fixed login

Author: Preshy

public/index.html

@@ -14,6 +14,7 @@
   <link id="favicon" rel="icon" type="image/svg+xml" href="/icons/favicon.light.svg">
   <link rel="apple-touch-icon" href="/icons/favicon.light.png">
   <script type="module" src="/js/theme.js"></script>
+  <script src="/js/alerts.js"></script>
   <script type="module" src="/js/main.js"></script>
 </head>
 <body>

public/js/alerts.js

@@ -0,0 +1,48 @@
+/**
+ * Global alert utilities for the application
+ */
+
+// Global alert function for login page
+window.showLoginAlert = function(message, type = 'error') {
+  // Try to find the alert element
+  const alertElement = document.getElementById('login-alert');
+  
+  if (alertElement) {
+    // If the alert element exists, update its content and display it
+    alertElement.textContent = message;
+    alertElement.className = `alert alert-${type}`;
+    alertElement.classList.remove('hidden');
+    
+    // Auto-dismiss success messages after 5 seconds
+    if (type === 'success') {
+      setTimeout(() => {
+        alertElement.classList.add('hidden');
+      }, 5000);
+    }
+  } else {
+    // Fallback to standard browser alert if element doesn't exist
+    console.log(`Alert (${type}): ${message}`);
+    alert(message);
+  }
+};
+
+// Function to show any type of alert by ID
+window.showAlert = function(elementId, message, type = 'error') {
+  const alertElement = document.getElementById(elementId);
+  
+  if (alertElement) {
+    alertElement.textContent = message;
+    alertElement.className = `alert alert-${type}`;
+    alertElement.classList.remove('hidden');
+    
+    if (type === 'success') {
+      setTimeout(() => {
+        alertElement.classList.add('hidden');
+      }, 5000);
+    }
+  } else {
+    // Fallback to console + alert
+    console.log(`Alert (${type}): ${message}`);
+    alert(message);
+  }
+};

public/js/api-client.js

@@ -227,15 +227,21 @@ export class ApiClient {
    * @private
    */
   static async fetchBinaryResponse(url, body) {
-    // Get JWT token from localStorage
-    const jwtToken = localStorage.getItem('jwt_token');
+    // Get JWT token from localStorage and ensure it's properly formatted
+    let jwtToken = localStorage.getItem('jwt_token');
 
     const headers = {
       'Content-Type': 'application/json',
     };
 
     // Add Authorization header with JWT token if available
     if (jwtToken) {
+      // Ensure token is properly trimmed
+      jwtToken = jwtToken.trim();
+      
+      // Log token information for debugging
+      console.log(`API Client: Using JWT token of length ${jwtToken.length}`);
+      
       headers['Authorization'] = `Bearer ${jwtToken}`;
     }
 

public/js/components/api-key-manager.js

@@ -487,12 +487,27 @@ export class ApiKeyManager extends BaseComponent {
       const { ApiClient } = await import('../api-client.js');
       const baseUrl = ApiClient.baseUrl || '/api/1';
 
+      // Get a valid token, avoid sending 'null'
+      const authToken = this._getApiKey();
+      
+      // Debug the token we're about to use
+      console.log('API Key Manager: Authorization token length:', authToken?.length || 0);
+      
+      // Only include Authorization header if we have a valid token
+      const headers = {
+        'Accept': 'application/json'
+      };
+      
+      if (authToken && authToken !== 'null' && authToken.length > 10) {
+        console.log('API Key Manager: Using valid token for Authorization header');
+        headers['Authorization'] = `Bearer ${authToken}`;
+      } else {
+        console.warn('API Key Manager: No valid token available, proceeding without Authorization header');
+      }
+      
       const response = await fetch(`${baseUrl}/api-keys`, {
         method: 'GET',
-        headers: {
-          'Accept': 'application/json',
-          'Authorization': `Bearer ${this._getApiKey()}`
-        }
+        headers
       });
 
       if (!response.ok) {
@@ -532,16 +547,28 @@ export class ApiKeyManager extends BaseComponent {
       const { ApiClient } = await import('../api-client.js');
       const baseUrl = ApiClient.baseUrl || '/api/1';
 
