api/static/auth.js

/**
 * Auth: Hugging Face (when on HF Spaces) or app account (create account / sign in with email).
 * Commenting requires being signed in one way or the other.
 */
(function () {
  const HF_STORAGE_KEY = "yantrabodha_hf_oauth";
  var supabase = null;

  window.getHfUser = function () {
    return window.__HF_USER__ || null;
  };

  window.getAppUser = function () {
    return window.__APP_USER__ || null;
  };

  function setAppUserFromSession(session) {
    if (!session || !session.user) { window.__APP_USER__ = null; return; }
    var user = session.user;
    var name = (user.user_metadata && (user.user_metadata.name || user.user_metadata.full_name)) || user.email;
    window.__APP_USER__ = { name: name || user.email, email: user.email, token: session.access_token };
  }

  window.getCurrentUser = function () {
    return window.getHfUser() || window.getAppUser();
  };

  window.signOutHf = function () {
    try { sessionStorage.removeItem(HF_STORAGE_KEY); } catch (_) {}
    window.__HF_USER__ = null;
    renderAuthUI();
    if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
  };

  window.signOutApp = function () {
    if (window.__SUPABASE_CLIENT__) {
      window.__SUPABASE_CLIENT__.auth.signOut().then(function () {
        renderAuthUI();
        if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
      });
    }
  };

  function renderAuthUI() {
    var user = window.getCurrentUser();
    var signin = document.getElementById("auth-signin");
    var loggedin = document.getElementById("auth-loggedin");
    var loggedinName = document.getElementById("auth-loggedin-name");
    var loggedinImg = document.getElementById("auth-loggedin-img");
    var sidebarAuthMobile = document.getElementById("sidebar-auth-mobile");
    var hfBtn = document.getElementById("auth-signin-btn");
    if (hfBtn) hfBtn.style.display = (window.huggingface && window.huggingface.variables) ? "" : "none";
    var sep = document.querySelector(".auth-sep");
    if (sep) sep.style.display = (window.huggingface && window.huggingface.variables) ? "" : "none";
    if (!signin && !loggedin) return;
    if (user) {
      if (signin) signin.style.display = "none";
      if (typeof window.__updateTabsForAuth === "function") window.__updateTabsForAuth();
      if (loggedin) {
        loggedin.style.display = "flex";
        if (loggedinName) loggedinName.textContent = user.name || user.email || "User";
        if (loggedinImg) {
          if (user.picture) {
            loggedinImg.src = user.picture;
            loggedinImg.alt = "";
            loggedinImg.style.display = "";
          } else {
            loggedinImg.style.display = "none";
          }
        }
      }
      if (sidebarAuthMobile) {
        sidebarAuthMobile.classList.add("is-logged-in");
        sidebarAuthMobile.setAttribute("aria-hidden", "false");
      }
    } else {
      if (signin) signin.style.display = "flex";
      if (loggedin) loggedin.style.display = "none";
      if (typeof window.__updateTabsForAuth === "function") window.__updateTabsForAuth();
      if (sidebarAuthMobile) {
        sidebarAuthMobile.classList.remove("is-logged-in");
        sidebarAuthMobile.setAttribute("aria-hidden", "true");
      }
    }
  }

  function persistAndRender(result) {
    var user = result && result.userInfo ? {
      sub: result.userInfo.sub,
      name: result.userInfo.name,
      preferred_username: result.userInfo.preferred_username,
      picture: result.userInfo.picture,
    } : null;
    try { if (user) sessionStorage.setItem(HF_STORAGE_KEY, JSON.stringify(user)); } catch (_) {}
    window.__HF_USER__ = user;
    renderAuthUI();
    if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
  }

  async function doHfLogin() {
    try {
      var hub = await import("https://esm.sh/@huggingface/hub@0.21.0");
      var scopes = window.huggingface && window.huggingface.variables && window.huggingface.variables.OAUTH_SCOPES;
      var url = await hub.oauthLoginUrl(scopes ? { scopes: scopes } : {});
      window.location.href = url + (url.indexOf("?") >= 0 ? "&" : "?") + "prompt=consent";
    } catch (err) { console.warn("HF OAuth login failed:", err); }
  }

  function openModal(panel) {
    var modal = document.getElementById("auth-modal");
    if (!modal) return;
    modal.hidden = false;
    modal.setAttribute("aria-hidden", "false");
    document.body.classList.add("auth-modal-open");
    document.getElementById("auth-modal-signin").style.display = panel === "signin" ? "block" : "none";
    document.getElementById("auth-modal-register").style.display = panel === "register" ? "block" : "none";
    document.getElementById("auth-modal-error").style.display = "none";
    document.addEventListener("keydown", onModalEscape);
  }

  function closeModal() {
    var modal = document.getElementById("auth-modal");
    if (modal) {
      modal.hidden = true;
      modal.setAttribute("aria-hidden", "true");
    }
    document.body.classList.remove("auth-modal-open");
    document.removeEventListener("keydown", onModalEscape);
  }

  function onModalEscape(e) {
    if (e.key === "Escape") closeModal();
  }

  function showAuthError(msg) {
    var el = document.getElementById("auth-modal-error");
    if (el) { el.textContent = msg || ""; el.style.display = msg ? "block" : "none"; }
  }

