GTEdgeAI/gt-ai-os-community
3
0
Fork 0
Code Issues Packages Releases Wiki Activity
Files
b9dfb862607bc6dca04e6fa2c6a7556b9910a6a8
gt-ai-os-community/apps/control-panel-frontend/src/app/auth/login/page.tsx
HackWeasel b9dfb86260 GT AI OS Community Edition v2.0.33 
Security hardening release addressing CodeQL and Dependabot alerts:

- Fix stack trace exposure in error responses
- Add SSRF protection with DNS resolution checking
- Implement proper URL hostname validation (replaces substring matching)
- Add centralized path sanitization to prevent path traversal
- Fix ReDoS vulnerability in email validation regex
- Improve HTML sanitization in validation utilities
- Fix capability wildcard matching in auth utilities
- Update glob dependency to address CVE
- Add CodeQL suppression comments for verified false positives

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00

146 lines
5.1 KiB
TypeScript
Raw Blame History

'use client';
import { useState, useEffect } from 'react';
import { useRouter } from 'next/navigation';
import { useForm } from 'react-hook-form';
import { zodResolver } from '@hookform/resolvers/zod';
import * as z from 'zod';
import { useAuthStore } from '@/stores/auth-store';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card';
import { Loader2, Eye, EyeOff } from 'lucide-react';
const loginSchema = z.object({
email: z.string().email('Invalid email address'),
password: z.string().min(1, 'Password is required'),
});
type LoginForm = z.infer<typeof loginSchema>;
export default function LoginPage() {
const router = useRouter();
const { login, isLoading, isAuthenticated } = useAuthStore();
const [showPassword, setShowPassword] = useState(false);
const {
register,
handleSubmit,
formState: { errors, isSubmitting },
} = useForm<LoginForm>({
resolver: zodResolver(loginSchema),
});
// Redirect if already authenticated
useEffect(() => {
if (isAuthenticated) {
router.replace('/dashboard/tenants');
}
}, [isAuthenticated, router]);
const onSubmit = async (data: LoginForm) => {
const result = await login(data.email, data.password);
if (result.success) {
if (result.requiresTfa) {
// Redirect to TFA verification page
router.push('/auth/verify-tfa');
} else {
// Check if user has TFA setup pending
const { user } = useAuthStore.getState();
if (user?.tfa_setup_pending) {
router.push('/dashboard/settings');
} else {
router.push('/dashboard/tenants');
}
}
}
};
if (isAuthenticated) {
return null; // Prevent flash before redirect
}
return (
<div className="min-h-screen flex items-center justify-center bg-gradient-to-br from-slate-50 to-slate-100 dark:from-slate-900 dark:to-slate-800 p-4">
<Card className="w-full max-w-md">
<CardHeader className="space-y-1 text-center">
<div className="w-16 h-16 bg-primary rounded-lg flex items-center justify-center mx-auto mb-4">
<span className="text-2xl font-bold text-primary-foreground">GT</span>
</div>
<CardTitle className="text-2xl font-bold">GT 2.0 Control Panel</CardTitle>
<CardDescription>
Sign in to your super administrator account
</CardDescription>
<div className="mt-4 p-3 bg-amber-50 dark:bg-amber-950 border border-amber-200 dark:border-amber-800 rounded-md">
<p className="text-xs text-amber-800 dark:text-amber-200 text-center">
<strong>Super Admin Access Only</strong>
<br />
Only super administrators can access the Control Panel.
Tenant admins and users should use the main tenant application.
</p>
</div>
</CardHeader>
<CardContent>
<form onSubmit={handleSubmit(onSubmit)} className="space-y-4">
<div className="space-y-2">
<Label htmlFor="email">Email</Label>
<Input
id="email"
type="email"
placeholder="Enter your email"
{...register('email')}
className={errors.email ? 'border-red-500' : ''}
/>
{errors.email && (
<p className="text-sm text-red-600">{errors.email.message}</p>
)}
</div>
<div className="space-y-2">
<Label htmlFor="password">Password</Label>
<div className="relative">
<Input
id="password"
type={showPassword ? 'text' : 'password'}
placeholder="Enter your password"
{...register('password')}
className={errors.password ? 'border-red-500 pr-10' : 'pr-10'}
/>
<button
type="button"
className="absolute inset-y-0 right-0 pr-3 flex items-center"
onClick={() => setShowPassword(!showPassword)}
>
{showPassword ? (
<EyeOff className="h-4 w-4 text-gray-400" />
) : (
<Eye className="h-4 w-4 text-gray-400" />
)}
</button>
</div>
{errors.password && (
<p className="text-sm text-red-600">{errors.password.message}</p>
)}
</div>
<Button
type="submit"
className="w-full"
disabled={isSubmitting || isLoading}
>
{isSubmitting || isLoading ? (
<>
<Loader2 className="mr-2 h-4 w-4 animate-spin" />
Signing in...
</>
) : (
'Sign In'
)}
</Button>
</form>
</CardContent>
</Card>
</div>
);
}
View Git Blame Copy Permalink