src/auth/useInteractiveRegistration.ts

/*
Copyright 2022-2024 New Vector Ltd.

SPDX-License-Identifier: AGPL-3.0-only
Please see LICENSE in the repository root for full details.
*/

import { useState, useEffect, useCallback, useRef } from "react";
import { InteractiveAuth } from "matrix-js-sdk/src/interactive-auth";
import {
  createClient,
  type MatrixClient,
  type RegisterResponse,
} from "matrix-js-sdk/src/matrix";
import { logger } from "matrix-js-sdk/src/logger";

import { initClient } from "../utils/matrix";
import { type Session } from "../ClientContext";
import { Config } from "../config/Config";
import { widget } from "../widget";

export const useInteractiveRegistration = (
  oldClient?: MatrixClient,
): {
  privacyPolicyUrl?: string;
  recaptchaKey?: string;
  register: (
    username: string,
    password: string,
    displayName: string,
    recaptchaResponse: string,
    passwordlessUser: boolean,
  ) => Promise<[MatrixClient, Session]>;
} => {
  const [privacyPolicyUrl, setPrivacyPolicyUrl] = useState<string | undefined>(
    undefined,
  );
  const [recaptchaKey, setRecaptchaKey] = useState<string | undefined>(
    undefined,
  );

  const authClient = useRef<MatrixClient | undefined>(undefined);
  if (!authClient.current) {
    authClient.current = createClient({
      baseUrl: Config.defaultHomeserverUrl()!,
    });
  }

  useEffect(() => {
    if (widget) return;
    // An empty registerRequest is used to get the privacy policy and recaptcha key.
    authClient.current!.registerRequest({}).catch((error) => {
      setPrivacyPolicyUrl(
        error.data?.params["m.login.terms"]?.policies?.privacy_policy?.en?.url,
      );
      setRecaptchaKey(error.data?.params["m.login.recaptcha"]?.public_key);
    });
  }, []);

  const register = useCallback(
    async (
      username: string,
      password: string,
      displayName: string,
      recaptchaResponse: string,
      passwordlessUser: boolean,
    ): Promise<[MatrixClient, Session]> => {
      const interactiveAuth = new InteractiveAuth({
        matrixClient: authClient.current!,
        doRequest: async (auth): Promise<RegisterResponse> =>
          authClient.current!.registerRequest({
            username,
            password,
            auth: auth || undefined,
          }),
        stateUpdated: (nextStage, status): void => {
          if (status.error) {
            throw new Error(status.error);
          }

          if (nextStage === "m.login.terms") {
            interactiveAuth
              .submitAuthDict({
                type: "m.login.terms",
              })
              .catch((e) => {
                logger.error(e);
              });
          } else if (nextStage === "m.login.recaptcha") {
            interactiveAuth
              .submitAuthDict({
                type: "m.login.recaptcha",
                response: recaptchaResponse,
              })
              .catch((e) => {
                logger.error(e);
              });
          }
        },
        requestEmailToken: async (): Promise<{ sid: string }> =>
          Promise.resolve({ sid: "dummy" }),
      });

      // XXX: This claims to return an IAuthData which contains none of these
      // things - the js-sdk types may be wrong?
      /* eslint-disable camelcase,@typescript-eslint/no-explicit-any */
      const { user_id, access_token, device_id } =
        (await interactiveAuth.attemptAuth()) as any;
      await oldClient?.logout(true);
      const client = await initClient(
        {
          baseUrl: Config.defaultHomeserverUrl()!,
          accessToken: access_token,
          userId: user_id,
          deviceId: device_id,
        },
        false,
      );

      await client.setDisplayName(displayName);

      const session: Session = {
        user_id,
        device_id,
        access_token,
        passwordlessUser,
      };
      /* eslint-enable camelcase */

      if (passwordlessUser) {
        session.tempPassword = password;
      }

      const user = client.getUser(client.getUserId()!)!;
      user.setRawDisplayName(displayName);
      user.setDisplayName(displayName);

      return [client, session];
    },
    [oldClient],
  );

  return { privacyPolicyUrl, recaptchaKey, register };
};
Add all the license headers 2022-05-04 17:09:48 +01:00			`/*`
Update file headers copyright and change licence to AGPL-3.0-only 2024-09-06 10:22:13 +02:00			`Copyright 2022-2024 New Vector Ltd.`
Add all the license headers 2022-05-04 17:09:48 +01:00
Update file headers copyright and change licence to AGPL-3.0-only 2024-09-06 10:22:13 +02:00			`SPDX-License-Identifier: AGPL-3.0-only`
			`Please see LICENSE in the repository root for full details.`
Add all the license headers 2022-05-04 17:09:48 +01:00			`*/`

