'use client'; import { Input, Label } from '@/components/input'; import { Logo } from '@/components/logo'; import { Button } from '@/components/ui/button'; import { apiFetch, apiUrl } from '@/lib/api'; import Link from 'next/link'; import { useEffect, useState } from 'react'; const ERROR_COPY: Record = { google_failed: 'Google sign-in could not be completed. Please try again.', google_state: 'Google sign-in expired or was interrupted. Please try again.', github_failed: 'GitHub sign-in could not be completed. Please try again.', github_state: 'GitHub sign-in expired or was interrupted. Please try again.', invalid_phone: 'That phone number does not look right. Check the country and number.', rate_limited: 'Too many requests. Wait a few minutes and try again.', sms_request_failed: 'Could not send the SMS. Check the number and try again.', invalid_or_expired_code: 'That code has expired. Request a new one.', invalid_code: 'Wrong code. Check the SMS and try again.', too_many_attempts: 'Too many wrong attempts. Request a new code.', sms_verify_failed: 'Could not verify the code. Try again.', }; // Country dial codes for the phone-login picker. Sorted by name; Switzerland // is the default (Swiss-built product, Swiss Twilio sender number). const COUNTRIES: { code: string; name: string; dial: string }[] = [ { code: 'AR', name: 'Argentina', dial: '+54' }, { code: 'AU', name: 'Australia', dial: '+61' }, { code: 'AT', name: 'Austria', dial: '+43' }, { code: 'BE', name: 'Belgium', dial: '+32' }, { code: 'BR', name: 'Brazil', dial: '+55' }, { code: 'BG', name: 'Bulgaria', dial: '+359' }, { code: 'CA', name: 'Canada', dial: '+1' }, { code: 'CL', name: 'Chile', dial: '+56' }, { code: 'CN', name: 'China', dial: '+86' }, { code: 'CO', name: 'Colombia', dial: '+57' }, { code: 'HR', name: 'Croatia', dial: '+385' }, { code: 'CZ', name: 'Czechia', dial: '+420' }, { code: 'DK', name: 'Denmark', dial: '+45' }, { code: 'EG', name: 'Egypt', dial: '+20' }, { code: 'EE', name: 'Estonia', dial: '+372' }, { code: 'FI', name: 'Finland', dial: '+358' }, { code: 'FR', name: 'France', dial: '+33' }, { code: 'DE', name: 'Germany', dial: '+49' }, { code: 'GR', name: 'Greece', dial: '+30' }, { code: 'HK', name: 'Hong Kong', dial: '+852' }, { code: 'HU', name: 'Hungary', dial: '+36' }, { code: 'IS', name: 'Iceland', dial: '+354' }, { code: 'IN', name: 'India', dial: '+91' }, { code: 'ID', name: 'Indonesia', dial: '+62' }, { code: 'IE', name: 'Ireland', dial: '+353' }, { code: 'IL', name: 'Israel', dial: '+972' }, { code: 'IT', name: 'Italy', dial: '+39' }, { code: 'JP', name: 'Japan', dial: '+81' }, { code: 'KE', name: 'Kenya', dial: '+254' }, { code: 'LV', name: 'Latvia', dial: '+371' }, { code: 'LI', name: 'Liechtenstein', dial: '+423' }, { code: 'LT', name: 'Lithuania', dial: '+370' }, { code: 'LU', name: 'Luxembourg', dial: '+352' }, { code: 'MY', name: 'Malaysia', dial: '+60' }, { code: 'MX', name: 'Mexico', dial: '+52' }, { code: 'NL', name: 'Netherlands', dial: '+31' }, { code: 'NZ', name: 'New Zealand', dial: '+64' }, { code: 'NG', name: 'Nigeria', dial: '+234' }, { code: 'NO', name: 'Norway', dial: '+47' }, { code: 'PH', name: 'Philippines', dial: '+63' }, { code: 'PL', name: 'Poland', dial: '+48' }, { code: 'PT', name: 'Portugal', dial: '+351' }, { code: 'RO', name: 'Romania', dial: '+40' }, { code: 'SA', name: 'Saudi Arabia', dial: '+966' }, { code: 'RS', name: 'Serbia', dial: '+381' }, { code: 'SG', name: 'Singapore', dial: '+65' }, { code: 'SK', name: 'Slovakia', dial: '+421' }, { code: 'SI', name: 'Slovenia', dial: '+386' }, { code: 'ZA', name: 'South Africa', dial: '+27' }, { code: 'KR', name: 'South Korea', dial: '+82' }, { code: 'ES', name: 'Spain', dial: '+34' }, { code: 'SE', name: 'Sweden', dial: '+46' }, { code: 'CH', name: 'Switzerland', dial: '+41' }, { code: 'TH', name: 'Thailand', dial: '+66' }, { code: 'TR', name: 'Turkey', dial: '+90' }, { code: 'UA', name: 'Ukraine', dial: '+380' }, { code: 'AE', name: 'United Arab Emirates', dial: '+971' }, { code: 'GB', name: 'United Kingdom', dial: '+44' }, { code: 'US', name: 'United States', dial: '+1' }, { code: 'VN', name: 'Vietnam', dial: '+84' }, ]; function dialFor(code: string): string { return COUNTRIES.find((c) => c.code === code)?.dial ?? '+41'; } /** Combine a dial code and a locally-typed number into strict E.164. */ function toE164(dial: string, local: string): string { const digits = local.replace(/\D/g, '').replace(/^0+/, ''); return dial + digits; } function errCode(err: unknown): string { const detail = (err as { detail?: { error?: string } }).detail; return detail?.error ?? (err as Error).message ?? 