Load server configuration

Add QrCode authentication
2025-07-07 21:36:35 +02:00 · 2025-07-07 19:44:44 +02:00
19 changed files with 344 additions and 46 deletions
--- a/docker_prod/docker-compose.yml
+++ b/docker_prod/docker-compose.yml
@@ -76,4 +76,5 @@ services:
      - S3_ACCESS_KEY=$MINIO_ROOT_USER
      - S3_SECRET_KEY=$MINIO_ROOT_PASSWORD
      - REDIS_HOSTNAME=redis
-      - REDIS_PASSWORD=${REDIS_PASS:-secretredis}
+      - REDIS_PASSWORD=${REDIS_PASS:-secretredis}
+      - UNSECURE_AUTO_LOGIN_EMAIL=$UNSECURE_AUTO_LOGIN_EMAIL
--- a/moneymgr_mobile/devtools_options.yaml
+++ b/moneymgr_mobile/devtools_options.yaml
@@ -0,0 +1,3 @@
+description: This file stores settings for Dart & Flutter DevTools.
+documentation: https://docs.flutter.dev/tools/devtools/extensions#configure-extension-enablement-states
+extensions:
--- a/moneymgr_mobile/lib/providers/auth_state.dart
+++ b/moneymgr_mobile/lib/providers/auth_state.dart
@@ -1,6 +1,7 @@
 import 'package:moneymgr_mobile/services/api/api_client.dart';
 import 'package:moneymgr_mobile/services/api/api_token.dart';
 import 'package:moneymgr_mobile/services/api/auth_api.dart';
+import 'package:moneymgr_mobile/services/storage/prefs.dart';
 import 'package:moneymgr_mobile/services/storage/secure_storage.dart';
 import 'package:riverpod_annotation/riverpod_annotation.dart';

@@ -25,7 +26,10 @@ class CurrentAuthState extends _$CurrentAuthState {
  /// Will invalidate the state if success and throw an exception in case of failure
  Future<void> setAuthToken(ApiToken token) async {
    // Attempt to use provided token
-    await ApiClient(token: token).authInfo();
+    await ApiClient(
+      token: token,
+      prefs: await ref.watch(prefsProvider.future),
+    ).authInfo();

    final secureStorage = ref.read(secureStorageProvider).requireValue;
    await secureStorage.setToken(token);
@@ -37,19 +41,13 @@ class CurrentAuthState extends _$CurrentAuthState {

  /// Logs out, deletes the saved token and profile info from storage, and invalidates
  /// the state.
-  void logout() {
-    // TODO : implement logic
-    /*final secureStorage = ref.read(secureStorageProvider).requireValue;
-
-    // Delete the current [token] and [profile] from secure storage.
-    secureStorage.remove('token');
+  Future<void> logout() async {
+    final secureStorage = ref.read(secureStorageProvider).requireValue;
+    await secureStorage.removeToken();

    ref
-    // Invalidate the state so the auth state will be updated to unauthenticated.
-      ..invalidateSelf()
-    // Invalidate the token provider so the API service will no longer use the
-    // previous token.
-      ..invalidate(tokenProvider);*/
+    // Invalidate the state so the auth state will be updated to authenticated.
+        .invalidateSelf();
  }
 }

