fromchat-messenger
diff --git a/‎frontend/plugins/optimizeSvg.ts‎
Lines changed: 67 additions & 0 deletions b/‎frontend/plugins/optimizeSvg.ts‎
Lines changed: 67 additions & 0 deletions
diff --git a/‎frontend/src/App.tsx‎
Lines changed: 4 additions & 4 deletions b/‎frontend/src/App.tsx‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎frontend/src/core/api/devicesApi.ts‎ ‎frontend/src/core/api/account/devices.ts‎frontend/src/core/api/devicesApi.ts renamed to frontend/src/core/api/account/devices.ts
Lines changed: 4 additions & 5 deletions b/‎frontend/src/core/api/devicesApi.ts‎ ‎frontend/src/core/api/account/devices.ts‎frontend/src/core/api/devicesApi.ts renamed to frontend/src/core/api/account/devices.ts
Lines changed: 4 additions & 5 deletions
diff --git a/‎frontend/src/core/api/authApi.ts‎ ‎frontend/src/core/api/account/index.ts‎frontend/src/core/api/authApi.ts renamed to frontend/src/core/api/account/index.ts
Lines changed: 118 additions & 57 deletions b/‎frontend/src/core/api/authApi.ts‎ ‎frontend/src/core/api/account/index.ts‎frontend/src/core/api/authApi.ts renamed to frontend/src/core/api/account/index.ts
Lines changed: 118 additions & 57 deletions
@@ -0,0 +1,67 @@
+import type { Plugin } from 'vite';
+import { optimize } from 'svgo';
+
+export interface OptimizeSvgOptions {
+    /**
+     * Whether to enable SVG optimization
+     * @default true
+     */
+    enabled?: boolean;
+}
+
+const svgoConfig: Parameters<typeof optimize>[1] = {
+    multipass: true,
+    plugins: [
+        {
+            name: 'preset-default',
+            params: {
+                overrides: {
+                    // Keep IDs if they might be referenced (minify instead of remove)
+                    cleanupIds: {
+                        remove: false,
+                        minify: true
+                    }
+                }
+            }
+        }
+    ]
+};
+
+/**
+ * Optimizes SVG files during build by:
+ * - Minifying SVG code
+ * - Removing metadata and comments
+ * - Removing unnecessary attributes
+ * - Optimizing paths and shapes
+ */
+export function optimizeSvg(options?: OptimizeSvgOptions): Plugin {
+    const enabled = options?.enabled !== false;
+
+    return {
+        name: 'optimize-svg',
+        apply: 'build',
+        enforce: 'post',
+        async generateBundle(options, bundle) {
+            if (!enabled) return;
+
+            // Optimize SVGs in the bundle
+            for (const [fileName, chunk] of Object.entries(bundle)) {
+                if (fileName.endsWith('.svg') && chunk.type === 'asset') {
+                    try {
+                        const svgContent = typeof chunk.source === 'string' 
+                            ? chunk.source 
+                            : Buffer.from(chunk.source).toString('utf-8');
+                        
+                        const result = optimize(svgContent, svgoConfig);
+
+                        if (result.data && result.data !== svgContent) {
+                            chunk.source = result.data;
+                        }
+                    } catch (error) {
+                        console.warn(`Failed to optimize SVG ${fileName}:`, error);
+                    }
+                }
+            }
+        }
+    };
+}
@@ -1,7 +1,7 @@
 import { BrowserRouter, Routes, Route, useNavigate, useLocation, matchRoutes, Navigate, type RouteObject } from "react-router-dom";
 import { AnimatePresence, motion } from "motion/react";
 import { ElectronTitleBar } from "./Electron";
-import { useAppState } from "./pages/chat/state";
+import { useUserStore } from "./state/user";
 import { lazy, useEffect, useRef, useState } from "react";
 import { parseProfileLink } from "./core/profileLinks";
 import NotFoundPage from "./pages/not-found/NotFoundPage";
@@ -117,14 +117,14 @@ function AnimatedRoutes() {
 }
 
 export default function App() {
-    const { restoreUserFromStorage, user } = useAppState();
+    const { restoreFromStorage, user } = useUserStore();
     const [authReady, setAuthReady] = useState(false);
 
     useEffect(() => {
-        restoreUserFromStorage().finally(() => {
+        restoreFromStorage().finally(() => {
             setAuthReady(true);
         });
-    }, [restoreUserFromStorage]);
+    }, [restoreFromStorage]);
 
     return authReady && (
         <BrowserRouter>
 
@@ -1,5 +1,5 @@
 import { API_BASE_URL } from "@/core/config";
-import { getAuthHeaders } from "@/core/api/authApi";
+import { getAuthHeaders } from "./index";
 
 export interface DeviceInfo {
     session_id: string;
@@ -18,20 +18,19 @@ export interface DeviceInfo {
 }
 