Don't abuse useMemo for creating a MatrixClient 2022-05-31 10:33:10 -04:00			`import { useState, useEffect, useCallback, useRef } from "react";`
Fix app when built in production mode The recent typescripting appears to have caused the typescript compiler to get confused about dependency references and start refwrencing things like CRYPTO_ENABLED in the js-sdk before it's defined them. This avoids using things from the (javascript) browser-index import and instead pulls everything in from the typescript files, then fixes the resulting type failures, (in some cases with hacks). 2022-06-01 15:55:02 +01:00			`import { InteractiveAuth } from "matrix-js-sdk/src/interactive-auth";`
Fix lints 2024-06-04 11:20:25 -04:00			`import {`
			`createClient,`
Enable @typescript-eslint/consistent-type-imports lint rule (#2886) * Enable @typescript-eslint/consistent-type-imports lint rule This is to help ensure that we get proper vite/rollup lazy loading by not `import`ing more than we need to. Revert "Enable @typescript-eslint/consistent-type-imports lint rule" This reverts commit ba385fa00b7e410cc508fd5fb9fe972233ae114f. Enable @typescript-eslint/consistent-type-imports lint rule This is to help ensure that we get proper vite/rollup lazy loading by not `import`ing more than we need to. . * Format 2024-12-11 09:27:55 +00:00			`type MatrixClient,`
			`type RegisterResponse,`
Fix lints 2024-06-04 11:20:25 -04:00			`} from "matrix-js-sdk/src/matrix";`
Enable lint rules for Promise handling to discourage misuse of them. (#2607) * Enable lint rules for Promise handling to discourage misuse of them. Squashed all of Hugh's commits into one. --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> 2024-09-10 09:49:35 +02:00			`import { logger } from "matrix-js-sdk/src/logger";`
Clean up old auth logic 2022-01-05 16:47:53 -08:00
Clean up our tests in preparation for the testing sprint (#2466) * Fix coverage reporting Codecov hasn't been working recently because Vitest doesn't report coverage by default. * Suppress some noisy log lines Closes https://github.com/element-hq/element-call/issues/686 * Store test files alongside source files This way we benefit from not having to maintain the same directory structure twice, and our linters etc. will actually lint test files by default. * Stop using Vitest globals Vitest provides globals primarily to make the transition from Jest more smooth. But importing its functions explicitly is considered a better pattern, and we have so few tests right now that it's trivial to migrate them all. * Remove Storybook directory We no longer use Storybook. * Configure Codecov Add a coverage gate for all new changes and disable its comments. * upgrade vitest --------- Co-authored-by: Timo <toger5@hotmail.de> 2024-08-27 09:45:39 -04:00			`import { initClient } from "../utils/matrix";`
Enable @typescript-eslint/consistent-type-imports lint rule (#2886) * Enable @typescript-eslint/consistent-type-imports lint rule This is to help ensure that we get proper vite/rollup lazy loading by not `import`ing more than we need to. Revert "Enable @typescript-eslint/consistent-type-imports lint rule" This reverts commit ba385fa00b7e410cc508fd5fb9fe972233ae114f. Enable @typescript-eslint/consistent-type-imports lint rule This is to help ensure that we get proper vite/rollup lazy loading by not `import`ing more than we need to. . * Format 2024-12-11 09:27:55 +00:00			`import { type Session } from "../ClientContext";`
Move default homeserver to config file 2022-12-20 17:26:45 +00:00			`import { Config } from "../config/Config";`
Skip effect based register in widget mode. (#2230) Prohibits error message. Signed-off-by: Timo K <toger5@hotmail.de> 2024-03-01 12:37:42 +01:00			`import { widget } from "../widget";`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00
Fix (registration flow): logout old before creating new client as required by initClient. (#2604) 2024-09-02 21:42:50 +02:00			`export const useInteractiveRegistration = (`
			`oldClient?: MatrixClient,`
			`): {`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`privacyPolicyUrl?: string;`
			`recaptchaKey?: string;`
Add EULA config Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com> 2023-07-06 08:53:57 +02:00			`register: (`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`username: string,`
			`password: string,`
			`displayName: string,`
			`recaptchaResponse: string,`
Format code 2023-10-11 10:42:04 -04:00			`passwordlessUser: boolean,`
Add EULA config Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com> 2023-07-06 08:53:57 +02:00			`) => Promise<[MatrixClient, Session]>;`
			`} => {`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`const [privacyPolicyUrl, setPrivacyPolicyUrl] = useState<string \| undefined>(`
Format code 2023-10-11 10:42:04 -04:00			`undefined,`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`);`
			`const [recaptchaKey, setRecaptchaKey] = useState<string \| undefined>(`
Format code 2023-10-11 10:42:04 -04:00			`undefined,`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`);`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00
Type fixes for react v19 compatibility (#2937) 2025-01-13 14:54:42 +00:00			`const authClient = useRef<MatrixClient \| undefined>(undefined);`
Don't abuse useMemo for creating a MatrixClient 2022-05-31 10:33:10 -04:00			`if (!authClient.current) {`
Move default homeserver to config file 2022-12-20 17:26:45 +00:00			`authClient.current = createClient({`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`baseUrl: Config.defaultHomeserverUrl()!,`
Move default homeserver to config file 2022-12-20 17:26:45 +00:00			`});`
Don't abuse useMemo for creating a MatrixClient 2022-05-31 10:33:10 -04:00			`}`
Clean up old auth logic 2022-01-05 16:47:53 -08:00
			`useEffect(() => {`
Skip effect based register in widget mode. (#2230) Prohibits error message. Signed-off-by: Timo K <toger5@hotmail.de> 2024-03-01 12:37:42 +01:00			`if (widget) return;`
Theme loading without flickering (#2233) 2024-03-13 14:58:21 +01:00			`// An empty registerRequest is used to get the privacy policy and recaptcha key.`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`authClient.current!.registerRequest({}).catch((error) => {`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`setPrivacyPolicyUrl(`
Format code 2023-10-11 10:42:04 -04:00			`error.data?.params["m.login.terms"]?.policies?.privacy_policy?.en?.url,`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`);`
			`setRecaptchaKey(error.data?.params["m.login.recaptcha"]?.public_key);`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`});`
Don't abuse useMemo for creating a MatrixClient 2022-05-31 10:33:10 -04:00			`}, []);`
Clean up old auth logic 2022-01-05 16:47:53 -08:00
			`const register = useCallback(`
New incremental auth 2022-02-15 12:46:58 -08:00			`async (`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`username: string,`
			`password: string,`
			`displayName: string,`
			`recaptchaResponse: string,`
Format code 2023-10-11 10:42:04 -04:00			`passwordlessUser: boolean,`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`): Promise<[MatrixClient, Session]> => {`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`const interactiveAuth = new InteractiveAuth({`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`matrixClient: authClient.current!,`
Enable lint rules for Promise handling to discourage misuse of them. (#2607) * Enable lint rules for Promise handling to discourage misuse of them. Squashed all of Hugh's commits into one. --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> 2024-09-10 09:49:35 +02:00			`doRequest: async (auth): Promise<RegisterResponse> =>`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`authClient.current!.registerRequest({`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`username,`
			`password,`
			`auth: auth \|\| undefined,`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`}),`
Upgrade eslint-plugin-matrix-org to 1.2.1 This upgrade came with a number of new lints that needed to be fixed across the code base. Primarily: explicit return types on functions, and explicit visibility modifiers on class members. 2023-09-22 18:05:13 -04:00			`stateUpdated: (nextStage, status): void => {`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`if (status.error) {`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`throw new Error(status.error);`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`}`

