admin/task-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Auth with passwords + Playwright E2E tests + PostHog analytics

Browse Source 
- bcrypt password hashing in auth (register, login, change-password)
- Login/register pages with password fields
- Profile update + OAuth placeholder endpoints
- Playwright test suite: auth, pages, API (3 test files)
- PostHog Docker analytics on :8010

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Admin
2026-03-29 14:26:51 +00:00
parent b4b8439f80
commit dd995d9c0f
13 changed files with 439 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -3,3 +3,5 @@ node_modules/
.env .env
*.log *.log
.claude/ .claude/
test-results/
test-results.json

10
api/package-lock.json generated
View File

@@ -17,6 +17,7 @@
"@fastify/swagger": "^9.7.0", "@fastify/swagger": "^9.7.0",
"@fastify/swagger-ui": "^5.2.5", "@fastify/swagger-ui": "^5.2.5",
"bcrypt": "^6.0.0", "bcrypt": "^6.0.0",
"bcryptjs": "^3.0.3",
"dotenv": "^17.3.1", "dotenv": "^17.3.1",
"fastify": "^5.8.4", "fastify": "^5.8.4",
"ioredis": "^5.10.1", "ioredis": "^5.10.1",
@@ -578,6 +579,15 @@
"node": ">= 18" "node": ">= 18"
} }
}, },
"node_modules/bcryptjs": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz",
"integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==",
"license": "BSD-3-Clause",
"bin": {
"bcrypt": "bin/bcrypt"
}
},
"node_modules/binary-extensions": { "node_modules/binary-extensions": {
"version": "2.3.0", "version": "2.3.0",
"resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",

1
api/package.json
View File

@@ -21,6 +21,7 @@
"@fastify/swagger": "^9.7.0", "@fastify/swagger": "^9.7.0",
"@fastify/swagger-ui": "^5.2.5", "@fastify/swagger-ui": "^5.2.5",
"bcrypt": "^6.0.0", "bcrypt": "^6.0.0",
"bcryptjs": "^3.0.3",
"dotenv": "^17.3.1", "dotenv": "^17.3.1",
"fastify": "^5.8.4", "fastify": "^5.8.4",
"ioredis": "^5.10.1", "ioredis": "^5.10.1",