@@ -58,7 +56,7 @@ enum AuthState {
  unknown(redirectPath: homePage, allowedPaths: [homePage]),
  unauthenticated(
    redirectPath: authPage,
-    allowedPaths: [authPage, manualAuthPage, settingsPage],
+    allowedPaths: [authPage, qrAuthPath, manualAuthPage, settingsPage],
  ),
  authenticated(
    redirectPath: homePage,
--- a/moneymgr_mobile/lib/routes/login/base_auth_page.dart
+++ b/moneymgr_mobile/lib/routes/login/base_auth_page.dart
@@ -35,12 +35,14 @@ class BaseAuthPage extends StatelessWidget {
        ],
      ),
      body: SingleChildScrollView(
-        child: SeparatedColumn(
-          padding: EdgeInsets.all(context.gutter),
-          separatorBuilder: () => const Gutter(),
-          mainAxisAlignment: MainAxisAlignment.center,
-          crossAxisAlignment: CrossAxisAlignment.stretch,
-          children: children,
+        child: IntrinsicHeight(
+          child: SeparatedColumn(
+            padding: EdgeInsets.all(context.gutter),
+            separatorBuilder: () => const Gutter(),
+            mainAxisAlignment: MainAxisAlignment.center,
+            crossAxisAlignment: CrossAxisAlignment.stretch,
+            children: children,
+          ),
        ),
      ),
    );
--- a/moneymgr_mobile/lib/routes/login/login_screen.dart
+++ b/moneymgr_mobile/lib/routes/login/login_screen.dart
@@ -24,7 +24,7 @@ class LoginScreen extends HookConsumerWidget {
          label: "Enter manually authentication information",
        ),
        _LoginChoice(
-          route: manualAuthPage,
+          route: qrAuthPath,
          icon: Icons.qr_code_2,
          label: "Scan authentication Qr Code",
        ),
--- a/moneymgr_mobile/lib/routes/login/qr_auth_screen.dart
+++ b/moneymgr_mobile/lib/routes/login/qr_auth_screen.dart
@@ -0,0 +1,80 @@
+import 'package:flutter/material.dart';
+import 'package:flutter_hooks/flutter_hooks.dart';
+import 'package:go_router/go_router.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:logging/logging.dart';
+import 'package:mobile_scanner/mobile_scanner.dart';
+import 'package:moneymgr_mobile/providers/auth_state.dart';
+import 'package:moneymgr_mobile/services/api/api_token.dart';
+import 'package:moneymgr_mobile/services/router/routes_list.dart';
+import 'package:moneymgr_mobile/utils/extensions.dart';
+
+class QrAuthScreen extends HookConsumerWidget {
+  const QrAuthScreen({super.key});
+
+  @override
+  Widget build(BuildContext context, WidgetRef ref) {
+    final loading = useState(false);
+
+    handleCapture(BarcodeCapture barcodes) async {
+      if (loading.value) return;
+
+      if (barcodes.barcodes.length != 1) return;
+      final b = barcodes.barcodes[0];
+
+      if (b.format != BarcodeFormat.qrCode) {
+        context.showTextSnackBar(
+          "Only QrCode are supported!",
+          duration: Duration(seconds: 1),
+        );
+        return;
+      }
+
+      final value = b.rawValue ?? "";
+
+      Logger.root.finest("Decoded QrCode: $value");
+
+      if (!value.startsWith("moneymgr://")) {
+        context.showTextSnackBar(
+          "Not a MoneyMgr Qr Code!",
+          duration: Duration(seconds: 1),
+        );
+        return;
+      }
+
+      // Decode token
+      final uri = Uri.parse(
+        value.replaceFirst("moneymgr://", "http://test.com/?"),
+      );
+      final token = ApiToken(
+        apiUrl: uri.queryParameters["api"] ?? "",
+        tokenId: int.tryParse(uri.queryParameters["id"] ?? "") ?? 0,
+        tokenValue: uri.queryParameters["secret"] ?? "",
+      );
+
+      // Attempt to authenticate using token
+      try {
+        loading.value = true;
+
+        await ref.read(currentAuthStateProvider.notifier).setAuthToken(token);
+
+        if (context.mounted) {
+          if (context.canPop()) context.pop();
+          context.replace(profilePage);
+        }
+      } catch (e, s) {
+        Logger.root.severe("Failed to authenticate user! $e $s");
+        if (context.mounted) {
+          context.showTextSnackBar("Failed to authenticate user! $e");
+        }
+      } finally {
+        loading.value = false;
+      }
+    }
+
+    return Scaffold(
+      appBar: AppBar(title: Text('QR Authentication')),
+      body: MobileScanner(onDetect: handleCapture),
+    );
+  }
+}
--- a/moneymgr_mobile/lib/routes/profile/profile_screen.dart
+++ b/moneymgr_mobile/lib/routes/profile/profile_screen.dart
@@ -0,0 +1,14 @@
+import 'package:flutter/material.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:moneymgr_mobile/services/storage/prefs.dart';
+
+class ProfileScreen extends HookConsumerWidget {
+  const ProfileScreen({super.key});
+
+  @override
+  Widget build(BuildContext context, WidgetRef ref) {
+    final data = ref.watch(prefsProvider);
+    if (data.value == null) return CircularProgressIndicator();
+    return Text("dd\n\n\n${data.value!.serverConfig()}");
+  }
+}
--- a/moneymgr_mobile/lib/services/api/api_client.dart
+++ b/moneymgr_mobile/lib/services/api/api_client.dart
@@ -2,8 +2,11 @@ import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';
 import 'package:dio/dio.dart';
 import 'package:hooks_riverpod/hooks_riverpod.dart';
 import 'package:moneymgr_mobile/services/api/api_token.dart';
+import 'package:moneymgr_mobile/services/storage/prefs.dart';
+import 'package:moneymgr_mobile/services/storage/secure_storage.dart';
 import 'package:moneymgr_mobile/utils/string_utils.dart';
 import 'package:riverpod_annotation/riverpod_annotation.dart';
+import 'package:shared_preferences/shared_preferences.dart';

 part 'api_client.g.dart';

@@ -14,8 +17,9 @@ const apiTokenHeader = "X-Auth-Token";
 class ApiClient {
  final ApiToken token;
  final Dio client;
+  final SharedPreferencesWithCache prefs;

-  ApiClient({required this.token})
+  ApiClient({required this.token, required this.prefs})
    : client = Dio(BaseOptions(baseUrl: token.apiUrl));

  /// Get Dio instance
@@ -54,19 +58,14 @@ class ApiClient {
 /// The API client is kept alive to follow dio's recommendation to use the same
 /// client instance for the entire app.
@riverpod
-ApiClient apiService(Ref ref) {
-  /*final token = ref.watch(currentAuthStateProvider);
+ApiClient? apiService(Ref ref) {
+  final storage = ref.watch(secureStorageProvider);
+  final prefs = ref.watch(prefsProvider);

