cameleer/cameleer-saas
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7fc8a4d40786eb0849f767d6ee2536d78b39ba9d
cameleer-saas/ui/src/pages/tenant/SettingsPage.tsx

225 lines
8.7 KiB
TypeScript
Raw Normal View History

feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
import { useState } from 'react';
fix(ui): extract meaningful error messages from API responses Introduces ApiError class in client.ts that parses Spring Boot error bodies to extract human-readable messages (message, error, detail fields). Adds errorMessage() helper used by all toast descriptions instead of raw String(err) which dumped JSON blobs to the user. Affected: all 10 page components that display error toasts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 21:10:28 +02:00
import { errorMessage } from '../../api/client';
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
import {
Alert,
Badge,
feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
Button,
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
Card,
feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
FormField,
Input,
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
Spinner,
feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
useToast,
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
} from '@cameleer/design-system';
feat: add MFA enrollment and enforcement toggle to Settings page Adds two new sections to the tenant Settings page: - MfaSection: TOTP authenticator setup with QR code, 6-digit verification, backup code display (2-column grid with copy/download), and MFA removal - MfaEnforcementToggle: tenant admin control to require MFA for all members, with confirmation dialog before enabling Installs qrcode.react for QR code rendering. Uses existing MFA hooks from tenant-hooks.ts and design-system components. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 14:04:28 +02:00
import {
refactor: consolidate tenant SettingsPage to use shared account components Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 14:59:09 +02:00
useTenantSettings,
useResetServerAdminPassword,
feat: add passkey management and auth policy sections to tenant settings Adds PasskeySection (list/rename/delete passkeys), AuthPolicySection (MFA mode + passkey enable/mode controls), and PasskeyNudgeBanner (dismissable nudge for users without a passkey enrolled). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 08:55:04 +02:00
useTenantAuthSettings, useUpdateTenantAuthSettings,
feat: add MFA enrollment and enforcement toggle to Settings page Adds two new sections to the tenant Settings page: - MfaSection: TOTP authenticator setup with QR code, 6-digit verification, backup code display (2-column grid with copy/download), and MFA removal - MfaEnforcementToggle: tenant admin control to require MFA for all members, with confirmation dialog before enabling Installs qrcode.react for QR code rendering. Uses existing MFA hooks from tenant-hooks.ts and design-system components. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 14:04:28 +02:00
} from '../../api/tenant-hooks';
refactor: consolidate tenant SettingsPage to use shared account components Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 14:59:09 +02:00
import { MfaSection } from '../../components/account/MfaSection';
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
import { PasskeySection } from '../../components/account/PasskeySection';
feat: add MFA enrollment and enforcement toggle to Settings page Adds two new sections to the tenant Settings page: - MfaSection: TOTP authenticator setup with QR code, 6-digit verification, backup code display (2-column grid with copy/download), and MFA removal - MfaEnforcementToggle: tenant admin control to require MFA for all members, with confirmation dialog before enabling Installs qrcode.react for QR code rendering. Uses existing MFA hooks from tenant-hooks.ts and design-system components. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 14:04:28 +02:00
import { useScopes } from '../../auth/useScopes';
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
import styles from '../../styles/platform.module.css';
function statusColor(status: string): 'success' | 'error' | 'warning' | 'auto' {
switch (status?.toUpperCase()) {
case 'ACTIVE': return 'success';
case 'SUSPENDED': return 'warning';
case 'PROVISIONING': return 'auto';
case 'ERROR': return 'error';
default: return 'auto';
}
}
feat: add passkey management and auth policy sections to tenant settings Adds PasskeySection (list/rename/delete passkeys), AuthPolicySection (MFA mode + passkey enable/mode controls), and PasskeyNudgeBanner (dismissable nudge for users without a passkey enrolled). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 08:55:04 +02:00
function AuthPolicySection() {
const scopes = useScopes();
const { toast } = useToast();
const { data: authSettings } = useTenantAuthSettings();
const updateAuth = useUpdateTenantAuthSettings();
if (!scopes.has('tenant:manage') || !authSettings) return null;
async function handleMfaModeChange(mode: string) {
try {
await updateAuth.mutateAsync({ mfaMode: mode });
toast({ title: `MFA mode set to ${mode}`, variant: 'success' });
} catch (err) {
toast({ title: 'Failed to update', description: errorMessage(err), variant: 'error' });
}
}
async function handlePasskeyToggle() {
if (!authSettings) return;
try {
await updateAuth.mutateAsync({ passkeyEnabled: !authSettings.passkeyEnabled });
toast({ title: authSettings.passkeyEnabled ? 'Passkeys disabled' : 'Passkeys enabled', variant: 'success' });
} catch (err) {
toast({ title: 'Failed to update', description: errorMessage(err), variant: 'error' });
}
}
async function handlePasskeyModeChange(mode: string) {
try {
await updateAuth.mutateAsync({ passkeyMode: mode });
toast({ title: `Passkey mode set to ${mode}`, variant: 'success' });
} catch (err) {
toast({ title: 'Failed to update', description: errorMessage(err), variant: 'error' });
}
}
return (
<Card title="Authentication Policy">
<p className={styles.description} style={{ marginTop: 0 }}>
Configure MFA and passkey requirements for your organization's users.
