// Real Supabase auth — Google OAuth + magic link email
const { useState: auS, useEffect: auE } = React;
// ---- Supabase client (lazy singleton, fetches config from server) ----
let _sbClient = null;
let _sbPromise = null;
function getSupabase() {
if (_sbClient) return Promise.resolve(_sbClient);
if (_sbPromise) return _sbPromise;
_sbPromise = fetch('/api/config')
.then(r => r.json())
.then(cfg => {
if (!cfg.supabaseUrl || !cfg.supabaseAnonKey) return null;
_sbClient = window.supabase.createClient(cfg.supabaseUrl, cfg.supabaseAnonKey);
return _sbClient;
})
.catch(() => null);
return _sbPromise;
}
// Exposed globally so session.jsx can get the current access token
window.MH_getToken = async () => {
const sb = await getSupabase();
if (!sb) return null;
const { data: { session } } = await sb.auth.getSession();
return session?.access_token || null;
};
// ---- Credits (localStorage, keyed by userId so users don't share credits) ----
const CREDIT_CAP = Infinity; // no upper limit — server is authoritative
function creditsKey(userId) {
return userId ? `mh-credits-${userId}` : 'mh-credits';
}
const AuthStore = {
getCredits(userId) { return parseInt(localStorage.getItem(creditsKey(userId)) || '0', 10); },
setCredits(userId, v) { localStorage.setItem(creditsKey(userId), String(Math.max(0, Math.min(CREDIT_CAP, v)))); },
get plan() { return localStorage.getItem('mh-plan') || 'free'; },
set plan(v) { localStorage.setItem('mh-plan', v); },
get invite() { return localStorage.getItem('mh-invite') || ''; },
set invite(v) { localStorage.setItem('mh-invite', v || ''); },
get history() { try { return JSON.parse(localStorage.getItem('mh-history') || '[]'); } catch { return []; } },
set history(v) { localStorage.setItem('mh-history', JSON.stringify(v.slice(-50))); },
};
function pushHistory(entry) {
const h = AuthStore.history;
h.push({ ts: Date.now(), ...entry });
AuthStore.history = h;
window.dispatchEvent(new Event('mh-auth-change'));
}
window.MH_Auth = {
async signOut() {
const sb = await getSupabase();
if (sb) await sb.auth.signOut();
window.dispatchEvent(new Event('mh-auth-change'));
},
addCredits(userId, n, note) {
const cur = AuthStore.getCredits(userId);
AuthStore.setCredits(userId, cur + n);
pushHistory({ type: 'credit-add', amount: n, note });
},
syncCredits(userId, minutes) {
AuthStore.setCredits(userId, minutes);
window.dispatchEvent(new Event('mh-auth-change'));
},
setPlan(plan, note) {
AuthStore.plan = plan;
pushHistory({ type: 'plan', note: plan + (note ? ' · ' + note : '') });
},
applyInvite(code) {
AuthStore.invite = code;
pushHistory({ type: 'invite', note: code });
},
};
// ---- useAuth hook ----
function useAuth() {
const [user, setUser] = auS(null);
const [loading, setLoading] = auS(true);
const [, forceRender] = auS(0);
auE(() => {
let subscription;
getSupabase().then(sb => {
if (!sb) { setLoading(false); return; }
sb.auth.getSession().then(({ data: { session } }) => {
setUser(session?.user ?? null);
setLoading(false);
});
const { data } = sb.auth.onAuthStateChange((event, session) => {
setUser(session?.user ?? null);
setLoading(false);
// Notify app when user freshly signs in (magic link or OAuth redirect)
if (event === 'SIGNED_IN') {
window.dispatchEvent(new CustomEvent('mh-signed-in'));
}
});
subscription = data.subscription;
});
const handler = () => forceRender(x => x + 1);
window.addEventListener('mh-auth-change', handler);
return () => {
subscription?.unsubscribe();
window.removeEventListener('mh-auth-change', handler);
};
}, []);
// Sync credits from server when user loads
auE(() => {
if (!user) return;
window.MH_getToken().then(token => {
if (!token) return;
fetch('/api/credits', { headers: { 'Authorization': `Bearer ${token}` } })
.then(r => r.json())
.then(data => { AuthStore.setCredits(user.id, data.minutes); forceRender(x => x + 1); })
.catch(() => {});
});
}, [user?.id]);
const credits = AuthStore.getCredits(user?.id);
const plan = AuthStore.plan;
const invite = AuthStore.invite;
return {
user,
loading,
credits,
plan,
invite,
history: AuthStore.history,
isOwner: !!invite || plan === 'pro',
canStartSession: plan === 'pro' || !!invite || credits > 0,
minutes: credits,
};
}
window.useAuth = useAuth;
// ---- Login Modal ----
function LoginModal({ open, onClose }) {
const [step, setStep] = auS('intro'); // intro | email | sent | loading | error
const [email, setEmail] = auS('');
const [errorMsg, setErrorMsg] = auS('');
auE(() => {
if (open) { setStep('intro'); setEmail(''); setErrorMsg(''); }
}, [open]);
if (!open) return null;
const redirectTo = window.location.origin + window.location.pathname;
const signInWithGoogle = async () => {
setStep('loading');
const sb = await getSupabase();
if (!sb) { setErrorMsg('Supabase не налаштований'); setStep('error'); return; }
const { error } = await sb.auth.signInWithOAuth({
provider: 'google',
options: { redirectTo },
});
if (error) { setErrorMsg(error.message); setStep('error'); }
};
const signInWithEmail = async () => {
const trimmed = email.trim();
if (!trimmed) return;
setStep('loading');
const sb = await getSupabase();
if (!sb) { setErrorMsg('Supabase не налаштований'); setStep('error'); return; }
const { error } = await sb.auth.signInWithOtp({
email: trimmed,
options: { emailRedirectTo: redirectTo },
});
if (error) { setErrorMsg(error.message); setStep('email'); }
else setStep('sent');
};
return (
{ if (e.target === e.currentTarget) onClose(); }}>
{step === 'intro' && (
M
Увійти в Meeting Helper
Зберігай кредити та налаштування між пристроями.
Ми не записуємо твої дзвінки. Жодних паролів.
)}
{step === 'email' && (
Увійти через email
Відправимо посилання — натиснеш і одразу в системі.
{errorMsg && (
{errorMsg.includes('429') || errorMsg.toLowerCase().includes('rate') || errorMsg.toLowerCase().includes('too many')
? 'Занадто багато спроб. Зачекай кілька хвилин і спробуй знову.'
: errorMsg}