Added credential persistance
This commit is contained in:
@@ -0,0 +1,149 @@
|
||||
# Health Routine – Package Scanner
|
||||
|
||||
> ALWAYS UPDATE THIS FILE AFTER MAKING CHANGES
|
||||
|
||||
## What this is
|
||||
A single-page web app (`index.html`) used internally by Health Routine staff to scan **package** barcodes.
|
||||
A user selects their name, scans/types a code, and the result is looked up via a webhook and appended to a table.
|
||||
Runs in any browser — designed for phones, tablets, and desktop.
|
||||
|
||||
## Files
|
||||
```
|
||||
index.html — the entire app (HTML + CSS + JS, no build step)
|
||||
logo.png — Health Routine brand logo (used in the header)
|
||||
agent.md — this file
|
||||
start — bash script that launches live-server on localhost:8080
|
||||
```
|
||||
|
||||
## Design
|
||||
Colors are pulled directly from healthroutine.de's CSS variables:
|
||||
|
||||
| Token | Hex | Usage |
|
||||
|------------------|-----------|-------------------------------------|
|
||||
| `--primary` | `#005f5a` | Controls bar, table header, buttons |
|
||||
| `--primary-dark` | `#004845` | Hover states |
|
||||
| `--primary-light`| `#e0f0ef` | Row hover, badge backgrounds |
|
||||
| `--bg` | `#f7f7fa` | Page background |
|
||||
| `--card` | `#eaeaf2` | Alternating table rows |
|
||||
| `--sage` | `#82917d` | (brand footer green, available) |
|
||||
| `--error` | `#c71b1b` | Error states |
|
||||
| `--success` | `#15803d` | Success toasts |
|
||||
|
||||
Font: system font stack (`-apple-system`, `Segoe UI`, etc.)
|
||||
|
||||
## Webhook
|
||||
|
||||
**Base URL:** `https://brandize.app.n8n.cloud/webhook/e0268b0f-4935-49ba-bfdf-1c0ee01d3b9d`
|
||||
|
||||
### GET — load users
|
||||
Called once on page load to populate the user dropdown.
|
||||
|
||||
```
|
||||
GET <base_url>
|
||||
Authorization: Basic <base64>
|
||||
```
|
||||
|
||||
Response — n8n may return a JSON array, a single object, or NDJSON.
|
||||
All three formats are handled by `parseJson()` (see below).
|
||||
```json
|
||||
[
|
||||
{ "Name": "Oliver", "id": 1, "createdAt": "...", "updatedAt": "..." },
|
||||
{ "Name": "Luka", "id": 2, ... },
|
||||
{ "Name": "Benni", "id": 3, ... }
|
||||
]
|
||||
```
|
||||
|
||||
### POST — submit scan
|
||||
Called when the user presses Enter in the scan input.
|
||||
|
||||
```
|
||||
POST <base_url>
|
||||
Authorization: Basic <base64>
|
||||
Content-Type: application/json
|
||||
|
||||
{ "user": "Oliver", "code": "SCANNED_BARCODE_STRING" }
|
||||
```
|
||||
|
||||
Success response:
|
||||
```json
|
||||
{
|
||||
"name": "Christa Gierdahl, Christa Gierdahl",
|
||||
"producttag": "0-HR-Nail-Care-5",
|
||||
"batch": "BATCH/25-11-14/06173",
|
||||
"country": "DE"
|
||||
}
|
||||
```
|
||||
|
||||
Error response (non-2xx **or** 200 with error field):
|
||||
```json
|
||||
{ "error": "Human-readable error description" }
|
||||
```
|
||||
|
||||
Fields mapped to table columns:
|
||||
- `country` → **Country** (teal pill badge)
|
||||
- `name` → **Name**
|
||||
- `producttag` → **Tag** (monospace pill, truncated with tooltip on hover)
|
||||
- `batch` → received but not displayed in the table
|
||||
|
||||
### Authentication
|
||||
The webhook requires HTTP Basic Auth.
|
||||
|
||||
- On `401` (GET or POST) a modal appears asking for username + password.
|
||||
- Credentials are saved to a **cookie** (`hr_auth`, 30-day expiry, `SameSite=Strict`) so the user is not prompted again.
|
||||
- On page load, the cookie is read and credentials restored before the first network call.
|
||||
- If the modal is triggered again (e.g. wrong password), the fields are **pre-filled** from the cookie and focus lands on the password field for quick confirmation.
|
||||
- `saveCreds(user, pass)` — JSON-stringifies, URI-encodes, base64-encodes, writes cookie.
|
||||
- `loadCredsFromCookie()` — reverses that; returns `{ user, pass }` or `null`.
|
||||
- `clearCredsCookie()` — available but not exposed in UI (call from browser console if needed).