  async function initSupabase() {
    try {
      var r = await fetch("/api/config");
      var config = await r.json();
      if (!config.supabaseUrl || !config.supabaseAnonKey) return;
      var mod = await import("https://cdn.jsdelivr.net/npm/@supabase/supabase-js@2/+esm");
      var createClient = mod.createClient || (mod.default && mod.default.createClient);
      window.__SUPABASE_CLIENT__ = createClient(config.supabaseUrl, config.supabaseAnonKey);
      supabase = window.__SUPABASE_CLIENT__;
      supabase.auth.onAuthStateChange(function (event, session) {
        setAppUserFromSession(session);
        renderAuthUI();
        if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
      });
      var session = (await supabase.auth.getSession()).data.session;
      setAppUserFromSession(session);
      if (session) { renderAuthUI(); if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange(); }
    } catch (_) {}
  }

  async function init() {
    var stored = null;
    try { var raw = sessionStorage.getItem(HF_STORAGE_KEY); if (raw) stored = JSON.parse(raw); } catch (_) {}
    if (stored) { window.__HF_USER__ = stored; renderAuthUI(); }

    await initSupabase();

    if (window.huggingface && window.huggingface.variables) {
      try {
        var hub = await import("https://esm.sh/@huggingface/hub@0.21.0");
        var oauthResult = await hub.oauthHandleRedirectIfPresent();
        if (oauthResult) { persistAndRender(oauthResult); bindButtons(); return; }
      } catch (e) { console.warn("HF OAuth redirect failed:", e); }
    }

    renderAuthUI();
    bindButtons();
    if (typeof window.__updateTabsForAuth === "function") window.__updateTabsForAuth();
  }

  function bindButtons() {
    var signinBtn = document.getElementById("auth-signin-btn");
    if (signinBtn) signinBtn.onclick = doHfLogin;
    document.body.addEventListener("click", function (e) {
      if (e.target.closest(".hf-signin-btn")) { e.preventDefault(); doHfLogin(); }
    });
    function doSignOut() {
      if (window.getHfUser()) window.signOutHf();
      else window.signOutApp();
      var leftSidebar = document.getElementById("left-sidebar");
      if (leftSidebar) leftSidebar.classList.remove("is-open");
    }
    var signoutBtn = document.getElementById("auth-signout-btn");
    if (signoutBtn) signoutBtn.onclick = doSignOut;
    var signoutSidebarBtn = document.getElementById("auth-signout-sidebar-btn");
    if (signoutSidebarBtn) signoutSidebarBtn.onclick = doSignOut;
    var appSigninBtn = document.getElementById("auth-app-signin-btn");
    if (appSigninBtn) appSigninBtn.onclick = function () { openModal("signin"); };
    var appRegisterBtn = document.getElementById("auth-app-register-btn");
    if (appRegisterBtn) appRegisterBtn.onclick = function () { openModal("register"); };
    document.getElementById("auth-show-register") && document.getElementById("auth-show-register").addEventListener("click", function () { openModal("register"); });
    document.getElementById("auth-show-signin") && document.getElementById("auth-show-signin").addEventListener("click", function () { openModal("signin"); });
    var closeBtn = document.querySelector(".auth-modal-close");
    if (closeBtn) closeBtn.addEventListener("click", closeModal);
    var backdrop = document.querySelector(".auth-modal-backdrop");
    if (backdrop) backdrop.addEventListener("click", closeModal);
    var formSignin = document.getElementById("auth-form-signin");
    if (formSignin) {
      formSignin.onsubmit = async function (e) {
        e.preventDefault();
        showAuthError("");
        if (!window.__SUPABASE_CLIENT__) { showAuthError("App sign-in not configured."); return; }
        var email = document.getElementById("auth-email-signin").value.trim();
        var password = document.getElementById("auth-password-signin").value;
        try {
          var res = await window.__SUPABASE_CLIENT__.auth.signInWithPassword({ email: email, password: password });
          if (res.error) throw new Error(res.error.message);
          closeModal();
          setAppUserFromSession(res.data.session);
          renderAuthUI();
          if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
        } catch (err) {
          var msg = err.message || "Sign in failed.";
          if (msg.toLowerCase().indexOf("email not confirmed") >= 0) {
            msg = "Please confirm your email first. Check your inbox for the confirmation link, then try again.";
          }
          showAuthError(msg);
        }
      };
    }
    var formRegister = document.getElementById("auth-form-register");
    if (formRegister) {
      formRegister.onsubmit = async function (e) {
        e.preventDefault();
        showAuthError("");
        if (!window.__SUPABASE_CLIENT__) { showAuthError("Create account not configured."); return; }
        var name = document.getElementById("auth-name-register").value.trim();
        var email = document.getElementById("auth-email-register").value.trim();
        var password = document.getElementById("auth-password-register").value;
        try {
          var res = await window.__SUPABASE_CLIENT__.auth.signUp({ email: email, password: password, options: { data: { name: name || email } } });
          if (res.error) throw new Error(res.error.message);
          if (res.data.session) {
            setAppUserFromSession(res.data.session);
            closeModal();
            showAuthError("");
            renderAuthUI();
            if (typeof window.__onHfAuthChange === "function") window.__onHfAuthChange();
          } else {
            showAuthError("Account created. Please check your email to confirm, then sign in.");
          }
        } catch (err) { showAuthError(err.message || "Create account failed."); }
      };
    }
  }

  init();
})();