(|u| u.as_str()).unwrap_or(""));
+                }
+            }
+        }
+
+        Ok(json)
+    }
+
+    /// Get MFA setup information including QR code URI.
+    ///
+    /// # Returns
+    /// JSON with provisioning_uri, secret, and mfa_enabled status
+    pub async fn get_mfa_setup(&self) -> Result<serde_json::Value> {
+        let response = self
+            .client
+            .get(&format!("{}/v1/user/mfa/setup", self.base_uri))
+            .headers(self.headers.lock().await.clone())
+            .send()
+            .await?;
+
+        let status = response.status();
+        let text = response.text().await?;
+
+        if self.verbose {
+            self.parse_response(status, &text).await?;
+        }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+        Ok(json)
+    }
+
+    /// Enable MFA for the current user.
+    ///
+    /// # Arguments
+    /// * `mfa_token` - TOTP code from authenticator app to verify setup
+    ///
+    /// # Returns
+    /// Response JSON with success message
+    pub async fn enable_mfa(&self, mfa_token: &str) -> Result<serde_json::Value> {
+        let response = self
+            .client
+            .post(&format!("{}/v1/user/mfa/enable", self.base_uri))
+            .headers(self.headers.lock().await.clone())
+            .json(&serde_json::json!({ "mfa_token": mfa_token }))
+            .send()
+            .await?;
+
+        let status = response.status();
+        let text = response.text().await?;
+
+        if self.verbose {
+            self.parse_response(status, &text).await?;
+        }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+        Ok(json)
+    }
+
+    /// Disable MFA for the current user.
+    ///
+    /// # Arguments
+    /// * `password` - User's password (optional)
+    /// * `mfa_token` - Current TOTP code (optional)
+    ///
+    /// # Returns
+    /// Response JSON with success message
+    pub async fn disable_mfa(&self, password: Option<&str>, mfa_token: Option<&str>) -> Result<serde_json::Value> {
+        let mut payload = serde_json::json!({});
+        if let Some(p) = password {
+            payload["password"] = serde_json::json!(p);
+        }
+        if let Some(t) = mfa_token {
+            payload["mfa_token"] = serde_json::json!(t);
+        }
+
+        let response = self
+            .client
+            .post(&format!("{}/v1/user/mfa/disable", self.base_uri))
+            .headers(self.headers.lock().await.clone())
+            .json(&payload)
+            .send()
+            .await?;
+
+        let status = response.status();
+        let text = response.text().await?;
+
+        if self.verbose {
+            self.parse_response(status, &text).await?;
+        }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+        Ok(json)
+    }
+
+    /// Change the current user's password.
+    ///
+    /// # Arguments
+    /// * `current_password` - Current password
+    /// * `new_password` - New password
+    /// * `confirm_password` - New password confirmation
+    ///
+    /// # Returns
+    /// Response JSON with success message
+    pub async fn change_password(
+        &self,
+        current_password: &str,
+        new_password: &str,
+        confirm_password: &str,
+    ) -> Result<serde_json::Value> {
+        let response = self
+            .client
+            .post(&format!("{}/v1/user/password/change", self.base_uri))
+            .headers(self.headers.lock().await.clone())
             .json(&serde_json::json!({
-                "email": email,
-                "first_name": first_name,
-                "last_name": last_name,
+                "current_password": current_password,
+                "new_password": new_password,
+                "confirm_password": confirm_password,
             }))
             .send()
             .await?;
@@ -109,20 +333,38 @@ impl AGiXTSDK {
         }
 
         let json: serde_json::Value = serde_json::from_str(&text)?;
+        Ok(json)
+    }
 
-        if let Some(otp_uri) = json.get("otp_uri").and_then(|u| u.as_str()) {
-            let mfa_token = otp_uri
-                .split("secret=")
-                .nth(1)
-                .and_then(|s| s.split('&').next())
-                .ok_or_else(|| crate::Error::Other("Invalid OTP URI format".to_string()))?;
+    /// Set a password for users who don't have one (e.g., social login users).
+    ///
+    /// # Arguments
+    /// * `new_password` - New password
+    /// * `confirm_password` - New password confirmation
+    ///
+    /// # Returns
+    /// Response JSON with success message
+    pub async fn set_password(&self, new_password: &str, confirm_password: &str) -> Result<serde_json::Value> {
+        let response = self
+            .client
+            .post(&format!("{}/v1/user/password/set", self.base_uri))
+            .headers(self.headers.lock().await.clone())
+            .json(&serde_json::json!({
+                "new_password": new_password,
+                "confirm_password": confirm_password,
+            }))
+            .send()
+            .await?;
 
-            self.login(email, mfa_token).await?;
+        let status = response.status();
+        let text = response.text().await?;
 
-            Ok(otp_uri.to_string())
-        } else {
-            Ok(text)
+        if self.verbose {
+            self.parse_response(status, &text).await?;
         }
+
+        let json: serde_json::Value = serde_json::from_str(&text)?;
+        Ok(json)
     }
 
     /// Check if a user exists.