94
api/src/routes/auth.js
View File

@@ -1,29 +1,97 @@
// Task Team — Auth Routes — 2026-03-29 // Task Team — Auth Routes with password + OAuth prep — 2026-03-29
const bcrypt = require('bcryptjs');
async function authRoutes(app) { async function authRoutes(app) {
// Simple JWT auth for now, Supabase integration later // Register with password
app.post('/auth/register', async (req) => { app.post('/auth/register', async (req) => {
const { email, name, phone, password } = req.body; const { email, name, phone, password, language } = req.body;
if (!email || !name || !password) throw { statusCode: 400, message: 'Email, name and password required' };
if (password.length < 6) throw { statusCode: 400, message: 'Password must be at least 6 characters' };
// Check if email exists
const { rows: existing } = await app.db.query('SELECT id FROM users WHERE email = $1', [email]);
if (existing.length) throw { statusCode: 409, message: 'Email already registered' };
const hash = await bcrypt.hash(password, 12);
const { rows } = await app.db.query( const { rows } = await app.db.query(
'INSERT INTO users (email, name, phone) VALUES ($1, $2, $3) RETURNING id, email, name', 'INSERT INTO users (email, name, phone, auth_provider, language, settings) VALUES ($1, $2, $3, $4, $5, $6) RETURNING id, email, name, phone, language',
[email, name, phone] [email, name, phone, 'email', language || 'cs', JSON.stringify({ password_hash: hash })]
); );
const token = app.jwt.sign({ id: rows[0].id, email: rows[0].email }); const token = app.jwt.sign({ id: rows[0].id, email: rows[0].email }, { expiresIn: '7d' });
return { data: { user: rows[0], token } }; return { data: { user: rows[0], token } };
}); });
// Login with password
app.post('/auth/login', async (req) => { app.post('/auth/login', async (req) => {
const { email } = req.body; const { email, password } = req.body;
const { rows } = await app.db.query('SELECT id, email, name FROM users WHERE email = $1', [email]); if (!email) throw { statusCode: 400, message: 'Email required' };
if (!rows.length) throw { statusCode: 401, message: 'User not found' };
const token = app.jwt.sign({ id: rows[0].id, email: rows[0].email }); const { rows } = await app.db.query('SELECT id, email, name, phone, language, settings FROM users WHERE email = $1', [email]);
return { data: { user: rows[0], token } }; if (!rows.length) throw { statusCode: 401, message: 'Invalid credentials' };
const user = rows[0];
const hash = user.settings?.password_hash;
// If user has password, verify it
if (hash && password) {
const valid = await bcrypt.compare(password, hash);
if (!valid) throw { statusCode: 401, message: 'Invalid credentials' };
} else if (hash && !password) {
throw { statusCode: 400, message: 'Password required' };
}
// If no hash (legacy user), allow login without password (backward compat)
const token = app.jwt.sign({ id: user.id, email: user.email }, { expiresIn: '7d' });
const { settings, ...safeUser } = user;
return { data: { user: safeUser, token } };
}); });
app.get('/auth/me', { preHandler: [async (req) => { await req.jwtVerify() }] }, async (req) => { // Get current user
const { rows } = await app.db.query('SELECT id, email, name, phone, language, settings FROM users WHERE id = $1', [req.user.id]); app.get('/auth/me', { preHandler: [async (req) => { await req.jwtVerify(); }] }, async (req) => {
const { rows } = await app.db.query(
'SELECT id, email, name, phone, language, avatar_url, auth_provider, created_at FROM users WHERE id = $1',
[req.user.id]
);
if (!rows.length) throw { statusCode: 404, message: 'User not found' }; if (!rows.length) throw { statusCode: 404, message: 'User not found' };
return { data: rows[0] }; return { data: rows[0] };
}); });
// Update profile
app.put('/auth/me', { preHandler: [async (req) => { await req.jwtVerify(); }] }, async (req) => {
const { name, phone, language, avatar_url } = req.body;
const { rows } = await app.db.query(
'UPDATE users SET name=COALESCE($1,name), phone=COALESCE($2,phone), language=COALESCE($3,language), avatar_url=COALESCE($4,avatar_url), updated_at=NOW() WHERE id=$5 RETURNING id, email, name, phone, language, avatar_url',
[name, phone, language, avatar_url, req.user.id]
);
return { data: rows[0] };
});
// Change password
app.post('/auth/change-password', { preHandler: [async (req) => { await req.jwtVerify(); }] }, async (req) => {
const { current_password, new_password } = req.body;
if (!new_password || new_password.length < 6) throw { statusCode: 400, message: 'New password must be at least 6 characters' };
const { rows } = await app.db.query('SELECT settings FROM users WHERE id = $1', [req.user.id]);
const hash = rows[0]?.settings?.password_hash;
if (hash && current_password) {
const valid = await bcrypt.compare(current_password, hash);
if (!valid) throw { statusCode: 401, message: 'Current password is incorrect' };
}
const newHash = await bcrypt.hash(new_password, 12);
await app.db.query(
"UPDATE users SET settings = settings || $1::jsonb, updated_at = NOW() WHERE id = $2",
[JSON.stringify({ password_hash: newHash }), req.user.id]
);
return { status: 'ok', message: 'Password changed' };
});
// OAuth callback placeholder (for Google/Apple/Facebook)
app.get('/auth/oauth/:provider', async (req) => {
const { provider } = req.params;
// TODO: Implement OAuth flows
return { status: 'not_implemented', provider, message: 'OAuth coming soon. Use email/password.' };
});
} }
module.exports = authRoutes; module.exports = authRoutes;

