@intranefr/superbackend 1.5.3 → 1.6.4

package/views/admin-403.ejs

@@ -0,0 +1,92 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Access Denied - SuperBackend Admin</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/dist/tabler-icons.min.css">
+</head>
+<body class="bg-gray-50 min-h-screen flex items-center justify-center">
+    <div class="max-w-md w-full bg-white rounded-lg shadow-lg p-8">
+        <div class="text-center">
+            <!-- Error Icon -->
+            <div class="mx-auto w-16 h-16 bg-red-100 rounded-full flex items-center justify-center mb-4">
+                <i class="ti ti-lock text-red-600 text-2xl"></i>
+            </div>
+            
+            <!-- Error Title -->
+            <h1 class="text-2xl font-bold text-gray-900 mb-2">Access Denied</h1>
+            
+            <!-- Error Message -->
+            <p class="text-gray-600 mb-6">
+                You don't have permission to access this module.
+            </p>
+            
+            <!-- Permission Details -->
+            <div class="bg-gray-50 rounded-lg p-4 mb-6 text-left">
+                <h3 class="text-sm font-semibold text-gray-700 mb-2">Permission Details:</h3>
+                <div class="space-y-1 text-xs">
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Module:</span>
+                        <span class="font-mono text-gray-800"><%= moduleId %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Action:</span>
+                        <span class="font-mono text-gray-800"><%= action %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Required:</span>
+                        <span class="font-mono text-gray-800 break-all"><%= required %></span>
+                    </div>
+                    <% if (reason) { %>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Reason:</span>
+                        <span class="font-mono text-gray-800"><%= reason %></span>
+                    </div>
+                    <% } %>
+                </div>
+            </div>
+            
+            <!-- User Info -->
+            <% if (user) { %>
+            <div class="bg-blue-50 rounded-lg p-4 mb-6 text-left">
+                <h3 class="text-sm font-semibold text-blue-700 mb-2">Current User:</h3>
+                <div class="space-y-1 text-xs">
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Name:</span>
+                        <span class="font-mono text-blue-800"><%= user.name || 'N/A' %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Email:</span>
+                        <span class="font-mono text-blue-800 break-all"><%= user.email %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Role:</span>
+                        <span class="font-mono text-blue-800"><%= user.role || 'N/A' %></span>
+                    </div>
+                </div>
+            </div>
+            <% } %>
+            
+            <!-- Action Buttons -->
+            <div class="space-y-3">
+                <a href="<%= adminPath %>" class="w-full bg-blue-600 text-white py-2 px-4 rounded-lg hover:bg-blue-700 transition-colors flex items-center justify-center">
+                    <i class="ti ti-layout-dashboard mr-2"></i>
+                    Return to Dashboard
+                </a>
+                
+                <button onclick="history.back()" class="w-full bg-gray-200 text-gray-700 py-2 px-4 rounded-lg hover:bg-gray-300 transition-colors flex items-center justify-center">
+                    <i class="ti ti-arrow-left mr-2"></i>
+                    Go Back
+                </button>
+            </div>
+            
+            <!-- Help Text -->
+            <p class="text-xs text-gray-500 mt-6">
+                If you believe this is an error, please contact your system administrator.
+            </p>
+        </div>
+    </div>
+</body>
+</html>

package/views/admin-dashboard-home.ejs

@@ -149,14 +149,64 @@
 
   <script>
     let growthChart, emailChart;
+    const isIframe = <%= typeof isIframe !== 'undefined' && isIframe %>;
 