 export async function listDevices(token: string): Promise<DeviceInfo[]> {
-    const res = await fetch(`${API_BASE_URL}/devices`, { headers: getAuthHeaders(token) });
+    const res = await fetch(`${API_BASE_URL}/devices`, { headers: getAuthHeaders(token, true) });
     if (!res.ok) throw new Error("Failed to fetch devices");
     const data = await res.json();
     return data.devices as DeviceInfo[];
 }
 
 export async function revokeDevice(token: string, sessionId: string): Promise<void> {
-    const res = await fetch(`${API_BASE_URL}/devices/${sessionId}`, { method: "DELETE", headers: getAuthHeaders(token) });
+    const res = await fetch(`${API_BASE_URL}/devices/${sessionId}`, { method: "DELETE", headers: getAuthHeaders(token, true) });
     if (!res.ok) throw new Error("Failed to revoke device");
 }
 
 export async function logoutAllOtherDevices(token: string): Promise<void> {
-    const res = await fetch(`${API_BASE_URL}/devices/logout-all`, { method: "POST", headers: getAuthHeaders(token) });
+    const res = await fetch(`${API_BASE_URL}/devices/logout-all`, { method: "POST", headers: getAuthHeaders(token, true) });
     if (!res.ok) throw new Error("Failed to logout all devices");
 }
 
-
@@ -1,12 +1,15 @@
-import type { Headers, UploadPublicKeyRequest, BackupBlob } from "@/core/types";
+import { API_BASE_URL } from "@/core/config";
+import type { LoginRequest, RegisterRequest, LoginResponse } from "@/core/types";
 import { generateX25519KeyPair } from "@/utils/crypto/asymmetric";
 import { encodeBlob, encryptBackupWithPassword, decryptBackupWithPassword, decodeBlob } from "@/utils/crypto/backup";
 import { b64, ub64 } from "@/utils/utils";
-import { API_BASE_URL } from "@/core/config";
 import { hkdfExtractAndExpand } from "@/utils/crypto/kdf";
+import { fetchPublicKey, uploadPublicKey, fetchBackupBlob, uploadBackupBlob } from "../crypto";
+import type { Headers } from "@/core/types";
 
 /**
  * Generates authentication headers for API requests
+ * @param {string | null} token - Authentication token
  * @param {boolean} json - Whether to include JSON content type header
  * @returns {Headers} Headers object with authentication and content type
  */
@@ -23,61 +26,25 @@ export function getAuthHeaders(token: string | null, json: boolean = true): Head
     return headers;
 }
 
-let currentPublicKey: Uint8Array | null = null;
-let currentPrivateKey: Uint8Array | null = null;
-
-async function fetchPublicKey(token: string): Promise<Uint8Array | null> {
-	const headers = getAuthHeaders(token, true);
-	const res = await fetch(`${API_BASE_URL}/crypto/public-key`, { method: "GET", headers });
-	if (!res.ok) return null;
-	const data = await res.json();
-	if (!data?.publicKey) return null;
-	return ub64(data.publicKey);
+export interface CheckAuthResponse {
+    authenticated: boolean;
+    username: string;
+    admin: boolean;
 }
 
-async function uploadPublicKey(publicKey: Uint8Array, token: string): Promise<void> {
-	const payload: UploadPublicKeyRequest = {
-		publicKey: b64(publicKey)
-	}
-
-	const headers = getAuthHeaders(token, true);
-	await fetch(`${API_BASE_URL}/crypto/public-key`, {
-		method: "POST",
-		headers,
-		body: JSON.stringify(payload)
-	});
-}
-
-async function fetchBackupBlob(token: string): Promise<string | null> {
-	const headers = getAuthHeaders(token, true);
-	const res = await fetch(`${API_BASE_URL}/crypto/backup`, {
-		method: "GET",
-		headers
-	});
-	if (res.ok) {
-		const response: BackupBlob = await res.json();
-		return response.blob;
-	} else {
-		return null;
-	}
-}
-
-async function uploadBackupBlob(blobJson: string, token: string): Promise<void> {
-	const payload: BackupBlob = { blob: blobJson }
-
-	const headers = getAuthHeaders(token, true);
-	await fetch(`${API_BASE_URL}/crypto/backup`, {
-		method: "POST",
-		headers,
-		body: JSON.stringify(payload)
-	});
+export interface LogoutResponse {
+    status: string;
+    message: string;
 }
 
 export interface UserKeyPairMemory {
 	publicKey: Uint8Array;
 	privateKey: Uint8Array;
 }
 
+let currentPublicKey: Uint8Array | null = null;
+let currentPrivateKey: Uint8Array | null = null;
+
 export function getCurrentKeys(): UserKeyPairMemory | null {
 	if (currentPublicKey && currentPrivateKey) return { publicKey: currentPublicKey, privateKey: currentPrivateKey };
 	return null;
@@ -94,6 +61,72 @@ function saveKeys(
 	localStorage.setItem("privateKey", encodedPrivateKey);
 }
 
