feat: session auth implementation (#4411)

* feat: session authentication and god-mode implementation (#4302)

* dev: move authentication to base class for credentials

* chore: new account creation

* dev: return error as query parameter

* dev: accounts and profile endpoints for user

* fix: user store updates

* fix: store fixes

* fix: type fixes

* dev: set is_password_autoset and is_email_verifier for auth providers

* dev: move all auth configuration to different apps

* dev: fix circular imports

* dev: remove unused imports

* dev: fix imports for authentication

* dev: update endpoints to use rest framework api viewa

* fix: onboarding fixes

* dev: session model changes

* fix: session model and add check for last name first name and avatar

* dev: fix referer redirect

* dev: remove auth imports

* dev: fix imports

* dev: update migrations

* fix: instance admin login

* comflict: conflicts resolved

* dev: fix import errors and email check endpoint

* fix: error messages and redirects after login

* dev: configs api

* fix: is github enabled boolean

* dev: merge config and instance api

* conflict: merge conflict resolved

* dev: instance admin sign up endpoint

* dev: enable magic link login

* dev: configure instance variables for github and google enabled

* chore: typo fixes

* fix: god mode docker file changes

* build-error: resolved build errors

* fix: docker compose changes

* dev: add email credential check endpoint

* fix: minor package changes

* fix: docker related changes

* dev: add nginx rules in the nginx template

* dev: refactor the url patterns

* fix: docker changes

* fix: docker files for god-mode

* fix: static export

* fix: nginx conf

* dev: smtp sender refused exception

* fix: godmode fixes

* chore: god mode revamp.

* dev: add csrf secured flag

* fix: oauth redirect uri and session settings

* chore: god mode app changes.  (#3982)

* chore: send test email functionality.

* style: authentication methods page UI revamp.

* chore: create workspace popup.

* fix: user me endpoint

* dev: fix redirection after authentication

* dev: handle god mode redirection

* fix: redirections

* fix: auth related hooks

* fix: store related fixes

* dev: fix session authentication for rest apis

* fix: linting errors

* fix: removing references of useStore=

* dev: fix redirection and password validation

* dev: add useUser hook

* fix: build fixes and lint issues

* fix: removing useApplication hook

* fix: build errors

* fix: delete unused files

* fix: auth build fixes

* fix: bugfixes

* dev: alter avatar to support more than 255 chars

* dev: fix profile endpoint and increase session expiry time and update session on every request

* chore: resolved the migration

* chore: resolved merge conflicts

* dev: error codes and error messages for the auth flow

* dev: instance admin sign up and sign in endpoint

* dev: use zxcvbn to validate password strength

* dev: add extra parameters when error handling on instance god mode

* chore: auth init

* chore: signin/ signup form ui updates and password strength meter.

* chore: update password fields.

* chore: validations and error handling.

* chore: updated sign-up form

* chore: updated workflow and updated the code structure

* chore: instance empty state for god-mode.

* chore: instance and auth wrappers update

* fix: renaming godmode

* fix: docker changes

* chore: updated authentication wrappers

* chore: updated the authentication workflow and rendered all pages

* fix: build errors

* fix: docker related fixes

* fix: tailing slash added to space and admin for valid nginx locations

* chore: seperate pages for signup and login

* git-action modified for admin file changes

* feature build action updated for admin app

* self host modified

* chore: resolved build errors and handled signin and signup in a seperate route

* chore: sign-in and sign-up revamp.

* fix: migration conflicts

* dev: migrations

* chore: handled redirection

* dev: admin url

* dev: create seperate endpoint for instance admin me

* dev: instance admin endpoint

* git action fixed

* chore: handled auth wrappers

* dev: add serializer and remove print logs

* fix: build errors

* dev: fix migrations

* dev: instance folder structuring

* fix: linting errors

* chore: resolved build errors

* chore: updated store and auth workflow and updates api service types

* chore: Replaced Next Link with Anchoer tag for god-mode redirection

* add 3333 port to allowed origins

* make password login working again

* dev: fix redirection, add admin signout endpoint and fix email credential check endpoint

* fix unique code sign in

* fix small build error

* enable sign out

* dev: add google client secret variable to configure instance

* dev: add referer for redirection

* fix origin urls for oauths

* admin setup and login separation

* dev: fix user redirection and tour completed endpoint

* fix build errors

* dev: add set password endpoint

* dev: remove user creation logic for redirection

* fix unique code page

* fix forgot password

* chore: onboarding revamp.