     async function fetchStats() {
       try {
-        const res = await fetch('<%= baseUrl %>/api/admin/stats/overview');
-        const data = await res.json();
+        let data;
+        
+        if (isIframe) {
+          // In iframe mode, request data from parent window
+          data = await new Promise((resolve, reject) => {
+            const messageId = 'stats-request-' + Date.now();
+            
+            const handleMessage = (event) => {
+              if (event.data.type === 'stats-response' && event.data.messageId === messageId) {
+                window.removeEventListener('message', handleMessage);
+                if (event.data.error) {
+                  reject(new Error(event.data.error));
+                } else {
+                  resolve(event.data.data);
+                }
+              }
+            };
+            
+            window.addEventListener('message', handleMessage);
+            
+            // Request data from parent
+            window.parent.postMessage({
+              type: 'stats-request',
+              messageId: messageId,
+              endpoint: '<%= baseUrl %>/api/admin/stats/overview'
+            }, '*');
+            
+            // Timeout after 5 seconds
+            setTimeout(() => {
+              window.removeEventListener('message', handleMessage);
+              reject(new Error('Timeout waiting for parent response'));
+            }, 5000);
+          });
+        } else {
+          // Normal mode - direct fetch
+          const res = await fetch('<%= baseUrl %>/api/admin/stats/overview');
+          data = await res.json();
+        }
+        
         updateUI(data);
       } catch (err) {
         console.error('Failed to load stats:', err);
+        // Show error state
+        const app = document.getElementById('app');
+        if (app) {
+          app.innerHTML = `
+            <div class="text-center py-12">
+              <i class="ti ti-alert-triangle text-4xl text-yellow-500 mb-4"></i>
+              <h3 class="text-lg font-semibold text-gray-900 mb-2">Unable to load stats</h3>
+              <p class="text-gray-500">${err.message}</p>
+              ${isIframe ? '<p class="text-sm text-gray-400 mt-2">Iframe mode: Parent window communication failed</p>' : ''}
+            </div>
+          `;
+        }
       }
     }
 

package/views/admin-dashboard.ejs

@@ -30,6 +30,35 @@
                     <span class="ml-1">to search</span>
                 </div>
                 <div class="flex items-center gap-4">
+                    <!-- User Info & Logout -->
+                    <div class="flex items-center gap-3">
+                        <div class="text-right">
+                            <div class="text-sm font-medium text-gray-700">{{ currentUser.name || currentUser.username || 'Admin User' }}</div>
+                            <div class="text-xs text-gray-500">{{ currentUser.email || currentUser.authType + ' authentication' }}</div>
+                        </div>
+                        <div class="relative">
+                            <button 
+                                @click="showUserMenu = !showUserMenu" 
+                                class="flex items-center justify-center w-8 h-8 bg-blue-600 text-white rounded-full hover:bg-blue-700 transition-colors">
+                                <i class="ti ti-user text-sm"></i>
+                            </button>
+                            
+                            <!-- User Dropdown Menu -->
+                            <div v-if="showUserMenu" class="absolute right-0 mt-2 w-48 bg-white rounded-lg shadow-lg border border-gray-200 py-1 z-50">
+                                <div class="px-4 py-2 border-b border-gray-100">
+                                    <div class="text-sm font-medium text-gray-900">{{ currentUser.name || currentUser.username || 'Admin User' }}</div>
+                                    <div class="text-xs text-gray-500">{{ currentUser.role }}</div>
+                                </div>
+                                <button 
+                                    @click="handleLogout" 
+                                    class="w-full text-left px-4 py-2 text-sm text-red-600 hover:bg-red-50 transition-colors flex items-center gap-2">
+                                    <i class="ti ti-logout"></i>
+                                    Logout
+                                </button>
+                            </div>
+                        </div>
+                    </div>
+                    
                     <button @click="globalZenMode = !globalZenMode" class="text-gray-500 hover:text-blue-600 p-1.5 rounded-lg border border-gray-200 bg-white" title="Toggle Global Zen Mode (ESC ESC to exit)">
                         <i class="ti ti-maximize"></i>
                     </button>
@@ -56,7 +85,7 @@
                         v-for="tab in tabs"
                         v-show="activeTabId === tab.id"
                         :key="tab.id"
-                        :src="baseUrl + tab.path" 
+                        :src="getIframeSrc(tab.path)" 
                         class="absolute inset-0 w-full h-full border-none"
                         :id="'frame-' + tab.id"
                     ></iframe>
@@ -97,6 +126,10 @@
                 const tabs = ref([]);
                 const activeTabId = ref(null);
                 const globalZenMode = ref(false);
+                
+                // User authentication state
+                const currentUser = ref({});
+                const showUserMenu = ref(false);
 
                 // ESC ESC to exit Zen Mode
                 let escCount = 0;
@@ -385,9 +418,59 @@
                     }
                 };
 