32
apps/tasks/app/login/page.tsx
View File

@@ -9,6 +9,8 @@ import { useTranslation } from "@/lib/i18n";
export default function LoginPage() { export default function LoginPage() {
const [email, setEmail] = useState(""); const [email, setEmail] = useState("");
const [password, setPassword] = useState("");
const [showPassword, setShowPassword] = useState(false);
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
const [error, setError] = useState(""); const [error, setError] = useState("");
const { setAuth } = useAuth(); const { setAuth } = useAuth();
@@ -24,7 +26,7 @@ export default function LoginPage() {
setLoading(true); setLoading(true);
setError(""); setError("");
try { try {
const result = await login({ email: email.trim() }); const result = await login({ email: email.trim(), password: password || undefined });
setAuth(result.data.token, result.data.user); setAuth(result.data.token, result.data.user);
router.push("/tasks"); router.push("/tasks");
} catch (err) { } catch (err) {
@@ -60,6 +62,28 @@ export default function LoginPage() {
/> />
</div> </div>
<div>
<label className="block text-sm font-medium mb-1">{t("auth.password")}</label>
<div className="relative">
<input
type={showPassword ? "text" : "password"}
value={password}
onChange={(e) => setPassword(e.target.value)}
className="w-full px-3 py-2.5 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-800 focus:ring-2 focus:ring-blue-500 focus:border-transparent outline-none pr-10"
placeholder="******"
autoComplete="current-password"
/>
<button
type="button"
onClick={() => setShowPassword(!showPassword)}
className="absolute right-3 top-1/2 -translate-y-1/2 text-gray-400 hover:text-gray-600 dark:hover:text-gray-300 text-sm"
tabIndex={-1}
>
{showPassword ? t("auth.hidePassword") : t("auth.showPassword")}
</button>
</div>
</div>
<button <button
type="submit" type="submit"
disabled={loading} disabled={loading}
@@ -69,6 +93,12 @@ export default function LoginPage() {
</button> </button>
</form> </form>
<div className="mt-4 text-center">
<Link href="/forgot-password" className="text-sm text-blue-600 hover:underline">
{t("auth.forgotPassword")}
</Link>
</div>
<p className="text-center text-sm text-muted mt-4"> <p className="text-center text-sm text-muted mt-4">
{t("auth.noAccount")}{" "} {t("auth.noAccount")}{" "}
<Link href="/register" className="text-blue-600 hover:underline"> <Link href="/register" className="text-blue-600 hover:underline">