* dev: fix workspace slug redirection in login

* chore: invited user onboarding flow update.

* chore: fix switch or delete account modal.

* fix members exception

* refactor auth flows and add invitations to auth flow

* fix sig in sign up url

* fix action url

* fix build errors

* dev: fix user set password when logging in

* dev: reset password endpoint

* chore: confirm password validation for signup and onboarding.

* enable reset password

* fix build error

* chore: minor UI updates.

* chore: forgot and reset password UI revamp.

* fix authentication re directions

* dev: auth redirections

* change url paths for signup and signin

* dev: make the user logged in when changing passwords

* dev: next path redirection for web and space app

* dev: next path for magic sign in endpoint

* dev: github space endpoint

* chore: minor ui updates and fixes in web app.

* set password screen

* fix multiple unique code generation

* dev: next path base redirection

* dev: remove print logs

* dev: auth space endpoints

* fix build errors

* dev: invalidate cache on configuration update, god mode exception errors and authentication failed code

* dev: fix space endpoints and add extra endpoints

* chore: space auth revamp.

* dev: add sign up for space app

* fix: build errors.

* fix: auth redirection logic.

* chore: space app onboarding revamp.

---------

Co-authored-by: pablohashescobar <nikhilschacko@gmail.com>
Co-authored-by: NarayanBavisetti <narayan3119@gmail.com>
Co-authored-by: gurusainath <gurusainath007@gmail.com>
Co-authored-by: Prateek Shourya <prateekshourya29@gmail.com>
Co-authored-by: Manish Gupta <59428681+mguptahub@users.noreply.github.com>
Co-authored-by: Manish Gupta <manish@mgupta.me>
Co-authored-by: = <=>
Co-authored-by: rahulramesha <rahulramesham@gmail.com>

* chore: updated file structure for admin

* chore: updated admin-sidebar

* chore: auth error handling

* chore: onboarding UI updates and dark mode fixes.

* chore: add `user personalization` step to onboarding profile setup screen.

* chore: fix minor UI bugs

* chore: authentication workflow changes

* chore: handled signin workflow

* style: switch or delete account workflow

* chore: god mode redirection URL

* feat(dashboard): improve label readability (#4321)

change none label for all time in dashbard filters

* chore: god-mode redirection

* chore: onboarding ui updates and accept invitation workflow updates.

* chore: rename unique code auth form.

* style: space auth ux copy.

* chore: updated intance and auth wrapper logic

* chore: update default layout style.

* chore: update confirm password.

* chore: backend redirection

* style: update banner ui

* chore: minor ui updates and validation fix.

* chore: removed old auth hook

* chore: handled auth wrapper

* chore: handled store loaders in the user

* chore: handled logs

* chore: add loading spinners for all auth and onboarding form buttons.

* chore: add background pattern in admin auth forms and minor ui fixes.

* chore: UI changes and revamp components for authentication

* chore: auth UI consistency in web, space and admin.

* chore: resolved build errors

* chore: removed old auth hooks

* chore: handled lint errors in use accounts

* chore: updated authentication wrapper logic in web app

* [WEB -1149] dev: update dependencies (#4333)

* dev: upgrade dependencies remove unwanted dependency and add ruff as local dependency

* dev: add comments

* chore: authentication wrapper fetch user

* chore: updated store loader

* chore: removed old auth wrapper and replaced the imports with new auth wrapper

* chore: join workspace invitation workflow updates

* chore: build error resolved in deploy

* chore: handled onboarding step error in web app

* chore: SMTP Name and Password validation removed

* chore: handled seo and signout logic and new user popup

* chore: added redirection to plane in the sidebar

* chore: resolved build errors

* dev: admin session cookie update

* chore: updated cookie session time for admin

* dev: add start date and end date to projects (#4355)

* chore: add email security dropdown and remove SMTP username and password validation.

* chore: add tooltip to admin sidebar help-section.

* chore: add dropdown to collapsed admin sidebar.

