euphon/tori
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: configurable OAuth (Google + TikTok SSO), project membership, inline file preview

Browse Source 
- Auth: configurable OAuthProvider enum supporting Google OAuth and TikTok SSO
- Auth: /auth/provider endpoint for frontend to detect active provider
- Auth: user role system (admin via ADMIN_USERS env var sees all projects)
- Projects: project_members many-to-many table with role (owner/member)
- Projects: membership-based access control, auto-add creator as owner
- Projects: member management API (list/add/remove)
- Files: remove Content-Disposition attachment header, let browser decide
- Health: public /tori/api/health endpoint for k8s probes
This commit is contained in:
Fam Zheng
2026-03-17 03:42:38 +00:00
parent 63f0582f54
commit 28a00dd2f3
7 changed files with 504 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
web/src/components/LoginPage.vue
View File

@@ -1,5 +1,25 @@
<script setup lang="ts">
import { ref, onMounted } from 'vue'
import { auth } from '../api'
const provider = ref<string | null>(null)
onMounted(async () => {
try {
const res = await fetch(`${import.meta.env.BASE_URL.replace(/\/$/, '')}/api/auth/provider`)
if (res.ok) {
const data = await res.json()
provider.value = data.provider
}
} catch {
// fallback to generic
}
})
const providerLabel: Record<string, string> = {
'google': 'Google',
'tiktok-sso': 'TikTok SSO',
}
</script>
<template>
@@ -7,14 +27,20 @@ import { auth } from '../api'
<div class="login-card">
<h1 class="login-title">Tori</h1>
<p class="login-subtitle">Sign in to continue</p>
<a :href="auth.loginUrl" class="google-btn">
<svg class="google-icon" viewBox="0 0 24 24" width="18" height="18">
<a :href="auth.loginUrl" class="login-btn">
<!-- Google icon -->
<svg v-if="provider === 'google'" class="provider-icon" viewBox="0 0 24 24" width="18" height="18">
<path fill="#4285F4" d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92a5.06 5.06 0 0 1-2.2 3.32v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.1z"/>
<path fill="#34A853" d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"/>
<path fill="#FBBC05" d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z"/>
<path fill="#EA4335" d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"/>
</svg>
Sign in with Google
<!-- Generic lock icon for other providers -->
<svg v-else class="provider-icon" viewBox="0 0 24 24" width="18" height="18" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<rect x="3" y="11" width="18" height="11" rx="2" ry="2"/>
<path d="M7 11V7a5 5 0 0 1 10 0v4"/>
</svg>
Sign in{{ provider ? ` with ${providerLabel[provider] || provider}` : '' }}
</a>
</div>
</div>
@@ -51,7 +77,7 @@ import { auth } from '../api'
margin: 0 0 32px;
}
.google-btn {
.login-btn {
display: inline-flex;
align-items: center;
gap: 10px;
@@ -67,12 +93,12 @@ import { auth } from '../api'
transition: background 0.15s, box-shadow 0.15s;
}
.google-btn:hover {
.login-btn:hover {
background: var(--bg-tertiary);
box-shadow: 0 1px 4px rgba(0, 0, 0, 0.1);
}
.google-icon {
.provider-icon {
flex-shrink: 0;
}
</style>