+      // Get a valid token, avoid sending 'null'
+      const authToken = this._getApiKey();
+      
+      // Debug the token we're about to use
+      console.log('API Key Manager: Create key - token length:', authToken?.length || 0);
+      
+      // Only include Authorization header if we have a valid token
+      const headers = {
+        'Content-Type': 'application/json'
+      };
+      
+      if (authToken && authToken !== 'null' && authToken.length > 10) {
+        console.log('API Key Manager: Create key - using valid token');
+        headers['Authorization'] = `Bearer ${authToken}`;
+      } else {
+        console.warn('API Key Manager: Create key - no valid token available');
+      }
+      
       const response = await fetch(`${baseUrl}/api-keys`, {
         method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          'Accept': 'application/json',
-          'Authorization': `Bearer ${this._getApiKey()}`
-        },
-        body: JSON.stringify({
-          name: this._newKeyName
-        })
+        headers,
+        body: JSON.stringify({ name: this._newKeyName })
       });
 
       if (!response.ok) {
@@ -576,13 +603,28 @@ export class ApiKeyManager extends BaseComponent {
       const { ApiClient } = await import('../api-client.js');
       const baseUrl = ApiClient.baseUrl || '/api/1';
 
+      // Get a valid token, avoid sending 'null'
+      const authToken = this._getApiKey();
+      
+      // Debug the token we're about to use
+      console.log('API Key Manager: Toggle key - token length:', authToken?.length || 0);
+      
+      // Only include Authorization header if we have a valid token
+      const headers = {
+        'Content-Type': 'application/json',
+        'Accept': 'application/json'
+      };
+      
+      if (authToken && authToken !== 'null' && authToken.length > 10) {
+        console.log('API Key Manager: Toggle key - using valid token');
+        headers['Authorization'] = `Bearer ${authToken}`;
+      } else {
+        console.warn('API Key Manager: Toggle key - no valid token available');
+      }
+      
       const response = await fetch(`${baseUrl}/api-keys/${keyId}`, {
         method: 'PUT',
-        headers: {
-          'Content-Type': 'application/json',
-          'Accept': 'application/json',
-          'Authorization': `Bearer ${this._getApiKey()}`
-        },
+        headers,
         body: JSON.stringify({
           is_active: isActive
         })
@@ -617,12 +659,27 @@ export class ApiKeyManager extends BaseComponent {
       const { ApiClient } = await import('../api-client.js');
       const baseUrl = ApiClient.baseUrl || '/api/1';
 
+      // Get a valid token, avoid sending 'null'
+      const authToken = this._getApiKey();
+      
+      // Debug the token we're about to use
+      console.log('API Key Manager: Delete key - token length:', authToken?.length || 0);
+      
+      // Only include Authorization header if we have a valid token
+      const headers = {
+        'Accept': 'application/json'
+      };
+      
+      if (authToken && authToken !== 'null' && authToken.length > 10) {
+        console.log('API Key Manager: Delete key - using valid token');
+        headers['Authorization'] = `Bearer ${authToken}`;
+      } else {
+        console.warn('API Key Manager: Delete key - no valid token available');
+      }
+      
       const response = await fetch(`${baseUrl}/api-keys/${keyId}`, {
         method: 'DELETE',
-        headers: {
-          'Accept': 'application/json',
-          'Authorization': `Bearer ${this._getApiKey()}`
-        }
+        headers
       });
 
       if (!response.ok) {
@@ -670,15 +727,30 @@ export class ApiKeyManager extends BaseComponent {
    * @private
    */
   _getApiKey() {
-    // Try to get from localStorage
+    // First, try to get JWT token
+    const jwtToken = localStorage.getItem('jwt_token');
+    if (jwtToken) {
+      console.log('Using JWT token for authentication, length:', jwtToken.length);
+      return jwtToken;
+    }
+    
+    // Next, try API key from localStorage
     const apiKey = localStorage.getItem('api_key');
     if (apiKey) {
+      console.log('Using API key from localStorage for authentication');
       return apiKey;
     }
 
-    // Try to get from URL
+    // Finally, try to get from URL
     const urlParams = new URLSearchParams(window.location.search);
-    return urlParams.get('api_key');
+    const urlApiKey = urlParams.get('api_key');
+    if (urlApiKey) {
+      console.log('Using API key from URL for authentication');
+      return urlApiKey;
+    }
+    
+    console.warn('No authentication token found in storage or URL');
+    return null;
   }
 }