// ================================================================= // screens-auth.jsx — Unauthenticated full-page flows. // // sign-in SignInPage email + password, OAuth, SSO // sign-up SignUpPage full sign-up form w/ strength meter // forgot-password ForgotPasswordPage email entry → "check your inbox" // check-email CheckEmailPage post-submit confirmation // reset-password ResetPasswordPage new password + confirm // verify-email VerifyEmailPage 6-digit code entry // two-factor TwoFactorPage 2FA OTP after sign-in // sso SsoSignInPage enter org domain // // These render WITHOUT the app shell. app.jsx detects an AUTH_ROUTES // hit and short-circuits the full layout in favor of . // ================================================================= const AUTH_ROUTES = new Set([ "sign-in", "sign-up", "forgot-password", "check-email", "reset-password", "verify-email", "two-factor", "sso", ]); // ---------- Inline SVG marks (Google, GitHub, eye, etc.) ---------- const SvgGoogle = ({ size = 16 }) => ( ); const SvgGithub = ({ size = 16 }) => ( ); const SvgEye = ({ size = 14 }) => ( ); const SvgEyeOff = ({ size = 14 }) => ( ); const SvgMail = ({ size = 22 }) => ( ); const SvgLock = ({ size = 22 }) => ( ); // ---------- Shared layout ---------- const AuthLayout = ({ children, narrow }) => { const cfg = window.APP_CONFIG; return (

{ e.preventDefault(); window.__nav("sign-in"); }}> {cfg.brand.showLogo && } {cfg.brand.name}{cfg.brand.suffix && {cfg.brand.suffix}}

{children}

); }; // ---------- Header inside the form column ---------- const AuthHeader = ({ icon, title, subtitle }) => (

{icon &&

{icon}

}

{title}

{subtitle &&

{subtitle}

}

); // ---------- Reusable bits ---------- const OauthRow = ({ disabled, mode = "sign-in" }) => { const verb = mode === "sign-up" ? "Sign up" : "Continue"; return (

); }; const AuthDivider = ({ children }) => (

{children}

); const PasswordInput = ({ value, onChange, placeholder = "••••••••", autoFocus, autoComplete = "current-password", ...rest }) => { const [show, setShow] = React.useState(false); return ( setShow((s) => !s)} aria-label={show ? "Hide password" : "Show password"}> {show ? : } } /> ); }; // Password strength heuristic — returns 0..4 const scorePassword = (pw) => { if (!pw) return -1; if (pw.length < 8) return 0; let s = 1; if (pw.length >= 12) s++; if (/[A-Z]/.test(pw) && /[a-z]/.test(pw)) s++; if (/\d/.test(pw)) s++; if (/[^A-Za-z0-9]/.test(pw)) s++; return Math.min(4, s); }; const STRENGTH_LABEL = ["Too short", "Weak", "Fair", "Strong", "Excellent"]; const PasswordStrength = ({ password }) => { const s = scorePassword(password); const colors = ["var(--bad)", "var(--warn)", "#b88a00", "var(--good)", "var(--good)"]; return (

{[0,1,2,3].map((i) => ( i ? colors[s] : "var(--line)"}}/> ))}

= 0 ? colors[s] : "var(--muted)"}}> {s >= 0 ? STRENGTH_LABEL[s] : "8+ chars, mix of letters, numbers, symbols"}

); }; // 6-digit OTP input with auto-advance, backspace, and paste handling. const OtpInput = ({ length = 6, value, onChange, autoFocus }) => { const refs = React.useRef([]); React.useEffect(() => { if (autoFocus) refs.current[0]?.focus(); }, [autoFocus]); const handleChange = (idx, v) => { const ch = v.replace(/\D/g, "").slice(-1); const next = value.padEnd(length, " ").split(""); next[idx] = ch || " "; onChange(next.join("").replace(/\s+$/g, "").replace(/\s/g, "").slice(0, length)); if (ch && idx < length - 1) refs.current[idx + 1]?.focus(); }; const handleKey = (idx, e) => { if (e.key === "Backspace" && !value[idx] && idx > 0) { refs.current[idx - 1]?.focus(); e.preventDefault(); const next = value.split(""); next[idx - 1] = ""; onChange(next.join("")); } if (e.key === "ArrowLeft" && idx > 0) refs.current[idx - 1]?.focus(); if (e.key === "ArrowRight" && idx < length - 1) refs.current[idx + 1]?.focus(); }; const handlePaste = (e) => { const txt = (e.clipboardData.getData("text") || "").replace(/\D/g, "").slice(0, length); if (txt) { e.preventDefault(); onChange(txt); refs.current[Math.min(txt.length, length - 1)]?.focus(); } }; return (

{Array.from({ length }).map((_, i) => ( (refs.current[i] = el)} inputMode="numeric" pattern="\d*" maxLength={1} value={value[i] || ""} onChange={(e) => handleChange(i, e.target.value)} onKeyDown={(e) => handleKey(i, e)} aria-label={`Digit ${i + 1}`} /> ))}

); }; // ================================================================= // SignInPage — /sign-in // ================================================================= const SignInPage = () => { const [email, setEmail] = React.useState(""); const [password, setPassword] = React.useState(""); const [remember, setRemember] = React.useState(true); const [busy, setBusy] = React.useState(false); const [error, setError] = React.useState(null); const valid = /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email) && password.length >= 4; const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setError(null); setTimeout(() => { setBusy(false); // Demo branch: trigger 2FA if email matches admin@cataloguemaker.dev if (email.toLowerCase() === "admin@cataloguemaker.dev") { window.__nav("two-factor"); return; } window.__toast("Signed in"); window.__nav("dashboard"); }, 700); }; return ( or continue with email {error && }>{error}}