* chore: profile themning

* chore: updated page error messages and theme in command palette

* dev: add email validation in email check apis

* dev: remove start date and end date from project

* chore: updated space folder structure and updated the store hooks

* dev: error codes for authentication

* chore: handled authentication in space and web apps

* chore: banner redirect handling the email

* dev: god mode error codes

* chore: updated error codes

* chore: updated onboarding images

* dev: signout endpoints and saving login domain while creating sessions

* feat: Self Host Data Backup (#4383)

* feat: implemented backup , support for docker-compose tool, readme updated

* minor fix in shell script

* codacy fixes

* chore: handled build errors in web

* chore: updated react, react-dom, and next versions

* chore: updated password autioset in the signin

* dev: add logo prop to views and pages

* chore: updated api service and handled the set password in store

* chore: handled build errors and code cleanup

* dev: return 401 when the session is not valid

* dev: users/me exception for api

* chore: installed lodash in space app

* dev: add auth route in nginx

---------

Co-authored-by: pablohashescobar <nikhilschacko@gmail.com>
Co-authored-by: NarayanBavisetti <narayan3119@gmail.com>
Co-authored-by: gurusainath <gurusainath007@gmail.com>
Co-authored-by: Prateek Shourya <prateekshourya29@gmail.com>
Co-authored-by: Manish Gupta <59428681+mguptahub@users.noreply.github.com>
Co-authored-by: Manish Gupta <manish@mgupta.me>
Co-authored-by: rahulramesha <rahulramesham@gmail.com>
Co-authored-by: Aaryan Khandelwal <aaryankhandu123@gmail.com>
Co-authored-by: Daniel Alba <56451942+redrum15@users.noreply.github.com>
Co-authored-by: Nikhil <118773738+pablohashescobar@users.noreply.github.com>

packages/tailwind-config-custom/tailwind.config.js

@@ -10,6 +10,7 @@ module.exports = {
       "./constants/**/*.{js,ts,jsx,tsx}",
       "./layouts/**/*.tsx",
       "./pages/**/*.tsx",
+      "./app/**/*.tsx",
       "./ui/**/*.tsx",
       "../packages/ui/**/*.{js,ts,jsx,tsx}",
       "../packages/editor/**/src/**/*.{js,ts,jsx,tsx}",

packages/types/src/app.d.ts

@@ -1,14 +0,0 @@
-export interface IAppConfig {
-  email_password_login: boolean;
-  file_size_limit: number;
-  github_app_name: string | null;
-  github_client_id: string | null;
-  google_client_id: string | null;
-  has_openai_configured: boolean;
-  has_unsplash_configured: boolean;
-  is_smtp_configured: boolean;
-  magic_login: boolean;
-  posthog_api_key: string | null;
-  posthog_host: string | null;
-  slack_client_id: string | null;
-}

packages/types/src/auth.d.ts

@@ -6,7 +6,8 @@ export interface IEmailCheckData {
 
 export interface IEmailCheckResponse {
   is_password_autoset: boolean;
-  is_existing: boolean;
+  status: boolean;
+  existing: boolean;
 }
 
 export interface ILoginTokenResponse {
@@ -24,3 +25,7 @@ export interface IPasswordSignInData {
   email: string;
   password: string;
 }
+
+export interface ICsrfTokenData {
+  csrf_token: string;
+}

packages/types/src/current-user/accounts.d.ts

@@ -0,0 +1,17 @@
+export type TCurrentUserAccount = {
+  id: string | undefined;
+
+  user: string | undefined;
+
+  provider_account_id: string | undefined;
+  provider: "google" | "github" | string | undefined;
+  access_token: string | undefined;
+  access_token_expired_at: Date | undefined;
+  refresh_token: string | undefined;
+  refresh_token_expired_at: Date | undefined;
+  last_connected_at: Date | undefined;
+  metadata: object | undefined;
+
+  created_at: Date | undefined;
+  updated_at: Date | undefined;
+};

packages/types/src/current-user/index.ts

@@ -0,0 +1,3 @@
+export * from "./user";
+export * from "./profile";
+export * from "./accounts";