90
apps/tasks/app/register/page.tsx
View File

@@ -7,22 +7,52 @@ import { register } from "@/lib/api";
import { useAuth } from "@/lib/auth"; import { useAuth } from "@/lib/auth";
import { useTranslation } from "@/lib/i18n"; import { useTranslation } from "@/lib/i18n";
function getPasswordStrength(pw: string): { level: number; label: string; color: string } {
if (!pw) return { level: 0, label: "", color: "" };
let score = 0;
if (pw.length >= 6) score++;
if (pw.length >= 10) score++;
if (/[A-Z]/.test(pw)) score++;
if (/[0-9]/.test(pw)) score++;
if (/[^A-Za-z0-9]/.test(pw)) score++;
if (score <= 1) return { level: 1, label: "weak", color: "bg-red-500" };
if (score <= 2) return { level: 2, label: "fair", color: "bg-orange-500" };
if (score <= 3) return { level: 3, label: "good", color: "bg-yellow-500" };
if (score <= 4) return { level: 4, label: "strong", color: "bg-green-500" };
return { level: 5, label: "excellent", color: "bg-emerald-500" };
}
export default function RegisterPage() { export default function RegisterPage() {
const [email, setEmail] = useState(""); const [email, setEmail] = useState("");
const [name, setName] = useState(""); const [name, setName] = useState("");
const [phone, setPhone] = useState(""); const [phone, setPhone] = useState("");
const [password, setPassword] = useState("");
const [confirmPassword, setConfirmPassword] = useState("");
const [showPassword, setShowPassword] = useState(false);
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
const [error, setError] = useState(""); const [error, setError] = useState("");
const { setAuth } = useAuth(); const { setAuth } = useAuth();
const { t } = useTranslation(); const { t } = useTranslation();
const router = useRouter(); const router = useRouter();
const strength = getPasswordStrength(password);
const passwordsMatch = password === confirmPassword;
async function handleSubmit(e: React.FormEvent) { async function handleSubmit(e: React.FormEvent) {
e.preventDefault(); e.preventDefault();
if (!email.trim() || !name.trim()) { if (!email.trim() || !name.trim()) {
setError(t("common.error")); setError(t("common.error"));
return; return;
} }
if (!password || password.length < 6) {
setError(t("auth.passwordMinLength"));
return;
}
if (password !== confirmPassword) {
setError(t("auth.passwordMismatch"));
return;
}
setLoading(true); setLoading(true);
setError(""); setError("");
try { try {
@@ -30,6 +60,7 @@ export default function RegisterPage() {
email: email.trim(), email: email.trim(),
name: name.trim(), name: name.trim(),
phone: phone.trim() || undefined, phone: phone.trim() || undefined,
password: password,
}); });
setAuth(result.data.token, result.data.user); setAuth(result.data.token, result.data.user);
router.push("/tasks"); router.push("/tasks");
@@ -86,9 +117,66 @@ export default function RegisterPage() {
/> />
</div> </div>
<div>
<label className="block text-sm font-medium mb-1">{t("auth.password")} *</label>
<div className="relative">
<input
type={showPassword ? "text" : "password"}
value={password}
onChange={(e) => setPassword(e.target.value)}
className="w-full px-3 py-2.5 border border-gray-300 dark:border-gray-600 rounded-lg bg-white dark:bg-gray-800 focus:ring-2 focus:ring-blue-500 focus:border-transparent outline-none pr-10"
placeholder="******"
autoComplete="new-password"
/>
<button
type="button"
onClick={() => setShowPassword(!showPassword)}
className="absolute right-3 top-1/2 -translate-y-1/2 text-gray-400 hover:text-gray-600 dark:hover:text-gray-300 text-sm"
tabIndex={-1}
>
{showPassword ? t("auth.hidePassword") : t("auth.showPassword")}
</button>
</div>
{password && (
<div className="mt-2">
<div className="flex gap-1 mb-1">
{[1, 2, 3, 4, 5].map((i) => (
<div
key={i}
className={`h-1.5 flex-1 rounded-full ${
i <= strength.level ? strength.color : "bg-gray-200 dark:bg-gray-700"
}`}
/>
))}
</div>
<p className="text-xs text-muted">{t(`auth.strength.${strength.label}`)}</p>
</div>
)}
<p className="text-xs text-muted mt-1">{t("auth.passwordMinLength")}</p>
</div>
<div>
<label className="block text-sm font-medium mb-1">{t("auth.confirmPassword")} *</label>
<input
type={showPassword ? "text" : "password"}
value={confirmPassword}
onChange={(e) => setConfirmPassword(e.target.value)}
className={`w-full px-3 py-2.5 border rounded-lg bg-white dark:bg-gray-800 focus:ring-2 focus:ring-blue-500 focus:border-transparent outline-none ${
confirmPassword && !passwordsMatch
? "border-red-400 dark:border-red-600"
: "border-gray-300 dark:border-gray-600"
}`}
placeholder="******"
autoComplete="new-password"
/>
{confirmPassword && !passwordsMatch && (
<p className="text-xs text-red-500 mt-1">{t("auth.passwordMismatch")}</p>
)}
</div>
<button <button
type="submit" type="submit"
disabled={loading} disabled={loading || (!!confirmPassword && !passwordsMatch)}
className="w-full bg-blue-600 hover:bg-blue-700 text-white font-medium py-2.5 px-4 rounded-lg transition-colors disabled:opacity-50" className="w-full bg-blue-600 hover:bg-blue-700 text-white font-medium py-2.5 px-4 rounded-lg transition-colors disabled:opacity-50"
> >
{loading ? t("common.loading") : t("auth.registerBtn")} {loading ? t("common.loading") : t("auth.registerBtn")}

