cli auth

Jawnnypoo · Jawnnypoo · commit c57fa34423e1 · 2025-09-27T22:16:24.000-05:00
diff --git a/src/pages/Auth/Auth.tsx b/src/pages/Auth/Auth.tsx
@@ -1,6 +1,7 @@
 import React, {useCallback, useEffect, useState} from 'react';
 import './Auth.css';
 import {useAuth} from '../../contexts/AuthContext';
+import {auth} from '../../config/firebase';
 
 const CLIENT_ID = '87955960620-dv9h8pfv4a97mno598dcc3m1nlt0h6u4.apps.googleusercontent.com';
 
@@ -21,20 +22,77 @@ declare global {
 
 const Auth: React.FC = () => {
     const [isGoogleLoaded, setIsGoogleLoaded] = useState(false);
-    const {login, loginWithApple} = useAuth();
+    const {user, login, loginWithApple} = useAuth();
+    const [isGenerating, setIsGenerating] = useState(false);
+    const [isRedirecting, setIsRedirecting] = useState(false);
+
+    // Get redirect URL from URL params (for CLI integration)
+    const urlParams = new URLSearchParams(window.location.search);
+    const redirectUrl = urlParams.get('redirect_url');
+
+    const generateTokenAndRedirect = async () => {
+        if (!redirectUrl || !user) return;
+
+        setIsGenerating(true);
+        try {
+            // Get the current user's ID token
+            const idToken = await auth.currentUser?.getIdToken();
+            if (!idToken) {
+                throw new Error('Failed to get authentication token');
+            }
+
+            // Call the salamander-service to generate custom token
+            const response = await fetch('https://api.salamander.space/v1/generate-custom-token', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    firebaseIdToken: idToken
+                }),
+            });
+
+            if (!response.ok) {
+                const errorData = await response.json();
+                throw new Error(errorData.error || 'Failed to generate custom token');
+            }
+
+            const result = await response.json();
+
+            setIsRedirecting(true);
+            // Redirect to the specified URL with the token
+            window.location.href = `${redirectUrl}?token=${encodeURIComponent(result.customToken)}`;
+        } catch (err: any) {
+            console.error('Error generating custom token:', err);
+            alert(err.message || 'Failed to generate authentication token');
+        } finally {
+            setIsGenerating(false);
+        }
+    };
+
+    useEffect(() => {
+        // If user is signed in and we have a redirect URL, generate token and redirect
+        if (user && redirectUrl && !isGenerating && !isRedirecting) {
+            generateTokenAndRedirect();
+        }
+        // eslint-disable-next-line react-hooks/exhaustive-deps
+    }, [user, redirectUrl, isGenerating, isRedirecting]);
 
     const handleCredentialResponse = useCallback(async (response: any) => {
         console.log('Encoded JWT ID token: ' + response.credential);
 
         try {
             await login(response.credential);
-            // Redirect to account page after successful login
-            window.location.hash = 'account';
+            // If we have a redirect URL, the useEffect will handle the redirect
+            if (!redirectUrl) {
+                // Redirect to account page after successful login
+                window.location.hash = 'account';
+            }
         } catch (error) {
             console.error('Failed to process login:', error);
             alert(error instanceof Error ? error.message : 'Sign-in failed. Please try again.');
         }
-    }, [login]);
+    }, [login, redirectUrl]);
 
     useEffect(() => {
         const initializeGoogle = () => {
@@ -71,14 +129,52 @@ const Auth: React.FC = () => {
     const handleAppleAuth = async () => {
         try {
             await loginWithApple();
-            // Redirect to account page after successful login
-            window.location.hash = 'account';
+            // If we have a redirect URL, the useEffect will handle the redirect
+            if (!redirectUrl) {
+                // Redirect to account page after successful login
+                window.location.hash = 'account';
+            }
         } catch (error) {
             console.error('Apple sign-in failed:', error);
             alert(error instanceof Error ? error.message : 'Apple sign-in failed. Please try again.');
         }
     };
 
