diff --git a/routes/admin_api.py b/routes/admin_api.py index 0a8b606..df3a08b 100644 --- a/routes/admin_api.py +++ b/routes/admin_api.py @@ -72,16 +72,36 @@ def validate_management_api_key(api_key): @admin_api.route('/login', methods=['POST']) def admin_login(): - data = request.get_json() - if not data or 'email' not in data or 'password' not in data: - return jsonify({'message': 'Email and password are required'}), 400 - user = User.query.filter_by(email=data['email']).first() - if not user or not user.is_admin or not user.check_password(data['password']): - return jsonify({'message': 'Invalid credentials or not an admin'}), 401 - token = jwt.encode({ - 'user_id': user.id - }, current_app.config['SECRET_KEY'], algorithm="HS256") - return jsonify({'token': token}) + try: + data = request.get_json() + if not data or 'email' not in data or 'password' not in data: + return jsonify({ + 'message': 'Email and password are required', + 'status': 'error' + }), 400 + + user = User.query.filter_by(email=data['email']).first() + if not user or not user.is_admin or not user.check_password(data['password']): + return jsonify({ + 'message': 'Invalid credentials or not an admin', + 'status': 'error' + }), 401 + + token = jwt.encode({ + 'user_id': user.id + }, current_app.config['SECRET_KEY'], algorithm="HS256") + + return jsonify({ + 'token': token, + 'status': 'success' + }), 200 + + except Exception as e: + current_app.logger.error(f"Login error: {str(e)}") + return jsonify({ + 'message': 'An error occurred during login', + 'status': 'error' + }), 500 @admin_api.route('/management-token', methods=['POST']) def get_management_token(): diff --git a/templates/main/instances.html b/templates/main/instances.html index 97ed56c..9e8d622 100644 --- a/templates/main/instances.html +++ b/templates/main/instances.html @@ -473,6 +473,8 @@ async function authenticateInstance() { const password = formData.get('password'); try { + console.log('Attempting login to:', `${instanceUrl}/api/admin/login`); + // First login to get token const loginResponse = await fetch(`${instanceUrl}/api/admin/login`, { method: 'POST', @@ -483,12 +485,21 @@ async function authenticateInstance() { body: JSON.stringify({ email, password }) }); + const responseData = await loginResponse.json(); + console.log('Login response:', responseData); + if (!loginResponse.ok) { - const errorData = await loginResponse.json().catch(() => ({})); - throw new Error(errorData.message || 'Login failed'); + throw new Error(responseData.message || 'Login failed'); } - const { token } = await loginResponse.json(); + if (responseData.status !== 'success') { + throw new Error(responseData.message || 'Login failed'); + } + + const token = responseData.token; + if (!token) { + throw new Error('No token received from server'); + } // Then create management API key const keyResponse = await fetch(`${instanceUrl}/api/admin/management-api-key`, { @@ -503,12 +514,17 @@ async function authenticateInstance() { }) }); + const keyData = await keyResponse.json(); + console.log('API key response:', keyData); + if (!keyResponse.ok) { - const errorData = await keyResponse.json().catch(() => ({})); - throw new Error(errorData.message || 'Failed to create API key'); + throw new Error(keyData.message || 'Failed to create API key'); } - const { api_key } = await keyResponse.json(); + const api_key = keyData.api_key; + if (!api_key) { + throw new Error('No API key received from server'); + } // Save the token to our database const saveResponse = await fetch(`/instances/${instanceId}/save-token`, { @@ -520,9 +536,11 @@ async function authenticateInstance() { body: JSON.stringify({ token: api_key }) }); + const saveData = await saveResponse.json(); + console.log('Save token response:', saveData); + if (!saveResponse.ok) { - const errorData = await saveResponse.json().catch(() => ({})); - throw new Error(errorData.message || 'Failed to save token'); + throw new Error(saveData.message || 'Failed to save token'); } // Show success and refresh