Don't have an account? { e.preventDefault(); window.__nav("sign-up"); }}>Create one

); }; // ================================================================= // SignUpPage — /sign-up // ================================================================= const SignUpPage = () => { const [form, setForm] = React.useState({ name: "", email: "", password: "", org: "" }); const [agree, setAgree] = React.useState(false); const [busy, setBusy] = React.useState(false); const set = (k, v) => setForm((f) => ({ ...f, [k]: v })); const strength = scorePassword(form.password); const emailValid = /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(form.email); const valid = form.name.trim().length >= 2 && emailValid && strength >= 2 && form.org.trim().length >= 2 && agree; const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__nav("verify-email"); }, 800); }; return ( or sign up with email

Already have an account? { e.preventDefault(); window.__nav("sign-in"); }}>Sign in

); }; // ================================================================= // ForgotPasswordPage — /forgot-password // ================================================================= const ForgotPasswordPage = () => { const [email, setEmail] = React.useState(""); const [busy, setBusy] = React.useState(false); const valid = /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email); const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__nav("check-email", encodeURIComponent(email)); }, 600); }; return ( } title="Forgot your password?" subtitle="Enter the email tied to your Catalogue Maker account and we'll send a reset link."/>

Remembered it? { e.preventDefault(); window.__nav("sign-in"); }}>Back to sign in

); }; // ================================================================= // CheckEmailPage — /check-email (success state for forgot-password) // ================================================================= const CheckEmailPage = ({ routeParam }) => { const email = routeParam ? decodeURIComponent(routeParam) : "your inbox"; const [resent, setResent] = React.useState(false); return ( } title="Check your email" subtitle={<>We sent a password reset link to {email}. It expires in 30 minutes.}/>

Didn't see anything? Check spam, or click below to send a new link.

{ window.__nav("reset-password"); }}> Open reset link { setResent(true); window.__toast("New reset link sent"); setTimeout(() => setResent(false), 8000); }}> {resent ? "Email sent · resend in 8s" : "Resend email"}

Wrong address? { e.preventDefault(); window.__nav("forgot-password"); }}>Try a different one

); }; // ================================================================= // ResetPasswordPage — /reset-password // ================================================================= const ResetPasswordPage = () => { const [pw, setPw] = React.useState(""); const [confirm, setConfirm] = React.useState(""); const [busy, setBusy] = React.useState(false); const strength = scorePassword(pw); const match = pw && pw === confirm; const valid = strength >= 2 && match; const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__toast("Password updated. Welcome back."); window.__nav("sign-in"); }, 700); }; return ( } title="Choose a new password" subtitle="Your new password must be different from the last 3 you've used."/>

{ e.preventDefault(); window.__nav("sign-in"); }}>Back to sign in

); }; // ================================================================= // VerifyEmailPage — /verify-email (post-signup) // ================================================================= const VerifyEmailPage = () => { const [code, setCode] = React.useState(""); const [busy, setBusy] = React.useState(false); const [resentAt, setResentAt] = React.useState(null); const valid = code.length === 6; // tick to refresh countdown const [, setNow] = React.useState(0); React.useEffect(() => { if (!resentAt) return; const t = setInterval(() => setNow((n) => n + 1), 1000); return () => clearInterval(t); }, [resentAt]); const cooldown = resentAt ? Math.max(0, 30 - Math.floor((Date.now() - resentAt) / 1000)) : 0; const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__toast("Email verified"); window.__nav("dashboard"); }, 600); }; return ( } title="Verify your email" subtitle={<>We sent a 6-digit code to you@company.com. Enter it below to activate your account.}/> ); }; // ================================================================= // TwoFactorPage — /two-factor // ================================================================= const TwoFactorPage = () => { const [code, setCode] = React.useState(""); const [busy, setBusy] = React.useState(false); const [method, setMethod] = React.useState("app"); // app | sms | backup const valid = code.length === 6; const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__toast("Signed in"); window.__nav("dashboard"); }, 600); }; const COPY = { app: { sub: "Open your authenticator app and enter the 6-digit code for Catalogue Maker." }, sms: { sub: "We just texted a 6-digit code to •••• •• 4082." }, backup: { sub: "Enter one of the 10 backup codes you saved when setting up 2FA." }, }; return ( } title="Two-factor authentication" subtitle={COPY[method].sub}/> ); }; // ================================================================= // SsoSignInPage — /sso (enter organization domain) // ================================================================= const SsoSignInPage = () => { const [domain, setDomain] = React.useState(""); const [busy, setBusy] = React.useState(false); const valid = /[a-z0-9-]+\.[a-z]{2,}/i.test(domain); const onSubmit = (e) => { e.preventDefault(); if (!valid) return; setBusy(true); setTimeout(() => { setBusy(false); window.__toast(`Redirecting to ${domain} IdP (demo)`); window.__nav("dashboard"); }, 700); }; return ( } title="Sign in with SSO" subtitle="Enter your organization's email domain to continue with your identity provider (Okta, Google Workspace, Azure AD, etc.)."/>

{ e.preventDefault(); window.__nav("sign-in"); }}>Back to sign in

); }; // ---------- Shared styles ---------- const AuthStyles = () => ( ); Object.assign(window, { AUTH_ROUTES, SignInPage, SignUpPage, ForgotPasswordPage, CheckEmailPage, ResetPasswordPage, VerifyEmailPage, TwoFactorPage, SsoSignInPage, });