+    // Show loading state if generating token or redirecting
+    if (isGenerating || isRedirecting) {
+        return (
+            <div className="auth-container">
+                <div className="auth-card">
+                    <div className="auth-header">
+                        <img src="images/logo_salamander.png" alt="Salamander" className="auth-logo"/>
+                        <h1 className="auth-title">Salamander</h1>
+                        <p className="auth-tagline">Never be AFK</p>
+                    </div>
+
+                    <div className="auth-content" style={{ textAlign: 'center' }}>
+                        <div style={{
+                            width: '32px',
+                            height: '32px',
+                            border: '3px solid #374151',
+                            borderTop: '3px solid #ff6b35',
+                            borderRadius: '50%',
+                            animation: 'spin 1s linear infinite',
+                            margin: '0 auto 16px'
+                        }}></div>
+                        <p style={{ color: '#d1d5db', fontSize: '14px' }}>
+                            {isRedirecting ? 'Redirecting to CLI...' : 'Generating authentication token...'}
+                        </p>
+                        {isRedirecting && (
+                            <p style={{ color: '#9ca3af', fontSize: '12px', marginTop: '16px', fontStyle: 'italic' }}>
+                                If the redirect doesn't work, you can close this window and return to your terminal.
+                            </p>
+                        )}
+                    </div>
+                </div>
+            </div>
+        );
+    }
+
     return (
         <div className="auth-container">
             <div className="auth-card">
diff --git a/src/pages/CliAuth/CliAuth.css b/src/pages/CliAuth/CliAuth.css
@@ -92,6 +92,44 @@
     font-size: 18px;
 }
 
+.google-login-btn {
+    background: white;
+    color: #1f2937;
+    border: 1px solid #d1d5db;
+    border-radius: 8px;
+    padding: 12px 24px;
+    font-size: 16px;
+    font-weight: 500;
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    margin: 0 auto;
+    transition: all 0.2s;
+    font-family: inherit;
+}
+
+.google-login-btn:hover {
+    background: #f9fafb;
+    box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+}
+
+.google-login-btn:disabled {
+    opacity: 0.6;
+    cursor: not-allowed;
+}
+
+.google-auth-content {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+}
+
+.google-icon {
+    width: 18px;
+    height: 18px;
+}
+
 .auth-message {
     color: #d1d5db;
     font-size: 14px;
diff --git a/src/pages/CliAuth/CliAuth.tsx b/src/pages/CliAuth/CliAuth.tsx
@@ -1,8 +1,24 @@
-import React, { useState, useEffect } from 'react';
+import React, { useState, useEffect, useCallback } from 'react';
 import { useAuth } from '../../contexts/AuthContext';
 import { auth } from '../../config/firebase';
 import './CliAuth.css';
 
+const CLIENT_ID = '87955960620-dv9h8pfv4a97mno598dcc3m1nlt0h6u4.apps.googleusercontent.com';
+
+declare global {
+    interface Window {
+        google: {
+            accounts: {
+                id: {
+                    initialize: (config: any) => void;
+                    prompt: () => void;
+                    renderButton: (element: HTMLElement, config: any) => void;
+                };
+            };
+        };
+    }
+}
+
 interface GenerateCustomTokenResponse {
     customToken: string;
     uid: string;
@@ -11,22 +27,56 @@ interface GenerateCustomTokenResponse {
 }
 
 const CliAuth: React.FC = () => {
-    const { user, loginWithApple, isLoading } = useAuth();
+    const { user, login, loginWithApple, isLoading } = useAuth();
     const [customToken, setCustomToken] = useState<string | null>(null);
     const [isGenerating, setIsGenerating] = useState(false);
     const [error, setError] = useState<string | null>(null);
     const [isRedirecting, setIsRedirecting] = useState(false);
+    const [isGoogleLoaded, setIsGoogleLoaded] = useState(false);
 
