// Bleu SmartDER — Authentication layer // Real Supabase auth wrapped around the static prototype. // AuthGate decides whether to render the sign-in/sign-up screens or the // underlying . Profile (role + tenant_id) is derived from the // signed-in user's email via BLEU_CONFIG mappings in index.html. const _sb = window.supabase.createClient( window.BLEU_CONFIG.SUPABASE_URL, window.BLEU_CONFIG.SUPABASE_ANON_KEY ); window.sb = _sb; const AuthContext = React.createContext(null); function useAuth() { return React.useContext(AuthContext); } function deriveProfile(user) { if (!user) return null; const email = (user.email || '').toLowerCase(); const cfg = window.BLEU_CONFIG; const isAdmin = cfg.ADMIN_EMAILS.includes(email); const mappedTenant = cfg.TENANT_EMAIL_MAP[email] || null; return { email, name: user.user_metadata?.full_name || email.split('@')[0], role: isAdmin ? 'admin' : 'tenant', tenantId: mappedTenant || 't-ahmed', // unmapped signups view Ahmed's demo data isDemoMapped: isAdmin || mappedTenant != null, }; } // ============= Auth screens ============= function AuthShell({ children, mode, onSwitch }) { return (
); } function SignInScreen({ onSwitch, onSubmit, error, submitting }) { const [email, setEmail] = React.useState(''); const [password, setPassword] = React.useState(''); function handleSubmit(e) { e.preventDefault(); if (!email || !password) return; onSubmit(email.trim().toLowerCase(), password); } return (
{error &&
{error}
}
New here? onSwitch('signup')}>Create a tenant account.
); } function SignUpScreen({ onSwitch, onSubmit, error, submitting, success }) { const [name, setName] = React.useState(''); const [email, setEmail] = React.useState(''); const [password, setPassword] = React.useState(''); const [orgName, setOrgName] = React.useState(''); const [tenantType, setTenantType] = React.useState('farm'); function handleSubmit(e) { e.preventDefault(); if (!email || !password) return; onSubmit({ email: email.trim().toLowerCase(), password, metadata: { full_name: name, org_name: orgName, tenant_type: tenantType }, }); } if (success) { return (

Tenant account created

We sent a confirmation link to {success.email}. Once confirmed, an operator will commission your devices and your real telemetry will replace the demo data.

); } return (
{error &&
{error}
}
By creating an account you'll see the Bleu SmartDER MVP populated with demo data while an operator commissions your devices. Already registered? onSwitch('signin')}>Sign in.
); } // ============= AuthGate ============= function AuthGate({ children }) { const [loading, setLoading] = React.useState(true); const [session, setSession] = React.useState(null); const [mode, setMode] = React.useState('signin'); const [error, setError] = React.useState(''); const [submitting, setSubmitting] = React.useState(false); const [signupSuccess, setSignupSuccess] = React.useState(null); React.useEffect(() => { _sb.auth.getSession().then(({ data }) => { setSession(data.session); setLoading(false); }); const { data: sub } = _sb.auth.onAuthStateChange((_evt, s) => { setSession(s); }); return () => sub.subscription.unsubscribe(); }, []); async function signIn(email, password) { setSubmitting(true); setError(''); const { error } = await _sb.auth.signInWithPassword({ email, password }); setSubmitting(false); if (error) setError(friendlyAuthError(error.message)); } async function signUp({ email, password, metadata }) { setSubmitting(true); setError(''); const { data, error } = await _sb.auth.signUp({ email, password, options: { data: metadata }, }); setSubmitting(false); if (error) { setError(friendlyAuthError(error.message)); return; } if (data.session) { // Email confirmation is OFF — user is already signed in setSignupSuccess(null); } else { // Email confirmation is ON setSignupSuccess({ email }); } } async function signOut() { await _sb.auth.signOut(); setMode('signin'); } window.bleuSignOut = signOut; if (loading) { return (
Loading…
); } if (!session) { return mode === 'signup' ? { setMode(m || 'signin'); setError(''); setSignupSuccess(null); }} onSubmit={signUp} error={error} submitting={submitting} success={signupSuccess} /> : { setMode(m || 'signup'); setError(''); }} onSubmit={signIn} error={error} submitting={submitting} />; } const profile = deriveProfile(session.user); return ( {children} ); } function friendlyAuthError(msg) { if (!msg) return 'Something went wrong. Please try again.'; const m = msg.toLowerCase(); if (m.includes('invalid login credentials')) return 'Wrong email or password.'; if (m.includes('email not confirmed')) return 'Please confirm your email first (check your inbox).'; if (m.includes('user already registered')) return 'That email is already registered. Try signing in instead.'; if (m.includes('password should be at least')) return 'Password must be at least 8 characters.'; return msg; } Object.assign(window, { AuthGate, useAuth });