</p>
<div style={{ display: 'flex', alignItems: 'center', gap: 12, marginBottom: 12 }}>
<span style={{ fontSize: '0.875rem' }}>MFA Mode</span>
<Badge label={authSettings.mfaMode} color={authSettings.mfaMode === 'required' ? 'success' : 'auto'} />
</div>
<div style={{ display: 'flex', gap: 8, marginBottom: 16 }}>
{['off', 'optional', 'required'].map((mode) => (
<Button key={mode} variant={authSettings.mfaMode === mode ? 'primary' : 'secondary'}
onClick={() => handleMfaModeChange(mode)} loading={updateAuth.isPending} size="sm">
{mode.charAt(0).toUpperCase() + mode.slice(1)}
</Button>
))}
</div>
<div style={{ display: 'flex', alignItems: 'center', gap: 12, marginBottom: 12 }}>
<span style={{ fontSize: '0.875rem' }}>Passkeys</span>
<Badge label={authSettings.passkeyEnabled ? 'Enabled' : 'Disabled'} color={authSettings.passkeyEnabled ? 'success' : 'auto'} />
</div>
<Button variant={authSettings.passkeyEnabled ? 'danger' : 'primary'}
onClick={handlePasskeyToggle} loading={updateAuth.isPending} size="sm">
{authSettings.passkeyEnabled ? 'Disable passkeys' : 'Enable passkeys'}
</Button>
{authSettings.passkeyEnabled && (
<div style={{ marginTop: 16 }}>
<div style={{ display: 'flex', alignItems: 'center', gap: 12, marginBottom: 12 }}>
<span style={{ fontSize: '0.875rem' }}>Passkey Mode</span>
<Badge label={authSettings.passkeyMode} color={authSettings.passkeyMode === 'required' ? 'success' : 'auto'} />
</div>
<div style={{ display: 'flex', gap: 8 }}>
{['optional', 'preferred', 'required'].map((mode) => (
<Button key={mode} variant={authSettings.passkeyMode === mode ? 'primary' : 'secondary'}
onClick={() => handlePasskeyModeChange(mode)} loading={updateAuth.isPending} size="sm">
{mode.charAt(0).toUpperCase() + mode.slice(1)}
</Button>
))}
</div>
</div>
)}
</Card>
);
}
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
export function SettingsPage() {
const { data, isLoading, isError } = useTenantSettings();
feat: server admin password reset via tenant portal - POST /api/tenant/server/admin-password — resets server's built-in admin password via M2M API call to the tenant's server - Settings page: "Server Admin Password" card - ServerApiClient.resetServerAdminPassword() calls server's password reset endpoint with M2M token Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:46:30 +02:00
const resetServerAdmin = useResetServerAdminPassword();
feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
const { toast } = useToast();
feat: server admin password reset via tenant portal - POST /api/tenant/server/admin-password — resets server's built-in admin password via M2M API call to the tenant's server - Settings page: "Server Admin Password" card - ServerApiClient.resetServerAdminPassword() calls server's password reset endpoint with M2M token Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:46:30 +02:00
const [serverAdminPw, setServerAdminPw] = useState('');
feat: password management for tenant portal - POST /api/tenant/password — change own Logto password - POST /api/tenant/team/{userId}/password — reset team member password - Settings page: "Change Password" card with confirm field - Team page: "Reset Password" button per member with inline form - LogtoManagementClient.updateUserPassword() via Logto Management API Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:19:48 +02:00
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
if (isLoading) {
return (
<div style={{ display: 'flex', justifyContent: 'center', padding: 64 }}>
<Spinner />
</div>
);
}
if (isError || !data) {
return (
<div style={{ padding: 24 }}>
<Alert variant="error" title="Failed to load settings">
Could not fetch settings. Please refresh.
</Alert>
</div>
);
}
return (
fix: null display name, settings scrollbar, redundant passkey offer - Profile API returns empty string instead of "null" when Logto user has no display name set (String.valueOf(null) → "null" bug). - SettingsPage: add overflowY auto + flex 1 so content scrolls within the AppShell layout (which uses overflow: hidden). - Remove redundant passkey offer from onboarding page — passkey enrollment now happens during sign-in via the Experience API. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 18:53:13 +02:00
<div style={{ padding: 24, display: 'flex', flexDirection: 'column', gap: 20, overflowY: 'auto', flex: 1 }}>
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
<h1 style={{ margin: 0, fontSize: '1.25rem', fontWeight: 600 }}>Settings</h1>
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
{/* Card 1: Tenant Details */}
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
<Card title="Tenant Details">
<div className={styles.dividerList}>
<div className={styles.kvRow}>
<span className={styles.kvLabel}>Name</span>
<span className={styles.kvValue}>{data.name}</span>
</div>
<div className={styles.kvRow}>
<span className={styles.kvLabel}>Slug</span>
<span className={styles.kvValueMono}>{data.slug}</span>
</div>
<div className={styles.kvRow}>
<span className={styles.kvLabel}>Status</span>
<Badge label={data.status} color={statusColor(data.status)} />
</div>
<div className={styles.kvRow}>
<span className={styles.kvLabel}>Server Endpoint</span>
<span className={styles.kvValueMono}>{data.serverEndpoint ?? '—'}</span>
</div>
<div className={styles.kvRow}>
<span className={styles.kvLabel}>Created</span>
<span className={styles.kvValue}>{new Date(data.createdAt).toLocaleDateString()}</span>
</div>
</div>
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
<div style={{ borderTop: '1px solid var(--border)', marginTop: 16, paddingTop: 16 }}>
<p className={styles.description} style={{ margin: '0 0 12px' }}>
Reset the built-in admin password for your server dashboard (local login at <code>/login?local</code>).