     // Get auth type and callback URL from URL params
     const urlParams = new URLSearchParams(window.location.search);
     const authType = urlParams.get('type') || 'apple';
     const callbackUrl = urlParams.get('callback');
 
+    const handleCredentialResponse = useCallback(async (response: any) => {
+        console.log('Encoded JWT ID token: ' + response.credential);
+
+        try {
+            await login(response.credential);
+            // generateTokenAndRedirect will be called automatically via useEffect when user state updates
+        } catch (error) {
+            console.error('Failed to process login:', error);
+            setError(error instanceof Error ? error.message : 'Google sign-in failed. Please try again.');
+        }
+    }, [login]);
+
+    useEffect(() => {
+        // Initialize Google Sign-In if needed
+        if (authType === 'google') {
+            const initializeGoogle = () => {
+                if (window.google && window.google.accounts) {
+                    window.google.accounts.id.initialize({
+                        client_id: CLIENT_ID,
+                        callback: handleCredentialResponse,
+                    });
+                    setIsGoogleLoaded(true);
+                } else {
+                    // Retry after a short delay if Google hasn't loaded yet
+                    setTimeout(initializeGoogle, 100);
+                }
+            };
+
+            initializeGoogle();
+        }
+    }, [authType, handleCredentialResponse]);
+
     useEffect(() => {
         // If user is already signed in and we have a callback URL, generate custom token and redirect
         if (user && callbackUrl && !customToken && !isGenerating) {
             generateTokenAndRedirect();
         }
+        // eslint-disable-next-line react-hooks/exhaustive-deps
     }, [user, callbackUrl, customToken, isGenerating]);
 
     const generateToken = async (): Promise<string | null> => {
@@ -92,6 +142,22 @@ const CliAuth: React.FC = () => {
         }
     };
 
+    const handleGoogleLogin = async () => {
+        if (!isGoogleLoaded) {
+            setError('Google Sign-In not loaded. Please try again in a moment.');
+            return;
+        }
+
+        setError(null);
+        try {
+            // Trigger the One Tap flow
+            window.google.accounts.id.prompt();
+        } catch (error) {
+            console.error('Google sign-in failed:', error);
+            setError('Google sign-in failed. Please try again.');
+        }
+    };
+
 
     if (isLoading) {
         return (
@@ -110,7 +176,7 @@ const CliAuth: React.FC = () => {
                 <div className="cli-auth-header">
                     <div className="cli-auth-logo">S</div>
                     <h1>Salamander CLI Authentication</h1>
-                    <p>Authenticate your CLI with {authType === 'apple' ? 'Apple ID' : 'Google'}</p>
+                    <p>Authenticate your CLI with {authType === 'apple' ? 'Apple ID' : authType === 'google' ? 'Google' : authType}</p>
                 </div>
 
                 {!user && (
@@ -124,10 +190,30 @@ const CliAuth: React.FC = () => {
                                 <span className="apple-icon">🍎</span>
                                 Sign in with Apple
                             </button>
+                        ) : authType === 'google' ? (
+                            <button
+                                className="google-login-btn"
+                                onClick={handleGoogleLogin}
+                                disabled={isLoading || !isGoogleLoaded}
+                            >
+                                <div className="google-auth-content">
+                                    <svg className="google-icon" viewBox="0 0 24 24" width="18" height="18">
+                                        <path fill="#4285F4"
+                                              d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z"/>
+                                        <path fill="#34A853"
+                                              d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"/>
+                                        <path fill="#FBBC05"
+                                              d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z"/>
+                                        <path fill="#EA4335"
+                                              d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"/>
+                                    </svg>
+                                    <span>Sign in with Google</span>
+                                </div>
+                            </button>
                         ) : (
                             <div className="auth-message">
-                                <p>Google authentication is not yet supported in this CLI auth flow.</p>
-                                <p>Please use the standard Google OAuth flow in your CLI.</p>
+                                <p>Unknown authentication type: {authType}</p>
+                                <p>Supported types: apple, google</p>
                             </div>
                         )}
                     </div>
