/* ============================================================================
* components-2fa-email.jsx
*
* React components for the new features:
* - TwoFactorLoginStep — shown after password login when 2FA is required
* - TwoFactorEnrollment — forced enrollment after login when platform requires 2FA
* - TwoFactorSettings — user-facing setup/disable/regenerate
* - EmailForwarding — user settings for SMS-to-email
* - AdminSmtpSettings — admin SMTP relay configuration
* - AdminSecuritySettings — admin require_2fa toggle
*
* These are written as CDN-React (Babel standalone), matching the existing
* index.html. Wire into the existing App by importing/using them where
* appropriate. The functions assume the existing fetch wrapper exposes:
* window.api.get(path) → JSON
* window.api.post(path, body)
* window.api.put(path, body)
* If your existing app uses a different convention, swap the calls inline.
* ============================================================================ */
/* eslint-disable */
const { useState, useEffect, useCallback } = React;
// ─── Small UI primitives that match the existing look ──────────────────────
function Field({ label, children, help }) {
return (
{label}
{children}
{help &&
{help}
}
);
}
function Alert({ kind, children }) {
const styles = {
ok: 'bg-green-50 text-green-800 border-green-200',
warn: 'bg-yellow-50 text-yellow-800 border-yellow-200',
err: 'bg-red-50 text-red-800 border-red-200',
info: 'bg-blue-50 text-blue-800 border-blue-200',
};
return {children}
;
}
function Btn({ children, kind = 'primary', ...rest }) {
const cls = {
primary: 'bg-blue-600 hover:bg-blue-700 text-white',
secondary: 'bg-gray-200 hover:bg-gray-300 text-gray-800',
danger: 'bg-red-600 hover:bg-red-700 text-white',
}[kind];
return (
{children}
);
}
// ========================================================================
// TwoFactorLoginStep
// Shown after the password step when the server returns requires_2fa.
// Props: tmp_token, onSuccess({token, user, used_backup_code}), onCancel()
// ========================================================================
function TwoFactorLoginStep({ tmp_token, onSuccess, onCancel }) {
const [code, setCode] = useState('');
const [err, setErr] = useState(null);
const [busy, setBusy] = useState(false);
const submit = async (e) => {
e && e.preventDefault();
if (busy) return;
setErr(null); setBusy(true);
try {
const r = await fetch('/api/auth/2fa/verify', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ tmp_token, code }),
});
const data = await r.json();
if (!r.ok) throw new Error(data.error || 'Verification failed');
onSuccess(data);
} catch (e) {
setErr(e.message);
} finally {
setBusy(false);
}
};
return (
);
}
// ========================================================================
// TwoFactorEnrollment
// Forced enrollment after login when platform requires 2FA.
// Props: tmp_token, onSuccess({token, user, backup_codes})
// ========================================================================
function TwoFactorEnrollment({ tmp_token, onSuccess }) {
const [qr, setQr] = useState(null);
const [secret, setSecret] = useState(null);
const [code, setCode] = useState('');
const [busy, setBusy] = useState(false);
const [err, setErr] = useState(null);
const [backupCodes, setBackupCodes] = useState(null);
const [pendingResult, setPendingResult] = useState(null);
useEffect(() => {
(async () => {
try {
const r = await fetch('/api/auth/2fa/setup', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ tmp_token }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Setup failed');
setQr(d.qr_data_url); setSecret(d.secret);
} catch (e) { setErr(e.message); }
})();
}, [tmp_token]);
const enable = async () => {
if (busy) return;
setErr(null); setBusy(true);
try {
const r = await fetch('/api/auth/2fa/enable', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ tmp_token, code }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Enable failed');
setBackupCodes(d.backup_codes);
setPendingResult(d);
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
if (backupCodes) {
return (
Save your recovery codes
Store these somewhere safe. Each can be used once if you lose your authenticator.
They will not be shown again.
{backupCodes.join('\n')}
onSuccess(pendingResult)}>I've saved them — continue
);
}
return (
Set up two-factor authentication
Two-factor authentication is required on this platform. Scan the QR with your
authenticator app (Google Authenticator, Authy, 1Password, etc.) and enter the
6-digit code to finish.
