From 56d7e71d9025ee1018eeacfb62ce179f7e0c6000 Mon Sep 17 00:00:00 2001
From: Emily <adharaultimasheireen@gmail.com>
Date: Fri, 14 Feb 2025 16:33:33 +0100
Subject: [PATCH] add username+pass login on NO_AUTH mode

---
 dashboard/nuxt.config.ts             |  2 +-
 dashboard/package.json               |  1 +
 dashboard/pages/login.vue            | 88 +++++++++++++++++-----------
 dashboard/server/api/auth/no_auth.ts | 14 +++--
 docker-compose.yml                   |  4 +-
 5 files changed, 68 insertions(+), 41 deletions(-)

diff --git a/dashboard/nuxt.config.ts b/dashboard/nuxt.config.ts
index a96796c..75e129b 100644
--- a/dashboard/nuxt.config.ts
+++ b/dashboard/nuxt.config.ts
@@ -55,7 +55,7 @@ export default defineNuxtConfig({
     STRIPE_SECRET_TEST: process.env.STRIPE_SECRET_TEST,
     STRIPE_WH_SECRET_TEST: process.env.STRIPE_WH_SECRET_TEST,
     NOAUTH_USER_EMAIL: process.env.NOAUTH_USER_EMAIL,
-    NOAUTH_USER_NAME: process.env.NOAUTH_USER_NAME,
+    NOAUTH_USER_PASS: process.env.NOAUTH_USER_PASS,
     MODE: process.env.MODE || 'NONE',
     SELFHOSTED: process.env.SELFHOSTED || 'FALSE',
     public: {
diff --git a/dashboard/package.json b/dashboard/package.json
index ec9cc53..89ecdfd 100644
--- a/dashboard/package.json
+++ b/dashboard/package.json
@@ -7,6 +7,7 @@
     "build:prod": "npm run workspace:shared && nuxt build --dotenv .env.prod",
     "dev": "npm run workspace:shared && nuxt dev --dotenv .env.testmode",
     "dev:prod": "npm run workspace:shared && nuxi dev --dotenv .env.prod",
+    "dev:docker": "npm run workspace:shared && nuxi dev --dotenv .env.docker",
     "generate": "nuxt generate",
     "preview": "nuxt preview",
     "postinstall": "nuxt prepare",
diff --git a/dashboard/pages/login.vue b/dashboard/pages/login.vue
index 2518019..11bcb00 100644
--- a/dashboard/pages/login.vue
+++ b/dashboard/pages/login.vue
@@ -13,32 +13,6 @@ const useCodeClientWrapper = isNoAuth.value === false ?
         return { isReady: false, login: () => { } }
     }
 
-async function loginWithoutAuth() {
-    try {
-        const result = await $fetch('/api/auth/no_auth');
-        if (result.error) return alert('Error during login, please try again');
-
-        setToken(result.access_token);
-
-        const user = await $fetch<any>('/api/user/me', { headers: { 'Authorization': 'Bearer ' + token.value } })
-        const loggedUser = useLoggedUser();
-        loggedUser.user = user;
-
-        console.log('LOGIN DONE - USER', loggedUser.user);
-
-        const isFirstTime = await $fetch<boolean>('/api/user/is_first_time', { headers: { 'Authorization': 'Bearer ' + token.value } })
-
-        if (isFirstTime === true) {
-            router.push('/project_creation?just_logged=true');
-        } else {
-            router.push('/?just_logged=true');
-        }
-
-    } catch (ex: any) {
-        alert('Error during login.' + ex.message);
-    }
-}
-
 const { isReady, login } = useCodeClientWrapper({ onSuccess: handleOnSuccess, onError: handleOnError, });
 
 const router = useRouter();
@@ -121,6 +95,39 @@ function goBackToEmailLogin() {
     password.value = '';
 }
 
+async function signInSelfhosted() {
+    try {
+        const result = await $fetch(`/api/auth/no_auth`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ email: email.value, password: password.value })
+        });
+        if (result.error) {
+            if (result.errorMessage) return alert(result.errorMessage);
+            return alert('Error during login, please try again');
+        }
+
+        setToken(result.access_token);
+
+        const user = await $fetch<any>('/api/user/me', { headers: { 'Authorization': 'Bearer ' + token.value } })
+        const loggedUser = useLoggedUser();
+        loggedUser.user = user;
+
+        console.log('LOGIN DONE - USER', loggedUser.user);
+
+        const isFirstTime = await $fetch<boolean>('/api/user/is_first_time', { headers: { 'Authorization': 'Bearer ' + token.value } })
+
+        if (isFirstTime === true) {
+            router.push('/project_creation?just_logged=true');
+        } else {
+            router.push('/?just_logged=true');
+        }
+
+    } catch (ex: any) {
+        alert('Error during login.' + ex.message);
+    }
+}
+
 async function signInWithCredentials() {
 
     try {
@@ -176,7 +183,8 @@ async function signInWithCredentials() {
                     Sign in
                 </div>
 
-                <div class="text-lyx-lightmode-text/80 dark:text-lyx-text/80 text-[1.2rem] font-light text-center w-[70%] poppins mt-2">
+                <div
+                    class="text-lyx-lightmode-text/80 dark:text-lyx-text/80 text-[1.2rem] font-light text-center w-[70%] poppins mt-2">
                     Track web analytics and custom events
                     with extreme simplicity in under 30 sec.
                     <br>
@@ -217,7 +225,8 @@ async function signInWithCredentials() {
 