|
||||
|
||||
### Error handling (POST)
|
||||
Two cases:
|
||||
1. **Non-2xx response** — body is parsed; if `errData.error` exists it is shown verbatim; otherwise a generic `HTTP <status>` message is shown.
|
||||
2. **200 response with `error` field** — treated as failure: `item.error` is displayed, row is *not* added to the table.
|
||||
|
||||
Errors appear in the **persistent status banner** (red, no auto-dismiss) and the scan input is selected so the user can re-scan or correct the code.
|
||||
|
||||
### NDJSON / response format
|
||||
n8n sometimes returns multiple items as NDJSON (one JSON object per line) instead of a proper JSON array. `parseJson(res)` handles all three formats:
|
||||
1. Standard JSON array `[...]`
|
||||
2. Single JSON object `{...}` — passed through as-is
|
||||
3. NDJSON — split on `\n`, each line parsed individually, returned as an array
|
||||
|
||||
## UI layout
|
||||
|
||||
```
|
||||
┌─────────────────────────────────────────────────────┐
|
||||
│ [HR logo] Health Routine | Package Scanner │ ← white brand bar
|
||||
├─────────────────────────────────────────────────────┤
|
||||
│ [▥ SCAN HERE_____________] [User ▾] [✕ Clear] │ ← teal controls bar
|
||||
├─────────────────────────────────────────────────────┤
|
||||
│ SCAN LOG 3 scans ● │
|
||||
│ ┌───────────────────────────────────────────────┐ │
|
||||
│ │ COUNTRY │ NAME │ TAG │ │ ← sticky header
|
||||
│ ├──────────┼───────────────────────┼─────────────┤ │
|
||||
│ │ DE │ Christa Gierdahl │ 0-HR-Nail… │ │ ← newest row on top
|
||||
│ │ AT │ ... │ ... │ │
|
||||
│ │ scrollable area │ │ │
|
||||
│ └───────────────────────────────────────────────┘ │
|
||||
└─────────────────────────────────────────────────────┘
|
||||
```
|
||||
|
||||
On mobile (< 620 px): scan input goes full-width on its own row; user dropdown and clear button share the row below.
|
||||
|
||||
## Key behaviours
|
||||
- **On load**: cookie credentials restored → GET webhook fires → dropdown populated → scan input auto-focused
|
||||
- **Enter key**: trims input, POSTs to webhook, prepends result row, clears + re-focuses input
|
||||
- **Clear button**: empties the table, clears the scan input, resets the scan counter
|
||||
- **No user selected**: red toast + highlighted dropdown; does not submit
|
||||
- **401 on any request**: modal prompts for credentials (pre-filled from cookie), saves to cookie, retries original call
|
||||
- **Webhook error**: `error` field shown verbatim in persistent red banner; input selected for re-scan
|
||||
- **Network error**: dismissing error banner; input selected so user can retry
|
||||
- **Dropdown error state**: tapping/focusing the dropdown while it shows an error re-triggers `loadUsers()`
|
||||
- **NDJSON/array/object**: `parseJson()` normalises all response formats from n8n
|
||||
|
||||
## How to run
|
||||
Open `index.html` directly in a browser (`file://`) — no server needed for local use.
|
||||
Or run the `start` script for live-reload during development:
|
||||
```bash
|
||||
./start # requires Node.js; installs live-server globally if missing
|
||||
```
|
||||
+77
-14
@@ -6,7 +6,7 @@
|
||||
name="viewport"
|
||||
content="width=device-width, initial-scale=1.0, user-scalable=no"
|
||||
/>
|
||||
<title>Health Routine – Product Scanner</title>
|
||||
<title>Health Routine – Package Scanner</title>
|
||||
<style>
|
||||
*,
|
||||
*::before,
|
||||
@@ -808,7 +808,7 @@
|
||||
</div>
|
||||
<span class="brand-name">Health Routine</span>
|
||||
<div class="brand-divider"></div>
|
||||
<span class="brand-subtitle">Product Scanner</span>
|
||||
<span class="brand-subtitle">Package Scanner</span>
|
||||
</div>
|
||||
|
||||
<!-- Controls bar -->
|
||||
@@ -898,7 +898,7 @@
|
||||
</div>
|
||||
<div class="empty-title">No scans yet</div>
|
||||
<div class="empty-hint">
|
||||
Select a user, then scan or type a product code and
|
||||
Select a user, then scan or type a package code and
|
||||
press Enter
|
||||
</div>
|
||||
</div>
|
||||
@@ -994,6 +994,51 @@
|
||||
const modalError = document.getElementById("modalError");
|
||||
const toast = document.getElementById("toast");
|
||||
|
||||