packages/types/src/current-user/profile.d.ts

@@ -0,0 +1,29 @@
+export type TUserProfile = {
+  id: string | undefined;
+
+  user: string | undefined;
+  role: string | undefined;
+  last_workspace_id: string | undefined;
+
+  theme: {
+    theme: string | undefined;
+  };
+
+  onboarding_step: {
+    workspace_join: boolean;
+    profile_complete: boolean;
+    workspace_create: boolean;
+    workspace_invite: boolean;
+  };
+  is_onboarded: boolean;
+  is_tour_completed: boolean;
+
+  use_case: string | undefined;
+
+  billing_address_country: string | undefined;
+  billing_address: string | undefined;
+  has_billing_address: boolean;
+
+  created_at: Date | string;
+  updated_at: Date | string;
+};

packages/types/src/current-user/user.d.ts

@@ -0,0 +1,30 @@
+export type TCurrentUser = {
+  id: string | undefined;
+  avatar: string | undefined;
+  cover_image: string | undefined;
+  date_joined: Date | undefined;
+  display_name: string | undefined;
+  email: string | undefined;
+  first_name: string | undefined;
+  last_name: string | undefined;
+  is_active: boolean;
+  is_bot: boolean;
+  is_email_verified: boolean;
+  is_managed: boolean;
+  mobile_number: string | undefined;
+  user_timezone: string | undefined;
+  username: string | undefined;
+  is_password_autoset: boolean;
+};
+
+export type TCurrentUserSettings = {
+  id: string | undefined;
+  email: string | undefined;
+  workspace: {
+    last_workspace_id: string | undefined;
+    last_workspace_slug: string | undefined;
+    fallback_workspace_id: string | undefined;
+    fallback_workspace_slug: string | undefined;
+    invites: number | undefined;
+  };
+};

packages/types/src/index.d.ts

@@ -14,17 +14,17 @@ export * from "./estimate";
 export * from "./importer";
 export * from "./inbox";
 export * from "./analytics";
+export * from "./api_token";
+export * from "./app";
+export * from "./auth";
 export * from "./calendar";
+export * from "./instance";
+export * from "./issues/base"; // TODO: Remove this after development and the refactor/mobx-store-issue branch is stable
 export * from "./notifications";
-export * from "./waitlist";
 export * from "./reaction";
 export * from "./view-props";
-export * from "./workspace-views";
+export * from "./waitlist";
 export * from "./webhook";
-export * from "./issues/base"; // TODO: Remove this after development and the refactor/mobx-store-issue branch is stable
-export * from "./auth";
-export * from "./api_token";
-export * from "./instance";
-export * from "./app";
+export * from "./workspace-views";
 export * from "./common";
 export * from "./pragmatic";

packages/types/src/instance.d.ts

@@ -1,47 +0,0 @@
-import { IUserLite } from "./users";
-
-export interface IInstance {
-  id: string;
-  created_at: string;
-  updated_at: string;
-  instance_name: string;
-  whitelist_emails: string | null;
-  instance_id: string;
-  license_key: string | null;
-  api_key: string;
-  version: string;
-  last_checked_at: string;
-  namespace: string | null;
-  is_telemetry_enabled: boolean;
-  is_support_required: boolean;
-  created_by: string | null;
-  updated_by: string | null;
-  is_activated: boolean;
-  is_setup_done: boolean;
-}
-
-export interface IInstanceConfiguration {
-  id: string;
-  created_at: string;
-  updated_at: string;
-  key: string;
-  value: string;
-  created_by: string | null;
-  updated_by: string | null;
-}
-
-export interface IFormattedInstanceConfiguration {
-  [key: string]: string;
-}
-
-export interface IInstanceAdmin {
-  created_at: string;
-  created_by: string;
-  id: string;
-  instance: string;
-  role: string;
-  updated_at: string;
-  updated_by: string;
-  user: string;
-  user_detail: IUserLite;
-}

packages/types/src/instance/ai.d.ts

@@ -0,0 +1 @@
+export type TInstanceAIConfigurationKeys = "OPENAI_API_KEY" | "GPT_ENGINE";