'unknown'; } export default function LoginPage() { const [providers, setProviders] = useState({ google: false, github: false, sms: false, email: false, }); // Default to SMS — email is off by default until an SMTP/Resend provider // is wired. The effect below flips to 'email' if the backend says it's on. const [method, setMethod] = useState<'email' | 'phone'>('phone'); const [error, setError] = useState(null); // Email magic-link const [email, setEmail] = useState(''); const [emailState, setEmailState] = useState<'idle' | 'sending' | 'sent'>('idle'); // SMS one-time code const [country, setCountry] = useState('CH'); const [phoneLocal, setPhoneLocal] = useState(''); const [sentTo, setSentTo] = useState(''); const [code, setCode] = useState(''); const [smsStep, setSmsStep] = useState<'phone' | 'code'>('phone'); const [smsBusy, setSmsBusy] = useState(false); useEffect(() => { apiFetch<{ google: boolean; github: boolean; sms: boolean; email: boolean }>( '/v1/auth/providers', ) .then((p) => { setProviders(p); // Pick the most-likely method up-front: email if enabled, else SMS. if (p.email) setMethod('email'); else if (p.sms) setMethod('phone'); }) .catch(() => undefined); const err = new URLSearchParams(window.location.search).get('error'); if (err) setError(ERROR_COPY[err] ?? 'Sign-in failed. Please try again.'); }, []); async function sendMagicLink(e: React.FormEvent) { e.preventDefault(); setEmailState('sending'); setError(null); try { await apiFetch('/v1/auth/magic-link', { method: 'POST', body: JSON.stringify({ email }) }); setEmailState('sent'); } catch (err) { setEmailState('idle'); setError(ERROR_COPY[errCode(err)] ?? 'Could not send the link.'); } } async function requestSmsCode(e: React.FormEvent) { e.preventDefault(); setSmsBusy(true); setError(null); const full = toE164(dialFor(country), phoneLocal); try { await apiFetch('/v1/auth/sms/request', { method: 'POST', body: JSON.stringify({ phone: full }), }); setSentTo(full); setSmsStep('code'); } catch (err) { setError(ERROR_COPY[errCode(err)] ?? 'Could not send the SMS.'); } finally { setSmsBusy(false); } } async function verifySmsCode(e: React.FormEvent) { e.preventDefault(); setSmsBusy(true); setError(null); try { await apiFetch('/v1/auth/sms/verify', { method: 'POST', body: JSON.stringify({ phone: sentTo, code }), }); window.location.href = '/dashboard'; } catch (err) { setError(ERROR_COPY[errCode(err)] ?? 'Could not verify the code.'); setSmsBusy(false); } } const hasOAuth = providers.google || providers.github; return (

Sign in to your workspace

Passwordless — pick whichever is easiest.

{hasOAuth && (
{providers.google && ( Continue with Google )} {providers.github && ( Continue with GitHub )}
)} {hasOAuth && (
or
)} {/* Tab toggle only shown when BOTH email and SMS are enabled — if just one is configured, that method's form renders directly without a useless one-tab toggle. */} {providers.sms && providers.email && (
{(['email', 'phone'] as const).map((m) => ( ))}
)}
{method === 'email' && providers.email && emailState !== 'sent' && (
setEmail(e.target.value)} placeholder="you@company.com" />
)} {method === 'email' && providers.email && emailState === 'sent' && (

Magic link sent to {email}.

Open it on this device to finish signing in.

)} {method === 'phone' && smsStep === 'phone' && (
setPhoneLocal(e.target.value)} placeholder="79 123 45 67" />
)} {method === 'phone' && smsStep === 'code' && (
setCode(e.target.value.replace(/\D/g, ''))} placeholder="123456" className="mono tracking-[0.3em]" />
)} {error &&

{error}

}
← Back to home
); } function GoogleIcon() { return ( ); } function GitHubIcon() { return ( ); }