import { api, toast } from "/api/monitoring-tg/static/js/api.js"; const returnTo = (() => { const raw = new URLSearchParams(location.search).get("return"); // Only allow same-origin relative paths to avoid open-redirect via ?return= if (raw && raw.startsWith("/") && !raw.startsWith("//")) return raw; return null; })(); const returnLink = document.getElementById("return-link"); if (returnLink && returnTo) { returnLink.href = returnTo; returnLink.querySelector("button").textContent = "← Вернуться"; } const steps = ["idle", "code", "password", "done"]; function show(step) { steps.forEach(s => { document.getElementById(`step-${s}`).hidden = s !== step; }); } function setStatus(html) { document.getElementById("status-block").innerHTML = html; } async function refresh() { const status = await api.authStatus(); document.getElementById("phone").textContent = status.phone || "—"; document.getElementById("phone-2").textContent = status.phone || "—"; if (status.authorized) { setStatus(`
Авторизовано
`); document.getElementById("username").textContent = status.username || "(unnamed)"; show("done"); } else { setStatus(`
Не авторизовано
`); show("idle"); } } document.getElementById("btn-send").addEventListener("click", async (e) => { e.target.disabled = true; try { await api.authSendCode(); toast("Код отправлен в Telegram", "success"); show("code"); document.getElementById("code").focus(); } catch (err) { toast(err.message, "error"); } finally { e.target.disabled = false; } }); document.getElementById("btn-resend").addEventListener("click", async (e) => { e.target.disabled = true; try { await api.authSendCode(); toast("Новый код отправлен", "success"); } catch (err) { toast(err.message, "error"); } finally { e.target.disabled = false; } }); document.getElementById("form-code").addEventListener("submit", async (e) => { e.preventDefault(); const code = document.getElementById("code").value.trim(); const btn = e.target.querySelector("button"); btn.disabled = true; try { const res = await api.authSubmitCode(code); if (res.needs_password) { toast("Введи 2FA-пароль", "success"); show("password"); document.getElementById("password").focus(); } else { toast("Готово", "success"); await refresh(); } } catch (err) { toast(err.message, "error"); } finally { btn.disabled = false; } }); document.getElementById("form-password").addEventListener("submit", async (e) => { e.preventDefault(); const password = document.getElementById("password").value; const btn = e.target.querySelector("button"); btn.disabled = true; try { await api.authSubmitPassword(password); toast("Авторизовано", "success"); document.getElementById("password").value = ""; await refresh(); } catch (err) { toast(err.message, "error"); } finally { btn.disabled = false; } }); document.getElementById("btn-logout").addEventListener("click", async (e) => { if (!confirm("Выйти из Telegram-сессии?")) return; e.target.disabled = true; try { await api.authLogout(); toast("Сессия завершена", "success"); await refresh(); } catch (err) { toast(err.message, "error"); } finally { e.target.disabled = false; } }); refresh().catch(err => toast(err.message, "error"));