2
apps/tasks/lib/api.ts
View File

@@ -35,7 +35,7 @@ async function apiFetch<T>(path: string, opts: ApiOptions = {}): Promise<T> {
} }
// Auth // Auth
export function register(data: { email: string; name: string; phone?: string }) { export function register(data: { email: string; name: string; phone?: string; password: string }) {
return apiFetch<{ data: { token: string; user: User } }>("/api/v1/auth/register", { return apiFetch<{ data: { token: string; user: User } }>("/api/v1/auth/register", {
method: "POST", method: "POST",
body: data, body: data,

79
package-lock.json generated Normal file
View File

@@ -0,0 +1,79 @@
{
"name": "task-team",
"version": "1.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "task-team",
"version": "1.0.0",
"license": "ISC",
"devDependencies": {
"@playwright/test": "^1.58.2"
}
},
"node_modules/@playwright/test": {
"version": "1.58.2",
"resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.58.2.tgz",
"integrity": "sha512-akea+6bHYBBfA9uQqSYmlJXn61cTa+jbO87xVLCWbTqbWadRVmhxlXATaOjOgcBaWU4ePo0wB41KMFv3o35IXA==",
"dev": true,
"license": "Apache-2.0",
"dependencies": {
"playwright": "1.58.2"
},
"bin": {
"playwright": "cli.js"
},
"engines": {
"node": ">=18"
}
},
"node_modules/fsevents": {
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
"integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
"dev": true,
"hasInstallScript": true,
"license": "MIT",
"optional": true,
"os": [
"darwin"
],
"engines": {
"node": "^8.16.0 || ^10.6.0 || >=11.0.0"
}
},
"node_modules/playwright": {
"version": "1.58.2",
"resolved": "https://registry.npmjs.org/playwright/-/playwright-1.58.2.tgz",
"integrity": "sha512-vA30H8Nvkq/cPBnNw4Q8TWz1EJyqgpuinBcHET0YVJVFldr8JDNiU9LaWAE1KqSkRYazuaBhTpB5ZzShOezQ6A==",
"dev": true,
"license": "Apache-2.0",
"dependencies": {
"playwright-core": "1.58.2"
},
"bin": {
"playwright": "cli.js"
},
"engines": {
"node": ">=18"
},
"optionalDependencies": {
"fsevents": "2.3.2"
}
},
"node_modules/playwright-core": {
"version": "1.58.2",
"resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.58.2.tgz",
"integrity": "sha512-yZkEtftgwS8CsfYo7nm0KE8jsvm6i/PTgVtB8DL726wNf6H2IMsDuxCpJj59KDaxCtSnrWan2AeDqM7JBaultg==",
"dev": true,
"license": "Apache-2.0",
"bin": {
"playwright-core": "cli.js"
},
"engines": {
"node": ">=18"
}
}
}
}

23
package.json Normal file
View File

@@ -0,0 +1,23 @@
{
"name": "task-team",
"version": "1.0.0",
"description": "",
"main": "ecosystem.config.js",
"scripts": {
"test:api": "playwright test tests/api.spec.ts",
"test:auth": "playwright test tests/auth.spec.ts",
"test:tasks": "playwright test tests/tasks.spec.ts",
"test": "playwright test"
},
"repository": {
"type": "git",
"url": "http://admin:TaskTeam2026!@10.10.10.40:3000/admin/task-team.git"
},
"keywords": [],
"author": "",
"license": "ISC",
"type": "commonjs",
"devDependencies": {
"@playwright/test": "^1.58.2"
}
}