			`if (nextStage === "m.login.terms") {`
Enable lint rules for Promise handling to discourage misuse of them. (#2607) * Enable lint rules for Promise handling to discourage misuse of them. Squashed all of Hugh's commits into one. --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> 2024-09-10 09:49:35 +02:00			`interactiveAuth`
			`.submitAuthDict({`
			`type: "m.login.terms",`
			`})`
			`.catch((e) => {`
			`logger.error(e);`
			`});`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`} else if (nextStage === "m.login.recaptcha") {`
Enable lint rules for Promise handling to discourage misuse of them. (#2607) * Enable lint rules for Promise handling to discourage misuse of them. Squashed all of Hugh's commits into one. --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> 2024-09-10 09:49:35 +02:00			`interactiveAuth`
			`.submitAuthDict({`
			`type: "m.login.recaptcha",`
			`response: recaptchaResponse,`
			`})`
			`.catch((e) => {`
			`logger.error(e);`
			`});`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`}`
			`},`
Enable lint rules for Promise handling to discourage misuse of them. (#2607) * Enable lint rules for Promise handling to discourage misuse of them. Squashed all of Hugh's commits into one. --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> 2024-09-10 09:49:35 +02:00			`requestEmailToken: async (): Promise<{ sid: string }> =>`
			`Promise.resolve({ sid: "dummy" }),`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`});`