                     </div>
 
-                    <div v-if="!isNoAuth && !isEmailLogin" class="flex flex-col text-lyx-lightmode-text dark:text-lyx-text gap-2">
+                    <div v-if="!isNoAuth && !isEmailLogin"
+                        class="flex flex-col text-lyx-lightmode-text dark:text-lyx-text gap-2">
 
                         <div @click="login"
                             class="hover:bg-lyx-primary bg-white dark:bg-transparent cursor-pointer flex text-[1.3rem] gap-4 items-center border-[1px] border-gray-400 rounded-lg px-8 py-3 relative z-[2]">
@@ -247,17 +256,30 @@ async function signInWithCredentials() {
 
                     </div>
 
+
+
                     <div v-if="isNoAuth" @click="loginWithoutAuth"
-                        class="hover:bg-accent cursor-pointer flex text-[1.3rem] gap-4 items-center border-[1px] border-gray-400 rounded-lg px-8 py-3 relative z-[2]">
-                        <div class="flex items-center">
-                            <i class="far fa-crown"></i>
+                        class="flex text-[1.3rem] flex-col gap-4 items-center px-8 py-3 relative z-[2]">
+                        <div class="flex flex-col gap-4 z-[100] w-[20vw] min-w-[20rem]">
+                            <LyxUiInput class="px-3 py-2" placeholder="Email" v-model="email"></LyxUiInput>
+                            <LyxUiInput class="px-3 py-2" placeholder="Password" v-model="password" type="password">
+                            </LyxUiInput>
+                        </div>
+                        <div class="flex justify-center mt-4 z-[100]">
+                            <LyxUiButton @click="signInSelfhosted()" class="text-center" type="primary">
+                                Sign in
+                            </LyxUiButton>
                         </div>
-                        Continue as Admin
                     </div>
 
+
+
+
+
                 </div>
 
-                <div class="text-[.9rem] poppins mt-20 text-lyx-lightmode-text-dark dark:text-lyx-text-dark text-center relative z-[2]">
+                <div
+                    class="text-[.9rem] poppins mt-20 text-lyx-lightmode-text-dark dark:text-lyx-text-dark text-center relative z-[2]">
                     By continuing you are accepting
                     <br>
                     our
diff --git a/dashboard/server/api/auth/no_auth.ts b/dashboard/server/api/auth/no_auth.ts
index bafc3a1..489c38c 100644
--- a/dashboard/server/api/auth/no_auth.ts
+++ b/dashboard/server/api/auth/no_auth.ts
@@ -2,7 +2,7 @@
 import { createUserJwt } from '~/server/AuthManager';
 import { UserModel } from '@schema/UserSchema';
 
-const { NOAUTH_USER_EMAIL, NOAUTH_USER_NAME, public: publicRuntime } = useRuntimeConfig();
+const { NOAUTH_USER_EMAIL, NOAUTH_USER_PASS, public: publicRuntime } = useRuntimeConfig();
 
 const noAuthMode = publicRuntime.AUTH_MODE == 'NO_AUTH';
 
@@ -18,11 +18,15 @@ export default defineEventHandler(async event => {
         return { error: true, access_token: '' }
     }
 
-    if (!NOAUTH_USER_NAME) {
-        console.error('NOAUTH_USER_NAME is required in NO_AUTH mode');
+    if (!NOAUTH_USER_PASS) {
+        console.error('NOAUTH_USER_PASS is required in NO_AUTH mode');
         return { error: true, access_token: '' }
     }
 
+    const body = await readBody(event);
+
+    if (body.email != NOAUTH_USER_EMAIL || body.password != NOAUTH_USER_PASS) return { error: true, access_token: '', errorMessage: 'Username or password invalid' }
+
     const user = await UserModel.findOne({ email: NOAUTH_USER_EMAIL });
 
     if (user) return {
@@ -35,8 +39,8 @@ export default defineEventHandler(async event => {
 
     const newUser = new UserModel({
         email: NOAUTH_USER_EMAIL,
-        given_name: NOAUTH_USER_NAME,
-        name: NOAUTH_USER_NAME,
+        given_name: NOAUTH_USER_EMAIL.split('@')[0] || 'NONAME',
+        name: NOAUTH_USER_EMAIL.split('@')[0] || 'NONAME',
         locale: 'no-auth',
         picture: '',
         created_at: Date.now()
diff --git a/docker-compose.yml b/docker-compose.yml
index 360493a..c6a9cc9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -90,9 +90,9 @@ services:
       # NO_AUTH or GOOGLE
       NUXT_PUBLIC_AUTH_MODE: 'NO_AUTH'
 
-      # Default user created in NO_AUTH mode
+      # Credentials to login in NO_AUTH mode
       NUXT_NOAUTH_USER_EMAIL: 'default@user.com'
-      NUXT_NOAUTH_USER_NAME: "defaultuser"
+      NUXT_NOAUTH_USER_PASS: "litlyx123"
 
       NUXT_SELFHOSTED: 'true'
       NUXT_PUBLIC_SELFHOSTED: 'true'