{qr ? (
{secret}
) :
Generating secret…
}
{err &&
{err} }
{busy ? 'Enabling…' : 'Enable 2FA'}
);
}
// ========================================================================
// TwoFactorSettings (user-facing, in Settings page)
// Props: user (current user object with totp_enabled), onChange (refresh user)
// ========================================================================
function TwoFactorSettings({ user, onChange }) {
const [mode, setMode] = useState('idle'); // idle | enrolling | confirming | disabling | regenerating
const [qr, setQr] = useState(null);
const [secret, setSecret] = useState(null);
const [code, setCode] = useState('');
const [password, setPassword] = useState('');
const [busy, setBusy] = useState(false);
const [err, setErr] = useState(null);
const [backupCodes, setBackupCodes] = useState(null);
const auth = useCallback(() => {
const t = localStorage.getItem('token');
return t ? { Authorization: `Bearer ${t}` } : {};
}, []);
const reset = () => {
setMode('idle'); setQr(null); setSecret(null);
setCode(''); setPassword(''); setErr(null); setBackupCodes(null);
};
const startEnrollment = async () => {
setBusy(true); setErr(null);
try {
const r = await fetch('/api/auth/2fa/setup', {
method: 'POST',
headers: { 'Content-Type': 'application/json', ...auth() },
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Setup failed');
setQr(d.qr_data_url); setSecret(d.secret); setMode('confirming');
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const confirmEnable = async () => {
setBusy(true); setErr(null);
try {
const r = await fetch('/api/auth/2fa/enable', {
method: 'POST',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({ code }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Enable failed');
setBackupCodes(d.backup_codes);
onChange && onChange();
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const disable = async () => {
setBusy(true); setErr(null);
try {
const r = await fetch('/api/auth/2fa/disable', {
method: 'POST',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({ password, code }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Disable failed');
reset();
onChange && onChange();
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const regenerate = async () => {
setBusy(true); setErr(null);
try {
const r = await fetch('/api/auth/2fa/regenerate-codes', {
method: 'POST',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({ password, code }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Regenerate failed');
setBackupCodes(d.backup_codes);
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
if (backupCodes) {
return (
Two-Factor Authentication
Save these recovery codes. Each can be used once. They will not be shown again.
{backupCodes.join('\n')}
Done
);
}
return (
Two-Factor Authentication
{user.totp_enabled ? 'Enabled' : 'Disabled'}
{mode === 'idle' && !user.totp_enabled && (
<>
Protect your account with an authenticator app. You'll be asked for
a 6-digit code each time you log in.
{err &&
{err} }
Enable 2FA
)}
{mode === 'idle' && user.totp_enabled && (
<>
Two-factor authentication is active on your account.
{err &&
{err} }
setMode('regenerating')}>Regenerate recovery codes
setMode('disabling')}>Disable 2FA
)}
{mode === 'confirming' && (
<>
Scan with your authenticator app, then enter the code it shows.
{qr &&
}
{secret &&
{secret}
}
{err &&
{err} }
Cancel
{busy ? 'Enabling…' : 'Confirm & enable'}
)}
{(mode === 'disabling' || mode === 'regenerating') && (
<>
Confirm with your password and a current 2FA code.
