import { api, toast } from "/api/monitoring-tg/static/js/api.js";
const returnTo = (() => {
const raw = new URLSearchParams(location.search).get("return");
// Only allow same-origin relative paths to avoid open-redirect via ?return=
if (raw && raw.startsWith("/") && !raw.startsWith("//")) return raw;
return null;
})();
const returnLink = document.getElementById("return-link");
if (returnLink && returnTo) {
returnLink.href = returnTo;
returnLink.querySelector("button").textContent = "← Вернуться";
}
const steps = ["idle", "code", "password", "done"];
function show(step) {
steps.forEach(s => {
document.getElementById(`step-${s}`).hidden = s !== step;
});
}
function setStatus(html) {
document.getElementById("status-block").innerHTML = html;
}
async function refresh() {
const status = await api.authStatus();
document.getElementById("phone").textContent = status.phone || "—";
document.getElementById("phone-2").textContent = status.phone || "—";
if (status.authorized) {
setStatus(`
Авторизовано
`);
document.getElementById("username").textContent = status.username || "(unnamed)";
show("done");
} else {
setStatus(`Не авторизовано
`);
show("idle");
}
}
document.getElementById("btn-send").addEventListener("click", async (e) => {
e.target.disabled = true;
try {
await api.authSendCode();
toast("Код отправлен в Telegram", "success");
show("code");
document.getElementById("code").focus();
} catch (err) {
toast(err.message, "error");
} finally {
e.target.disabled = false;
}
});
document.getElementById("btn-resend").addEventListener("click", async (e) => {
e.target.disabled = true;
try {
await api.authSendCode();
toast("Новый код отправлен", "success");
} catch (err) {
toast(err.message, "error");
} finally {
e.target.disabled = false;
}
});
document.getElementById("form-code").addEventListener("submit", async (e) => {
e.preventDefault();
const code = document.getElementById("code").value.trim();
const btn = e.target.querySelector("button");
btn.disabled = true;
try {
const res = await api.authSubmitCode(code);
if (res.needs_password) {
toast("Введи 2FA-пароль", "success");
show("password");
document.getElementById("password").focus();
} else {
toast("Готово", "success");
await refresh();
}
} catch (err) {
toast(err.message, "error");
} finally {
btn.disabled = false;
}
});
document.getElementById("form-password").addEventListener("submit", async (e) => {
e.preventDefault();
const password = document.getElementById("password").value;
const btn = e.target.querySelector("button");
btn.disabled = true;
try {
await api.authSubmitPassword(password);
toast("Авторизовано", "success");
document.getElementById("password").value = "";
await refresh();
} catch (err) {
toast(err.message, "error");
} finally {
btn.disabled = false;
}
});
document.getElementById("btn-logout").addEventListener("click", async (e) => {
if (!confirm("Выйти из Telegram-сессии?")) return;
e.target.disabled = true;
try {
await api.authLogout();
toast("Сессия завершена", "success");
await refresh();
} catch (err) {
toast(err.message, "error");
} finally {
e.target.disabled = false;
}
});
refresh().catch(err => toast(err.message, "error"));