This commit is contained in:
oliver
2026-06-08 10:01:15 -03:00
parent 2da6e88326
commit 8c668d4cd0
2 changed files with 43 additions and 12 deletions
+41 -12
View File
@@ -17,7 +17,7 @@ Single-page user portal for **derez.ai** — lets customers sign up, log in, and
| Logic | Vanilla JS · `app.js` (edit directly, no bundler) |
| Dev server | `./start` (runs `live-server` on port 8080) |
| Auth | Email stored in `localStorage` key `al_email` |
| Backend | n8n webhooks on `n8n.agent-loft.com` |
| Backend | n8n webhooks on `n8n.derez.ai` |
### File map
@@ -25,6 +25,7 @@ Single-page user portal for **derez.ai** — lets customers sign up, log in, and
index.html ← all markup — auth card + app shell + confirm dialog
styles.css ← all styles — design tokens, layout, components
app.js ← all logic — auth, agents, keys, password, restart, backups, contract
password-reset.html ← standalone page — receives ?token=XXX, sets new password, redirects to app
start ← dev server launcher (live-server)
AGENTS.md ← this file
style_guide.md ← visual design spec (tokens, typography, components)
@@ -79,17 +80,28 @@ body (display:flex; align-items:center; justify-content:center; overflow:hidden
Page load
└── localStorage has 'al_email'?
Yes → showApp() + loadAgents() ← shell made visible immediately, no auth animation
No → showAuth() ← auth card + demo shell shown side-by-side
No → showAuth() ← auth card shown (demo shell hidden)
Sign In
└── GET AGENTS_URL?email=…&password=…
200 → store email → showApp() (animates auth card out) → processAgents()
!200 → show inline error
└── POST AUTH_URL {email, password}
200 + sessionid → store session → showApp() (animates auth card out) → loadAgents()
!200 → show inline error + reveal #reset-pw-wrap (forgot password section)
Password Reset — step 1 (auth screen)
└── User clicks “Send reset email” in #reset-pw-wrap
POST PW_RESET_URL {email}
always → hide signin-error → show #reset-pw-sent confirmation
(response not checked — never reveal whether address exists)
Password Reset — step 2 (password-reset.html?token=XXX)
└── token missing or < 8 chars → show invalid-state
token valid → show password form
POST PW_RESET_URL {token, password}
200 → show success state → progress bar → redirect to https://app.derez.ai
!200 → show error banner, re-enable Save button
Sign Up
└── POST SIGNUP_URL {email, password, agent, location}
200 → open Stripe checkout tab + auto-login immediately
!200 → show inline error
└── “Hire Agent” button links to https://derez.ai/#pricing (no inline form)
Sign Out
└── remove 'al_email' from localStorage → showAuth()
@@ -314,13 +326,29 @@ When status is red, an **Extend Contract →** link is shown pointing to `CONTRA
### 9 · Wizard Complete
```
POST https://n8n.agent-loft.com/webhook/e01d06a3-14c3-4e4e-830f-7d4be9a5f529 (same as Agent Info)
POST https://n8n.derez.ai/webhook/e01d06a3-14c3-4e4e-830f-7d4be9a5f529 (same as Agent Info)
Body: { uuid, key: "WIZZARD", value: "false" }
```
Called when the user clicks **Copy & Finish** in the wizard. Reuses `AGENT_INFO_URL`. The same endpoint accepts all agent config writes via `{ uuid, key, value }` — e.g. comments use `key: "comment"`. No separate constant needed.
The agent info GET response (webhook 6) drives wizard visibility: if the response contains `WIZZARD` with any value other than `false` (or the key is absent), the wizard is shown above the Backups card.
### 10 · Password Reset
```
POST https://n8n.derez.ai/webhook/c2ce0eba-eb26-405d-8a90-8d982ec30698
Body (step 1 — request email): { email }
Body (step 2 — save new password): { token, password }
```
The same endpoint handles both steps — the presence of `token` distinguishes them.
**Step 1** is triggered from `index.html` when the user clicks **Send reset email** inside `#reset-pw-wrap` (visible only after a failed sign-in). The response is intentionally ignored and the sent-confirmation is always shown — this avoids revealing whether the email address exists.
**Step 2** is handled entirely by `password-reset.html`, which:
- Reads `?token=XXX` from the URL on load; shows an invalid-state if absent.
- Requires both password fields to match and be ≥ 8 characters before enabling Save.
- On 200 response shows a success state with a 2 s animated progress bar then redirects to `https://app.derez.ai`.
- On !200 shows an inline error banner and re-enables the Save button.
---
## State Variables (`app.js`)
@@ -349,9 +377,10 @@ There is no global keys, backups, contract, or wizard-JSON state that is re-fetc
| Function | What it does |
|---|---|
| `showAuth()` / `showApp()` | toggle between auth card and app shell |
| `switchAuthTab(tab)` | toggle Sign In / Sign Up forms |
| `doSignIn()` | validate email → fetch agents → enter app |
| `doSignUp()` | validate form → POST signup webhook → show Stripe notice |
| `switchAuthTab(tab)` | toggle Sign In / Hire Agent; clears error + hides reset section |
| `doSignIn()` | validate → POST auth webhook → enter app; on failure shows error + calls `showResetOption()` |
| `showResetOption()` | reveals `#reset-pw-wrap` in idle state below the sign-in error |
| `sendPasswordReset()` | POST `PW_RESET_URL` with email → hides error panel → shows sent confirmation |
| `doSignOut()` | clear localStorage → reset state → showAuth |
| `loadAgents()` | fetch agent list, call `processAgents()` |
| `selectAgent(uuid)` | switch active tab, load keys + backups + agent info + contract |