// ── Cookie helpers ────────────────────────────────────────────────────────
|
||||
function saveCreds(user, pass) {
|
||||
const val = btoa(
|
||||
encodeURIComponent(JSON.stringify({ user, pass })),
|
||||
);
|
||||
document.cookie = `hr_auth=${val}; max-age=${30 * 24 * 3600}; SameSite=Strict; path=/`;
|
||||
}
|
||||
|
||||
function loadCredsFromCookie() {
|
||||
const match = document.cookie.match(
|
||||
/(?:^|;\s*)hr_auth=([^;]+)/,
|
||||
);
|
||||
if (match) {
|
||||
try {
|
||||
return JSON.parse(decodeURIComponent(atob(match[1])));
|
||||
} catch (_) {}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
function clearCredsCookie() {
|
||||
document.cookie = "hr_auth=; max-age=0; path=/";
|
||||
}
|
||||
|
||||
// ── JSON parser (handles array, single object, and NDJSON) ───────────────
|
||||
async function parseJson(res) {
|
||||
const text = await res.text();
|
||||
// Standard JSON (array or object)
|
||||
try {
|
||||
const parsed = JSON.parse(text);
|
||||
return parsed;
|
||||
} catch (_) {}
|
||||
// NDJSON — n8n sometimes returns one object per line
|
||||
try {
|
||||
const lines = text
|
||||
.trim()
|
||||
.split("\n")
|
||||
.filter((l) => l.trim());
|
||||
if (lines.length > 0) {
|
||||
return lines.map((l) => JSON.parse(l));
|
||||
}
|
||||
} catch (_) {}
|
||||
throw new Error("Could not parse server response");
|
||||
}
|
||||
|
||||
// ── Helpers ──────────────────────────────────────────────────────────────
|
||||
function esc(str) {
|
||||
return String(str ?? "")
|
||||
@@ -1052,10 +1097,16 @@
|
||||
function needAuth(retryCb) {
|
||||
pendingAuthCb = retryCb;
|
||||
modalError.style.display = "none";
|
||||
authUser.value = "";
|
||||
authPass.value = "";
|
||||
// Pre-fill from saved cookie so user only needs to confirm
|
||||
const saved = loadCredsFromCookie();
|
||||
authUser.value = saved?.user || "";
|
||||
authPass.value = saved?.pass || "";
|
||||
authModal.classList.remove("hidden");
|
||||
setTimeout(() => authUser.focus(), 50);
|
||||
// Focus password if username already filled, otherwise username
|
||||
setTimeout(
|
||||
() => (saved ? authPass.focus() : authUser.focus()),
|
||||
50,
|
||||
);
|
||||
}
|
||||
|
||||
function cancelAuth() {
|
||||
@@ -1075,6 +1126,7 @@
|
||||
}
|
||||
|
||||
creds = { user: u, pass: p };
|
||||
saveCreds(u, p); // persist to cookie
|
||||
authBtn.classList.add("loading");
|
||||
authBtn.disabled = true;
|
||||
modalError.style.display = "none";
|
||||
@@ -1120,7 +1172,7 @@
|
||||
return;
|
||||
}
|
||||
|
||||
const data = await res.json();
|
||||
const data = await parseJson(res);
|
||||
buildDropdown(data);
|
||||
hideBanner();
|
||||
} catch (err) {
|
||||
@@ -1164,7 +1216,7 @@
|
||||
return;
|
||||
}
|
||||
|
||||
showBanner("Looking up product…", "loading");
|
||||
showBanner("Looking up package…", "loading");
|
||||
|
||||
try {
|
||||
const res = await fetch(WEBHOOK, {
|
||||
@@ -1182,16 +1234,24 @@
|
||||
}
|
||||
|
||||
if (!res.ok) {
|
||||
showBanner(
|
||||
`Scan failed (HTTP ${res.status}).`,
|
||||
"error",
|
||||
5000,
|
||||
);
|
||||
// Try to extract a descriptive error from the response body
|
||||
let errMsg = `Scan failed (HTTP ${res.status}).`;
|
||||
try {
|
||||
const errData = await parseJson(res);
|
||||
if (errData?.error) errMsg = errData.error;
|
||||
} catch (_) {}
|
||||
showBanner(errMsg, "error", 0); // persistent until next action
|
||||
scanInput.select();
|
||||
return;
|
||||
}
|
||||
|
||||
const item = await res.json();
|
||||
const item = await parseJson(res);
|
||||
// Webhook may return 200 but carry an error field
|
||||
if (item?.error) {
|
||||
showBanner(item.error, "error", 0);
|
||||
scanInput.select();
|
||||
return;
|
||||
}
|
||||
hideBanner();
|
||||
addRow(item);
|
||||
showToast(
|
||||
@@ -1265,6 +1325,9 @@
|
||||
|
||||
// ── Init ─────────────────────────────────────────────────────────────────
|
||||
window.addEventListener("DOMContentLoaded", () => {
|
||||
// Restore saved credentials before the first network call
|
||||
const saved = loadCredsFromCookie();
|
||||
if (saved) creds = saved;
|
||||
loadUsers();
|
||||
scanInput.focus();
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user