packages/types/src/instance/auth.d.ts

@@ -0,0 +1,22 @@
+export type TInstanceAuthenticationMethodKeys =
+  | "ENABLE_SIGNUP"
+  | "ENABLE_MAGIC_LINK_LOGIN"
+  | "ENABLE_EMAIL_PASSWORD"
+  | "IS_GOOGLE_ENABLED"
+  | "IS_GITHUB_ENABLED";
+
+export type TInstanceGoogleAuthenticationConfigurationKeys =
+  | "GOOGLE_CLIENT_ID"
+  | "GOOGLE_CLIENT_SECRET";
+
+export type TInstanceGithubAuthenticationConfigurationKeys =
+  | "GITHUB_CLIENT_ID"
+  | "GITHUB_CLIENT_SECRET";
+
+type TInstanceAuthenticationConfigurationKeys =
+  | TInstanceGoogleAuthenticationConfigurationKeys
+  | TInstanceGithubAuthenticationConfigurationKeys;
+
+export type TInstanceAuthenticationKeys =
+  | TInstanceAuthenticationMethodKeys
+  | TInstanceAuthenticationConfigurationKeys;

packages/types/src/instance/base.d.ts

@@ -0,0 +1,79 @@
+import { IUserLite } from "../users";
+import {
+  TInstanceAIConfigurationKeys,
+  TInstanceEmailConfigurationKeys,
+  TInstanceImageConfigurationKeys,
+  TInstanceAuthenticationKeys,
+} from "./";
+
+export interface IInstance {
+  instance: {
+    id: string;
+    created_at: string;
+    updated_at: string;
+    instance_name: string | undefined;
+    whitelist_emails: string | undefined;
+    instance_id: string | undefined;
+    license_key: string | undefined;
+    api_key: string | undefined;
+    version: string | undefined;
+    last_checked_at: string | undefined;
+    namespace: string | undefined;
+    is_telemetry_enabled: boolean;
+    is_support_required: boolean;
+    is_activated: boolean;
+    is_setup_done: boolean;
+    is_signup_screen_visited: boolean;
+    user_count: number | undefined;
+    is_verified: boolean;
+    created_by: string | undefined;
+    updated_by: string | undefined;
+    workspaces_exist: boolean;
+  };
+  config: {
+    is_google_enabled: boolean;
+    is_github_enabled: boolean;
+    is_magic_login_enabled: boolean;
+    is_email_password_enabled: boolean;
+    github_app_name: string | undefined;
+    slack_client_id: string | undefined;
+    posthog_api_key: string | undefined;
+    posthog_host: string | undefined;
+    has_unsplash_configured: boolean;
+    has_openai_configured: boolean;
+    file_size_limit: number | undefined;
+    is_smtp_configured: boolean;
+  };
+}
+
+export interface IInstanceAdmin {
+  created_at: string;
+  created_by: string;
+  id: string;
+  instance: string;
+  role: string;
+  updated_at: string;
+  updated_by: string;
+  user: string;
+  user_detail: IUserLite;
+}
+
+export type TInstanceConfigurationKeys =
+  | TInstanceAIConfigurationKeys
+  | TInstanceEmailConfigurationKeys
+  | TInstanceImageConfigurationKeys
+  | TInstanceAuthenticationKeys;
+
+export interface IInstanceConfiguration {
+  id: string;
+  created_at: string;
+  updated_at: string;
+  key: TInstanceConfigurationKeys;
+  value: string;
+  created_by: string | null;
+  updated_by: string | null;
+}
+
+export type IFormattedInstanceConfiguration = {
+  [key in TInstanceConfigurationKeys]: string;
+};

packages/types/src/instance/email.d.ts

@@ -0,0 +1,8 @@
+export type TInstanceEmailConfigurationKeys =
+  | "EMAIL_HOST"
+  | "EMAIL_PORT"
+  | "EMAIL_HOST_USER"
+  | "EMAIL_HOST_PASSWORD"
+  | "EMAIL_USE_TLS"
+  | "EMAIL_USE_SSL"
+  | "EMAIL_FROM";

packages/types/src/instance/image.d.ts

@@ -0,0 +1 @@
+export type TInstanceImageConfigurationKeys = "UNSPLASH_ACCESS_KEY";

packages/types/src/instance/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./ai";
+export * from "./auth";
+export * from "./base";
+export * from "./email";
+export * from "./image";

packages/types/src/users.d.ts

@@ -1,13 +1,15 @@
 import {
+  EUserProjectRoles,
   IIssueActivity,
   TIssuePriorities,
   TStateGroups,
-  EUserProjectRoles,
 } from ".";
 
