"use client" import type React from "react" import { useState, useEffect } from "react" import { Button } from "./ui/button" import { Input } from "./ui/input" import { Label } from "./ui/label" import { Checkbox } from "./ui/checkbox" import { Lock, User, AlertCircle, Server, Shield, Eye, EyeOff } from "lucide-react" import { getApiUrl } from "../lib/api-config" import Image from "next/image" interface LoginProps { onLogin: () => void } export function Login({ onLogin }: LoginProps) { const [username, setUsername] = useState("") const [password, setPassword] = useState("") const [totpCode, setTotpCode] = useState("") const [requiresTotp, setRequiresTotp] = useState(false) const [rememberMe, setRememberMe] = useState(false) const [showPassword, setShowPassword] = useState(false) const [error, setError] = useState("") const [loading, setLoading] = useState(false) useEffect(() => { // The Login screen is, by construction, the recovery path from any // 401 cascade (the api-config wrapper redirects here when an // expired/invalid JWT is detected). Clear the cascade-prevention // flag on mount so a successful login can subsequently fire a fresh // reload if a NEW 401 ever occurs. Without this clear, any 401 set // earlier in the session sticks around forever and the next 401 // (e.g. mid-2FA, or right after a successful login if the token was // briefly stale) is silently swallowed by the de-dup — the user // sees a blank/stuck dashboard. try { sessionStorage.removeItem("proxmenux-auth-401-handled") } catch { // private browsing — best-effort } const savedUsername = localStorage.getItem("proxmenux-saved-username") const savedPassword = localStorage.getItem("proxmenux-saved-password") if (savedUsername && savedPassword) { setUsername(savedUsername) setPassword(savedPassword) setRememberMe(true) } }, []) const handleLogin = async (e: React.FormEvent) => { e.preventDefault() setError("") if (!username || !password) { setError("Please enter username and password") return } if (requiresTotp && !totpCode) { setError("Please enter your 2FA code") return } setLoading(true) try { const response = await fetch(getApiUrl("/api/auth/login"), { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ username, password, totp_token: totpCode || undefined, // Include 2FA code if provided }), }) const data = await response.json() if (data.requires_totp) { setRequiresTotp(true) setLoading(false) return } if (!response.ok) { throw new Error(data.message || "Login failed") } localStorage.setItem("proxmenux-auth-token", data.token) try { sessionStorage.removeItem("proxmenux-auth-401-handled") } catch { // ignore } if (rememberMe) { localStorage.setItem("proxmenux-saved-username", username) localStorage.setItem("proxmenux-saved-password", password) } else { localStorage.removeItem("proxmenux-saved-username") localStorage.removeItem("proxmenux-saved-password") } onLogin() } catch (err) { setError(err instanceof Error ? err.message : "Login failed") } finally { setLoading(false) } } return (

{ const target = e.target as HTMLImageElement target.style.display = "none" const fallback = target.parentElement?.querySelector(".fallback-icon") if (fallback) { fallback.classList.remove("hidden") } }} />

ProxMenux Monitor

Sign in to access your dashboard

{error && (

{error}

)} {!requiresTotp ? ( <>

Username

setUsername(e.target.value)} className="pl-10 text-base" disabled={loading} autoComplete="username" />

Password

setPassword(e.target.value)} className="pl-10 pr-10 text-base" disabled={loading} autoComplete="current-password" />

setRememberMe(checked as boolean)} disabled={loading} /> Remember me

) : (

Two-Factor Authentication

Enter the 6-digit code from your authentication app

Authentication Code setTotpCode(e.target.value.replace(/\D/g, "").slice(0, 6))} className="text-center text-lg tracking-widest font-mono text-base" maxLength={6} disabled={loading} autoComplete="one-time-code" autoFocus />

You can also use a backup code (format: XXXX-XXXX)

)}

ProxMenux Monitor v1.2.0

) }