</p>
<form
onSubmit={async (e) => {
e.preventDefault();
if (serverAdminPw.length < 8) {
toast({ title: 'Password must be at least 8 characters', variant: 'error' });
return;
}
try {
await resetServerAdmin.mutateAsync(serverAdminPw);
toast({ title: 'Server admin password reset successfully', variant: 'success' });
setServerAdminPw('');
} catch (err) {
toast({ title: 'Failed to reset server admin password', description: errorMessage(err), variant: 'error' });
}
}}
style={{ display: 'flex', gap: 8, alignItems: 'flex-end' }}
>
<div style={{ flex: 1 }}>
<FormField label="Server admin password" htmlFor="server-admin-pw">
<Input
id="server-admin-pw"
type="password"
value={serverAdminPw}
onChange={(e) => setServerAdminPw(e.target.value)}
placeholder="Enter new admin password"
required
minLength={8}
/>
</FormField>
</div>
feat: server admin password reset via tenant portal - POST /api/tenant/server/admin-password — resets server's built-in admin password via M2M API call to the tenant's server - Settings page: "Server Admin Password" card - ServerApiClient.resetServerAdminPassword() calls server's password reset endpoint with M2M token Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:46:30 +02:00
<Button type="submit" variant="primary" loading={resetServerAdmin.isPending}>
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
Reset
feat: server admin password reset via tenant portal - POST /api/tenant/server/admin-password — resets server's built-in admin password via M2M API call to the tenant's server - Settings page: "Server Admin Password" card - ServerApiClient.resetServerAdminPassword() calls server's password reset endpoint with M2M token Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:46:30 +02:00
</Button>
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
</form>
</div>
</Card>
{/* Card 2: Multi-Factor Authentication (MFA + Passkeys combined) */}
<Card title="Multi-Factor Authentication">
<MfaSection bare />
<div style={{ borderTop: '1px solid var(--border)', marginTop: 16, paddingTop: 16 }}>
<h3 style={{ margin: '0 0 8px', fontSize: '0.875rem', fontWeight: 600, textTransform: 'uppercase', letterSpacing: '0.05em', color: 'var(--text-muted)' }}>
Passkeys
</h3>
<PasskeySection bare />
</div>
feat: server admin password reset via tenant portal - POST /api/tenant/server/admin-password — resets server's built-in admin password via M2M API call to the tenant's server - Settings page: "Server Admin Password" card - ServerApiClient.resetServerAdminPassword() calls server's password reset endpoint with M2M token Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 09:46:30 +02:00
</Card>
feat: add MFA enrollment and enforcement toggle to Settings page Adds two new sections to the tenant Settings page: - MfaSection: TOTP authenticator setup with QR code, 6-digit verification, backup code display (2-column grid with copy/download), and MFA removal - MfaEnforcementToggle: tenant admin control to require MFA for all members, with confirmation dialog before enabling Installs qrcode.react for QR code rendering. Uses existing MFA hooks from tenant-hooks.ts and design-system components. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 14:04:28 +02:00
fix: team invite role resolution, user cleanup, and settings page redesign - Resolve org role names to Logto role IDs in invite and role change flows (fixes entity.relation_foreign_key_not_found on invite) - Handle existing Logto users on re-invite instead of failing with email_already_in_use - Delete users from Logto when removed from last org membership - Consolidate tenant settings page into 3 cards: Tenant Details, MFA, Authentication Policy — remove duplicate MFA Enforcement and Change Password (now in Account Settings) - Make passkey list scrollable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-27 22:36:21 +02:00
{/* Card 3: Authentication Policy (org-wide settings) */}
feat: add passkey management and auth policy sections to tenant settings Adds PasskeySection (list/rename/delete passkeys), AuthPolicySection (MFA mode + passkey enable/mode controls), and PasskeyNudgeBanner (dismissable nudge for users without a passkey enrolled). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 08:55:04 +02:00
<AuthPolicySection />
feat: tenant portal — all 5 pages (dashboard, license, OIDC, team, settings) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 22:00:21 +02:00
</div>
);
}
Reference in New Issue Copy Permalink