Fix app when built in production mode The recent typescripting appears to have caused the typescript compiler to get confused about dependency references and start refwrencing things like CRYPTO_ENABLED in the js-sdk before it's defined them. This avoids using things from the (javascript) browser-index import and instead pulls everything in from the typescript files, then fixes the resulting type failures, (in some cases with hacks). 2022-06-01 15:55:02 +01:00			`// XXX: This claims to return an IAuthData which contains none of these`
			`// things - the js-sdk types may be wrong?`
Disable typescript warnings 2022-06-01 16:05:58 +01:00			`/* eslint-disable camelcase,@typescript-eslint/no-explicit-any */`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`const { user_id, access_token, device_id } =`
Fix app when built in production mode The recent typescripting appears to have caused the typescript compiler to get confused about dependency references and start refwrencing things like CRYPTO_ENABLED in the js-sdk before it's defined them. This avoids using things from the (javascript) browser-index import and instead pulls everything in from the typescript files, then fixes the resulting type failures, (in some cases with hacks). 2022-06-01 15:55:02 +01:00			`(await interactiveAuth.attemptAuth()) as any;`
Fix (registration flow): logout old before creating new client as required by initClient. (#2604) 2024-09-02 21:42:50 +02:00			`await oldClient?.logout(true);`
Don't restore session unless crypto data is found Add a check to ensure that we find crypto data in the crypto store when we're restoring a session and otherwise abort the session restore. This will prevent us from restoring a session and generating new keys when there was a previous session with different keys. *This will force a logout for all users* See the linked issue (and the comment in code) for more detail. Fixes https://github.com/vector-im/element-call/issues/464 2022-07-14 13:07:30 +01:00			`const client = await initClient(`
			`{`
Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`baseUrl: Config.defaultHomeserverUrl()!,`
Don't restore session unless crypto data is found Add a check to ensure that we find crypto data in the crypto store when we're restoring a session and otherwise abort the session restore. This will prevent us from restoring a session and generating new keys when there was a previous session with different keys. *This will force a logout for all users* See the linked issue (and the comment in code) for more detail. Fixes https://github.com/vector-im/element-call/issues/464 2022-07-14 13:07:30 +01:00			`accessToken: access_token,`
			`userId: user_id,`
			`deviceId: device_id,`
			`},`
Format code 2023-10-11 10:42:04 -04:00			`false,`
Don't restore session unless crypto data is found Add a check to ensure that we find crypto data in the crypto store when we're restoring a session and otherwise abort the session restore. This will prevent us from restoring a session and generating new keys when there was a previous session with different keys. *This will force a logout for all users* See the linked issue (and the comment in code) for more detail. Fixes https://github.com/vector-im/element-call/issues/464 2022-07-14 13:07:30 +01:00			`);`
Clean up old auth logic 2022-01-05 16:47:53 -08:00
New incremental auth 2022-02-15 12:46:58 -08:00			`await client.setDisplayName(displayName);`
Fix registration display name 2022-01-18 13:41:14 -08:00
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`const session: Session = {`
			`user_id,`
			`device_id,`
			`access_token,`
			`passwordlessUser,`
			`};`
			`/* eslint-enable camelcase */`
Clean up old auth logic 2022-01-05 16:47:53 -08:00
			`if (passwordlessUser) {`
			`session.tempPassword = password;`
			`}`

Enable strict lints An attempt to fix https://github.com/vector-im/element-call/issues/1132 2023-06-30 16:43:28 +01:00			`const user = client.getUser(client.getUserId()!)!;`
Set display name after interactive registration 2022-03-02 19:12:18 -08:00			`user.setRawDisplayName(displayName);`
			`user.setDisplayName(displayName);`

Don't leave UnauthenticatedView if there was a room creation error 2022-05-17 12:34:05 -04:00			`return [client, session];`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`},`
Fix (registration flow): logout old before creating new client as required by initClient. (#2604) 2024-09-02 21:42:50 +02:00			`[oldClient],`
Clean up old auth logic 2022-01-05 16:47:53 -08:00			`);`

Add EULA config Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com> 2023-07-06 08:53:57 +02:00			`return { privacyPolicyUrl, recaptchaKey, register };`
TypeScriptify useInteractiveRegistration 2022-05-27 16:08:03 -04:00			`};`