+/**
+ * Checks if the current user is authenticated
+ */
+export async function checkAuth(token: string): Promise<CheckAuthResponse> {
+    const res = await fetch(`${API_BASE_URL}/check_auth`, {
+        headers: getAuthHeaders(token, true)
+    });
+    if (!res.ok) throw new Error("Failed to check auth");
+    return await res.json();
+}
+
+/**
+ * Logs in a user with username and password
+ */
+export async function login(request: LoginRequest): Promise<LoginResponse> {
+    const res = await fetch(`${API_BASE_URL}/login`, {
+        method: "POST",
+        headers: getAuthHeaders(null, true),
+        body: JSON.stringify(request)
+    });
+    if (!res.ok) {
+        const error = await res.json().catch(() => ({ detail: "Login failed" }));
+        throw new Error(error.detail || "Login failed");
+    }
+    return await res.json();
+}
+
+/**
+ * Registers a new user
+ */
+export async function register(request: RegisterRequest): Promise<LoginResponse> {
+    const res = await fetch(`${API_BASE_URL}/register`, {
+        method: "POST",
+        headers: getAuthHeaders(null, true),
+        body: JSON.stringify(request)
+    });
+    if (!res.ok) {
+        const error = await res.json().catch(() => ({ detail: "Registration failed" }));
+        throw new Error(error.detail || "Registration failed");
+    }
+    return await res.json();
+}
+
+/**
+ * Logs out the current user
+ */
+export async function logout(token: string): Promise<LogoutResponse> {
+    const res = await fetch(`${API_BASE_URL}/logout`, {
+        headers: getAuthHeaders(token, true)
+    });
+    if (!res.ok) throw new Error("Failed to logout");
+    return await res.json();
+}
+
+/**
+ * Derive a client-side authentication secret so the raw password never leaves the client.
+ * Uses PBKDF2 (via WebCrypto) + HKDF to produce a stable 32-byte key, then base64.
+ */
+export async function deriveAuthSecret(username: string, password: string): Promise<string> {
+    // Use per-user salt derived from username; in future we can fetch a server-provided salt
+    const salt = new TextEncoder().encode(`fromchat.user:${username}`);
+    // Derive 32 bytes using HKDF; PBKDF2 already used within importPassword
+    const derived = await hkdfExtractAndExpand(new TextEncoder().encode(password), salt, new TextEncoder().encode("auth-secret"), 32);
+    return b64(derived);
+}
+
 export async function ensureKeysOnLogin(password: string, token: string): Promise<UserKeyPairMemory> {
 	// Try to restore from backup
 	const blobJson = await fetchBackupBlob(token);
@@ -147,13 +180,41 @@ export function getAuthToken(): string | null {
 }
 
 /**
- * Derive a client-side authentication secret so the raw password never leaves the client.
- * Uses PBKDF2 (via WebCrypto) + HKDF to produce a stable 32-byte key, then base64.
+ * Changes the user's password
  */
-export async function deriveAuthSecret(username: string, password: string): Promise<string> {
-    // Use per-user salt derived from username; in future we can fetch a server-provided salt
-    const salt = new TextEncoder().encode(`fromchat.user:${username}`);
-    // Derive 32 bytes using HKDF; PBKDF2 already used within importPassword
-    const derived = await hkdfExtractAndExpand(new TextEncoder().encode(password), salt, new TextEncoder().encode("auth-secret"), 32);
-    return b64(derived);
-}
+export async function changePassword(
+    token: string,
+    username: string,
+    currentPassword: string,
+    newPassword: string,
+    logoutAllExceptCurrent: boolean
+): Promise<void> {
+    const currentDerived = await deriveAuthSecret(username, currentPassword);
+    const newDerived = await deriveAuthSecret(username, newPassword);
+    const res = await fetch(`${API_BASE_URL}/change-password`, {
+        method: "POST",
+        headers: getAuthHeaders(token, true),
+        body: JSON.stringify({
+            currentPasswordDerived: currentDerived,
+            newPasswordDerived: newDerived,
+            logoutAllExceptCurrent
+        })
+    });
+    if (!res.ok) throw new Error("Failed to change password");
+}
+
+/**
+ * Deletes the current user's account
+ */
+export async function deleteAccount(token: string): Promise<{ status: string; message: string }> {
+    const res = await fetch(`${API_BASE_URL}/account/delete`, {
+        method: "POST",
+        headers: getAuthHeaders(token, true)
+    });
+    if (!res.ok) {
+        const error = await res.json().catch(() => ({ detail: "Failed to delete account" }));
+        throw new Error(error.detail || "Failed to delete account");
+    }
+    return await res.json();
+}
+