{err &&
{err} }
Cancel
{busy ? '…' : (mode === 'disabling' ? 'Disable 2FA' : 'Generate new codes')}
)}
);
}
// ========================================================================
// EmailForwarding (user Settings)
// ========================================================================
function EmailForwarding({ userDIDs = [] }) {
const [cfg, setCfg] = useState(null);
const [busy, setBusy] = useState(false);
const [msg, setMsg] = useState(null);
const [err, setErr] = useState(null);
const auth = () => {
const t = localStorage.getItem('token');
return t ? { Authorization: `Bearer ${t}` } : {};
};
const load = async () => {
try {
const r = await fetch('/api/email-forwards', { headers: auth() });
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Load failed');
setCfg({
enabled: !!d.enabled,
recipients: d.recipients || '',
subject_template: d.subject_template || 'SMS from {from} to {to}',
did_filter: d.did_filter || [],
last_sent_at: d.last_sent_at,
last_error: d.last_error,
});
} catch (e) { setErr(e.message); }
};
useEffect(() => { load(); }, []);
const save = async () => {
setBusy(true); setErr(null); setMsg(null);
try {
const r = await fetch('/api/email-forwards', {
method: 'PUT',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({
enabled: cfg.enabled,
recipients: cfg.recipients,
subject_template: cfg.subject_template,
did_filter: cfg.did_filter && cfg.did_filter.length ? cfg.did_filter : null,
}),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Save failed');
setMsg('Saved.');
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const test = async () => {
setBusy(true); setErr(null); setMsg(null);
try {
const r = await fetch('/api/email-forwards/test', {
method: 'POST', headers: auth(),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Test failed');
setMsg(`Test email sent to ${d.sent_to.join(', ')}`);
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const toggleDid = (number) => {
setCfg(c => {
const cur = new Set(c.did_filter || []);
cur.has(number) ? cur.delete(number) : cur.add(number);
return { ...c, did_filter: Array.from(cur) };
});
};
if (!cfg) return Loading…
;
return (
);
}
// ========================================================================
// AdminSmtpSettings (admin only)
// ========================================================================
function AdminSmtpSettings() {
const [s, setS] = useState(null);
const [test, setTest] = useState('');
const [busy, setBusy] = useState(false);
const [msg, setMsg] = useState(null);
const [err, setErr] = useState(null);
const auth = () => {
const t = localStorage.getItem('token');
return t ? { Authorization: `Bearer ${t}` } : {};
};
useEffect(() => {
(async () => {
const r = await fetch('/api/admin/smtp', { headers: auth() });
const d = await r.json();
if (r.ok) setS(d); else setErr(d.error);
})();
}, []);
const save = async () => {
setBusy(true); setErr(null); setMsg(null);
try {
const payload = { ...s };
// Send booleans as '1'/'0' strings — backend normalizes
payload.smtp_enabled = (s.smtp_enabled === '1' || s.smtp_enabled === 1 || s.smtp_enabled === true) ? '1' : '0';
payload.smtp_secure = (s.smtp_secure === '1' || s.smtp_secure === 1 || s.smtp_secure === true) ? '1' : '0';
const r = await fetch('/api/admin/smtp', {
method: 'PUT',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify(payload),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Save failed');
setMsg('Saved.');
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
const sendTest = async () => {
setBusy(true); setErr(null); setMsg(null);
try {
const r = await fetch('/api/admin/smtp/test', {
method: 'POST',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({ to: test }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Test failed');
setMsg(`Test email sent to ${test}`);
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
if (!s) return Loading…
;
const setK = (k, v) => setS(prev => ({ ...prev, [k]: v }));
return (
);
}
// ========================================================================
// AdminSecuritySettings — require_2fa platform-wide toggle
// ========================================================================
function AdminSecuritySettings() {
const [require2fa, setRequire2fa] = useState(null);
const [busy, setBusy] = useState(false);
const [err, setErr] = useState(null);
const [msg, setMsg] = useState(null);
const auth = () => {
const t = localStorage.getItem('token');
return t ? { Authorization: `Bearer ${t}` } : {};
};
useEffect(() => {
(async () => {
const r = await fetch('/api/admin/smtp/security', { headers: auth() });
const d = await r.json();
if (r.ok) setRequire2fa(d.require_2fa); else setErr(d.error);
})();
}, []);
const save = async () => {
setBusy(true); setErr(null); setMsg(null);
try {
const r = await fetch('/api/admin/smtp/security', {
method: 'PUT',
headers: { 'Content-Type': 'application/json', ...auth() },
body: JSON.stringify({ require_2fa: require2fa }),
});
const d = await r.json();
if (!r.ok) throw new Error(d.error || 'Save failed');
setMsg('Saved.');
} catch (e) { setErr(e.message); }
finally { setBusy(false); }
};
if (require2fa === null) return Loading…
;
return (
Platform Security
Require 2FA for all users
When enabled, all users without 2FA will be forced to enroll on next login.
Existing 2FA-enabled users cannot disable it.
{msg &&
{msg} }
{err &&
{err} }
{busy ? 'Saving…' : 'Save'}
);
}
// Expose components globally so they can be picked up by the existing app
window.SMSPlatformComponents = {
TwoFactorLoginStep,
TwoFactorEnrollment,
TwoFactorSettings,
EmailForwarding,
AdminSmtpSettings,
AdminSecuritySettings,
};