+                // User authentication functions
+                const fetchCurrentUser = async () => {
+                    try {
+                        const response = await fetch(`${adminBase}/auth-status`);
+                        if (response.ok) {
+                            const userData = await response.json();
+                            if (userData.authenticated) {
+                                currentUser.value = userData.user || {};
+                            }
+                        }
+                    } catch (error) {
+                        console.error('Failed to fetch user data:', error);
+                        // Set default user data on error
+                        currentUser.value = { name: 'Admin User', authType: 'unknown' };
+                    }
+                };
+
+                const handleLogout = async () => {
+                    try {
+                        const response = await fetch(`${adminBase}/logout`, {
+                            method: 'POST',
+                            headers: {
+                                'Content-Type': 'application/x-www-form-urlencoded',
+                            }
+                        });
+                        
+                        if (response.redirected) {
+                            window.location.href = response.url;
+                        } else {
+                            // Fallback redirect
+                            window.location.href = `${adminBase}/login`;
+                        }
+                    } catch (error) {
+                        console.error('Logout error:', error);
+                        // Fallback redirect
+                        window.location.href = `${adminBase}/login`;
+                    }
+                };
+
+                // Close user menu when clicking outside
+                const handleClickOutside = (event) => {
+                    if (showUserMenu.value && !event.target.closest('.relative')) {
+                        showUserMenu.value = false;
+                    }
+                };
+
                 onMounted(() => {
                     window.addEventListener('keydown', handleKeydown);
                     window.addEventListener('message', handleMessage);
+                    window.addEventListener('click', handleClickOutside);
+                    
+                    // Fetch current user data
+                    fetchCurrentUser();
                     
                     // Load saved tabs from localStorage
                     const savedState = loadTabsFromStorage();
@@ -411,8 +494,17 @@
                 onUnmounted(() => {
                     window.removeEventListener('keydown', handleKeydown);
                     window.removeEventListener('message', handleMessage);
+                    window.removeEventListener('click', handleClickOutside);
                 });
 
+                const getIframeSrc = (path) => {
+                    // Ensure path starts with /
+                    const cleanPath = path.startsWith('/') ? path : ('/' + path);
+                    // Add iframe token for authentication
+                    const separator = cleanPath.includes('?') ? '&' : '?';
+                    return cleanPath + separator + 'iframe_token=authenticated';
+                };
+
                 return {
                     baseUrl,
                     adminBase,
@@ -420,6 +512,8 @@
                     tabs,
                     activeTabId,
                     globalZenMode,
+                    currentUser,
+                    showUserMenu,
                     openTab,
                     closeTab,
                     showPalette,
@@ -431,12 +525,59 @@
                     closePalette,
                     navigatePalette,
                     selectPaletteItem,
-                    selectModule
+                    selectModule,
+                    handleLogout,
+                    getIframeSrc
                 };
             }
         }).mount('#app');
     </script>
 <script>
+  // Handle iframe communication for API requests
+  window.addEventListener('message', async (event) => {
+    if (event.data.type === 'stats-request') {
+      try {
+        const response = await fetch(event.data.endpoint);
+        const data = await response.json();
+        
+        // Send response back to iframe
+        event.source.postMessage({
+          type: 'stats-response',
+          messageId: event.data.messageId,
+          data: data
+        }, '*');
+      } catch (error) {
+        // Send error back to iframe
+        event.source.postMessage({
+          type: 'stats-response',
+          messageId: event.data.messageId,
+          error: error.message
+        }, '*');
+      }
+    } else if (event.data.type === 'api-request') {
+      try {
+        const response = await fetch(event.data.url, event.data.options);
+        const data = await response.json();
+        
+        // Send response back to iframe
+        event.source.postMessage({
+          type: 'api-response',
+          messageId: event.data.messageId,
+          ok: response.ok,
+          data: data
+        }, '*');
+      } catch (error) {
+        // Send error back to iframe
+        event.source.postMessage({
+          type: 'api-response',
+          messageId: event.data.messageId,
+          ok: false,
+          error: error.message
+        }, '*');
+      }
+    }
+  });
+
   window.addEventListener("keydown", (e) => {
     if ((e.ctrlKey || e.metaKey) && e.key === "k") {
       e.preventDefault();