16
playwright.config.ts Normal file
View File

@@ -0,0 +1,16 @@
import { defineConfig } from '@playwright/test';
export default defineConfig({
testDir: './tests',
timeout: 30000,
use: {
baseURL: 'http://localhost:3001',
headless: true,
screenshot: 'only-on-failure',
},
projects: [{ name: 'chromium', use: { browserName: 'chromium' } }],
reporter: [
['list'],
['json', { outputFile: '/opt/task-team/test-results.json' }],
],
});

40
tests/api.spec.ts Normal file
View File

@@ -0,0 +1,40 @@
import { test, expect } from '@playwright/test';
const API = 'http://localhost:3000';
test.describe('API Endpoints', () => {
test('health check', async ({ request }) => {
const res = await request.get(`${API}/health`);
expect(res.ok()).toBeTruthy();
const data = await res.json();
expect(data.status).toBe('ok');
});
test('list tasks', async ({ request }) => {
const res = await request.get(`${API}/api/v1/tasks`);
expect(res.ok()).toBeTruthy();
});
test('list groups', async ({ request }) => {
const res = await request.get(`${API}/api/v1/groups`);
expect(res.ok()).toBeTruthy();
const data = await res.json();
expect(data.data.length).toBeGreaterThan(0);
});
test('system health', async ({ request }) => {
const res = await request.get(`${API}/api/v1/system/health`);
expect(res.ok()).toBeTruthy();
});
test('create and delete task', async ({ request }) => {
const create = await request.post(`${API}/api/v1/tasks`, {
data: { title: 'E2E Test Task', priority: 'low' }
});
expect(create.ok()).toBeTruthy();
const { data } = await create.json();
const del = await request.delete(`${API}/api/v1/tasks/${data.id}`);
expect(del.ok()).toBeTruthy();
});
});

32
tests/auth.spec.ts Normal file
View File

@@ -0,0 +1,32 @@
import { test, expect } from '@playwright/test';
test.describe('Auth Flow', () => {
const email = `test-${Date.now()}@test.cz`;
test('register page loads', async ({ page }) => {
await page.goto('/register');
await expect(page).toHaveTitle(/Task Team/);
});
test('login page loads', async ({ page }) => {
await page.goto('/login');
await expect(page.locator('input[type="email"]')).toBeVisible();
});
test('register new user', async ({ page }) => {
await page.goto('/register');
// Name is the first text input (autoFocus), email is type=email
await page.locator('input[type="text"]').first().fill('Test User');
await page.locator('input[type="email"]').fill(email);
await page.locator('button[type="submit"]').click();
await page.waitForTimeout(2000);
// Should redirect to tasks or show success
});
test('login existing user', async ({ page }) => {
await page.goto('/login');
await page.fill('input[type="email"]', email);
await page.locator('button[type="submit"]').click();
await page.waitForTimeout(2000);
});
});

34
tests/tasks.spec.ts Normal file
View File

@@ -0,0 +1,34 @@
import { test, expect } from '@playwright/test';
test.describe('Tasks', () => {
test('tasks page loads', async ({ page }) => {
await page.goto('/tasks');
await page.waitForTimeout(1000);
await expect(page.locator('body')).toBeVisible();
});
test('calendar page loads', async ({ page }) => {
await page.goto('/calendar');
await expect(page.locator('body')).toBeVisible();
});
test('chat page loads', async ({ page }) => {
await page.goto('/chat');
await expect(page.locator('body')).toBeVisible();
});
test('goals page loads', async ({ page }) => {
await page.goto('/goals');
await expect(page.locator('body')).toBeVisible();
});
test('settings page loads', async ({ page }) => {
await page.goto('/settings');
await expect(page.locator('body')).toBeVisible();
});
test('projects page loads', async ({ page }) => {
await page.goto('/projects');
await expect(page.locator('body')).toBeVisible();
});
});