+type TLoginMediums = "email" | "magic-code" | "github" | "google";
+
 export interface IUser {
   id: string;
-  avatar: string;
+  avatar: string | null;
   cover_image: string | null;
   date_joined: string;
   display_name: string;
@@ -17,50 +19,75 @@ export interface IUser {
   is_active: boolean;
   is_bot: boolean;
   is_email_verified: boolean;
-  is_managed: boolean;
-  is_onboarded: boolean;
   is_password_autoset: boolean;
   is_tour_completed: boolean;
   mobile_number: string | null;
   role: string | null;
-  onboarding_step: {
-    workspace_join?: boolean;
-    profile_complete?: boolean;
-    workspace_create?: boolean;
-    workspace_invite?: boolean;
-  };
   last_workspace_id: string;
   user_timezone: string;
   username: string;
+  last_login_medium: TLoginMediums;
   theme: IUserTheme;
-  use_case?: string;
 }
 
+export interface IUserAccount {
+  provider_account_id: string;
+  provider: string;
+  created_at: Date;
+  updated_at: Date;
+}
+
+export type TUserProfile = {
+  id: string | undefined;
+  user: string | undefined;
+  role: string | undefined;
+  last_workspace_id: string | undefined;
+  theme: {
+    text: string | undefined;
+    theme: string | undefined;
+    palette: string | undefined;
+    primary: string | undefined;
+    background: string | undefined;
+    darkPalette: boolean | undefined;
+    sidebarText: string | undefined;
+    sidebarBackground: string | undefined;
+  };
+  onboarding_step: TOnboardingSteps;
+  is_onboarded: boolean;
+  is_tour_completed: boolean;
+  use_case: string | undefined;
+  billing_address_country: string | undefined;
+  billing_address: string | undefined;
+  has_billing_address: boolean;
+  created_at: Date | string;
+  updated_at: Date | string;
+};
+
 export interface IInstanceAdminStatus {
   is_instance_admin: boolean;
 }
 
 export interface IUserSettings {
-  id: string;
-  email: string;
+  id: string | undefined;
+  email: string | undefined;
   workspace: {
-    last_workspace_id: string;
-    last_workspace_slug: string;
-    fallback_workspace_id: string;
-    fallback_workspace_slug: string;
-    invites: number;
+    last_workspace_id: string | undefined;
+    last_workspace_slug: string | undefined;
+    fallback_workspace_id: string | undefined;
+    fallback_workspace_slug: string | undefined;
+    invites: number | undefined;
   };
 }
 
 export interface IUserTheme {
-  background: string;
-  text: string;
-  primary: string;
-  sidebarBackground: string;
-  sidebarText: string;
-  darkPalette: boolean;
-  palette: string;
-  theme: string;
+  text: string | undefined;
+  theme: string | undefined;
+  palette: string | undefined;
+  primary: string | undefined;
+  background: string | undefined;
+  darkPalette: boolean | undefined;
+  sidebarText: string | undefined;
+  sidebarBackground: string | undefined;
 }
 
 export interface IUserLite {

packages/ui/src/button/helper.tsx

@@ -8,7 +8,8 @@ export type TButtonVariant =
   | "accent-danger"
   | "outline-danger"
   | "link-danger"
-  | "tertiary-danger";
+  | "tertiary-danger"
+  | "link-neutral";
 
 export type TButtonSizes = "sm" | "md" | "lg" | "xl";
 
@@ -97,6 +98,12 @@ export const buttonStyling: IButtonStyling = {
     pressed: `focus:text-red-400`,
     disabled: `cursor-not-allowed !text-red-300`,
   },
+  "link-neutral": {
+    default: `text-custom-text-300`,
+    hover: `hover:text-custom-text-200`,
+    pressed: `focus:text-custom-text-100`,
+    disabled: `cursor-not-allowed !text-custom-text-400`,
+  },
 };
 
 export const getButtonStyling = (variant: TButtonVariant, size: TButtonSizes, disabled: boolean = false): string => {