refactor progress

2026-02-17 12:22:36 +00:00
parent cb31608523
commit d5abd1a7e4
8257 changed files with 1190207 additions and 761040 deletions
--- a/fluxer_app/src/viewmodels/auth/AuthFlow.test.tsx
+++ b/fluxer_app/src/viewmodels/auth/AuthFlow.test.tsx
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2026 Fluxer Contributors
+ *
+ * This file is part of Fluxer.
+ *
+ * Fluxer is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Fluxer is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {afterEach, describe, expect, it, vi} from 'vitest';
+
+vi.mock('@app/actions/AuthenticationActionCreators', async (importOriginal) => {
+	const actual = await importOriginal<typeof import('@app/actions/AuthenticationActionCreators')>();
+	return {
+		...actual,
+		resetPassword: vi.fn(),
+	};
+});
+
+import * as AuthenticationActionCreators from '@app/actions/AuthenticationActionCreators';
+import {resetPassword} from '@app/viewmodels/auth/AuthFlow';
+
+describe('AuthFlow resetPassword', () => {
+	const mockedResetPassword = vi.mocked(AuthenticationActionCreators.resetPassword);
+
+	afterEach(() => {
+		vi.clearAllMocks();
+	});
+
+	it('returns success result when reset returns auth token', async () => {
+		mockedResetPassword.mockResolvedValue({
+			token: 'test-token',
+			user_id: '123',
+		});
+
+		const result = await resetPassword('reset-token', 'new-password');
+
+		expect(result).toEqual({
+			type: 'success',
+			payload: {
+				token: 'test-token',
+				userId: '123',
+			},
+		});
+	});
+
+	it('returns MFA challenge when reset requires MFA', async () => {
+		mockedResetPassword.mockResolvedValue({
+			mfa: true,
+			ticket: 'mfa-ticket',
+			sms: false,
+			totp: true,
+			webauthn: false,
+		});
+
+		const result = await resetPassword('reset-token', 'new-password');
+
+		expect(result).toEqual({
+			type: 'mfa',
+			challenge: {
+				ticket: 'mfa-ticket',
+				sms: false,
+				totp: true,
+				webauthn: false,
+			},
+		});
+	});
+});
--- a/fluxer_app/src/viewmodels/auth/AuthFlow.tsx
+++ b/fluxer_app/src/viewmodels/auth/AuthFlow.tsx
@@ -17,13 +17,13 @@
 * along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
 */

+import * as AuthenticationActionCreators from '@app/actions/AuthenticationActionCreators';
 import type {AuthenticationResponseJSON, PublicKeyCredentialRequestOptionsJSON} from '@simplewebauthn/browser';
-import * as AuthenticationActionCreators from '~/actions/AuthenticationActionCreators';

 export interface LoginSuccessPayload {
 	token: string;
 	userId: string;
-	pendingVerification?: boolean;
+	redirect_to?: string;
 }

 export interface MfaChallenge {
@@ -48,18 +48,15 @@ export async function loginWithPassword({
 	email,
 	password,
 	inviteCode,
-	customApiEndpoint,
 }: {
 	email: string;
 	password: string;
 	inviteCode?: string;
-	customApiEndpoint?: string;
 }): Promise<LoginResult> {
 	const response = await AuthenticationActionCreators.login({
 		email,
 		password,
 		inviteCode,
-		customApiEndpoint,
 	});

 	if (AuthenticationActionCreators.isIpAuthorizationRequiredResponse(response)) {
@@ -85,14 +82,13 @@ export async function loginWithPassword({
 		};
 	}

-	const successResponse = response as {token: string; user_id: string; pending_verification?: boolean};
+	const successResponse = response as {token: string; user_id: string};

 	return {
 		type: 'success',
 		payload: {
 			token: successResponse.token,
 			userId: successResponse.user_id,
-			pendingVerification: successResponse.pending_verification,
 		},
 	};
 }
@@ -166,8 +162,18 @@ export async function authenticateWithWebAuthn({
 	return {token: result.token, userId: result.user_id};
 }

-interface RegisterPendingVerificationResult {
-	type: 'pending_verification';
+export async function startSsoLogin({redirectTo}: {redirectTo?: string}): Promise<{authorizationUrl: string}> {
+	const result = await AuthenticationActionCreators.startSso(redirectTo);
+	return {authorizationUrl: result.authorization_url};
+}
+
+export async function completeSsoLogin({code, state}: {code: string; state: string}): Promise<LoginSuccessPayload> {
+	const result = await AuthenticationActionCreators.completeSso({code, state});
+	return {
+		token: result.token,
+		userId: result.user_id,
+		redirect_to: result.redirect_to,
+	};
 }

 interface RegisterSuccessResult {
@@ -175,14 +181,13 @@ interface RegisterSuccessResult {
 	payload: LoginSuccessPayload;
 }

-export type RegisterResult = RegisterPendingVerificationResult | RegisterSuccessResult;
+export type RegisterResult = RegisterSuccessResult;

 export async function registerAccount({
 	email,
 	globalName,
 	username,
 	password,
-	betaCode,
 	dateOfBirth,
 	consent,
 	inviteCode,
@@ -192,7 +197,6 @@ export async function registerAccount({
 	globalName?: string;
 	username?: string;
 	password: string;
-	betaCode: string;
 	dateOfBirth: string;
 	consent: boolean;
 	inviteCode?: string;
@@ -203,16 +207,11 @@ export async function registerAccount({
 		global_name: globalName,
 		username,
 		password,
-		beta_code: betaCode,
 		date_of_birth: dateOfBirth,
 		consent,
 		invite_code: inviteCode ?? giftCode,
 	});

-	if (response.pending_verification) {
-		return {type: 'pending_verification'};
-	}
-
 	return {
 		type: 'success',
 		payload: {token: response.token, userId: response.user_id},
@@ -223,9 +222,28 @@ export async function requestPasswordReset(email: string): Promise<void> {
 	return AuthenticationActionCreators.forgotPassword(email);
 }

-export async function resetPassword(token: string, password: string): Promise<LoginSuccessPayload> {
+export type PasswordResetResult =
+	| {type: 'success'; payload: LoginSuccessPayload}
+	| {type: 'mfa'; challenge: MfaChallenge};
+
+export async function resetPassword(token: string, password: string): Promise<PasswordResetResult> {
 	const response = await AuthenticationActionCreators.resetPassword(token, password);
-	return {token: response.token, userId: response.user_id};
+	if ('token' in response) {
+		return {
+			type: 'success',
+			payload: {token: response.token, userId: response.user_id},
+		};
+	}
+
+	return {
+		type: 'mfa',
+		challenge: {
+			ticket: response.ticket,
+			sms: response.sms,
+			totp: response.totp,
+			webauthn: response.webauthn,
+		},
+	};
 }

 export async function verifyEmail(token: string): Promise<AuthenticationActionCreators.VerificationResult> {
@@ -246,8 +264,10 @@ export async function resendIpAuthorization(ticket: string): Promise<void> {
 	return AuthenticationActionCreators.resendIpAuthorization(ticket);
 }

-export async function subscribeToIpAuthorization(ticket: string): Promise<EventSource> {
-	return AuthenticationActionCreators.subscribeToIpAuthorization(ticket);
+export async function pollIpAuthorization(
+	ticket: string,
+): Promise<AuthenticationActionCreators.IpAuthorizationPollResult> {
+	return AuthenticationActionCreators.pollIpAuthorization(ticket);
 }

 export async function initiateDesktopHandoff() {