-  final ApiClient client;
+  final t = storage.value?.token();
+  if (t == null || prefs.value == null) return null;

-  const mock = bool.fromEnvironment('MOCK_API', defaultValue: false);
-  client = switch (mock) {
-    true =>
-    token != null ? MockedApiClient.withToken(token) : MockedApiClient(),
-    false => token != null ? ApiClient.withToken(token) : ApiClient(),
-  };
  ref.keepAlive();

-  return client;*/
-  throw Exception("TODO"); // TODO
+  return ApiClient(token: t, prefs: prefs.value!);
 }
--- a/moneymgr_mobile/lib/services/api/server_api.dart
+++ b/moneymgr_mobile/lib/services/api/server_api.dart
@@ -0,0 +1,72 @@
+// ignore_for_file: non_constant_identifier_names
+
+import 'package:freezed_annotation/freezed_annotation.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:logging/logging.dart';
+import 'package:moneymgr_mobile/services/storage/prefs.dart';
+import 'package:riverpod_annotation/riverpod_annotation.dart';
+
+import 'api_client.dart';
+
+part 'server_api.freezed.dart';
+part 'server_api.g.dart';
+
+@freezed
+abstract class ServerConstraint with _$ServerConstraint {
+  const factory ServerConstraint({required int min, required int max}) =
+      _ServerConstraint;
+
+  factory ServerConstraint.fromJson(Map<String, dynamic> json) =>
+      _$ServerConstraintFromJson(json);
+}
+
+@freezed
+abstract class ServerConstraints with _$ServerConstraints {
+  const factory ServerConstraints({required ServerConstraint inbox_entry_label}) =
+  _ServerConstraints;
+
+  factory ServerConstraints.fromJson(Map<String, dynamic> json) =>
+      _$ServerConstraintsFromJson(json);
+}
+
+@freezed
+abstract class ServerConfig with _$ServerConfig {
+  const factory ServerConfig({required ServerConstraints constraints}) =
+      _ServerConfig;
+
+  factory ServerConfig.fromJson(Map<String, dynamic> json) =>
+      _$ServerConfigFromJson(json);
+}
+
+/// Auth API
+extension ServerApi on ApiClient {
+  /// Get authentication information from server
+  Future<ServerConfig> serverConfig() async {
+    final response = await execute("/server/config", method: "GET");
+    return ServerConfig.fromJson(response.data);
+  }
+
+
+}
+
+/// Get authentication information from server, or retrieve cached information (if available, in
+/// case of failure)
+@riverpod
+Future<ServerConfig> serverConfigOrCache(Ref ref) async {
+  final client = ref.watch(apiServiceProvider)!;
+  try {
+    final config = await client.serverConfig();
+    client.prefs.setServerConfig(config);
+    return config;
+  } catch (e, s) {
+    Logger.root.warning("Failed to fetch server configuration! $e $s");
+  }
+
+  final cached = client.prefs.serverConfig();
+  if (cached == null) {
+    throw Exception(
+      "Could not fetch server configuration, cached version is unavailable!",
+    );
+  }
+  return cached;
+}
--- a/moneymgr_mobile/lib/services/router/router.dart
+++ b/moneymgr_mobile/lib/services/router/router.dart
@@ -4,8 +4,11 @@ import 'package:hooks_riverpod/hooks_riverpod.dart';
 import 'package:moneymgr_mobile/providers/auth_state.dart';
 import 'package:moneymgr_mobile/routes/login/login_screen.dart';
 import 'package:moneymgr_mobile/routes/login/manual_auth_screen.dart';
+import 'package:moneymgr_mobile/routes/login/qr_auth_screen.dart';
+import 'package:moneymgr_mobile/routes/profile/profile_screen.dart';
 import 'package:moneymgr_mobile/routes/settings/settings_screen.dart';
 import 'package:moneymgr_mobile/services/router/routes_list.dart';
+import 'package:moneymgr_mobile/widgets/loaders/load_server_config.dart';
 import 'package:moneymgr_mobile/widgets/scaffold_with_navigation.dart';
 import 'package:riverpod_annotation/riverpod_annotation.dart';

@@ -48,7 +51,7 @@ GoRouter router(Ref ref) {
    ),
    NavigationItem(
      path: profilePage,
-      body: (_) => const Text("Profile"),
+      body: (_) => ProfileScreen(),
      icon: Icons.person_outline,
      selectedIcon: Icons.person,
      label: 'Profile',
@@ -61,6 +64,7 @@ GoRouter router(Ref ref) {
    routes: [
      GoRoute(path: homePage, builder: (_, __) => const Scaffold()),
      GoRoute(path: authPage, builder: (_, __) => const LoginScreen()),
+      GoRoute(path: qrAuthPath, builder: (_, __) => const QrAuthScreen()),
      GoRoute(
        path: manualAuthPage,
        builder: (_, __) => const ManualAuthScreen(),
@@ -77,10 +81,12 @@ GoRouter router(Ref ref) {
            GoRoute(
              path: item.path,
              pageBuilder: (context, _) => NoTransitionPage(
-                child: ScaffoldWithNavigation(
-                  selectedIndex: index,
-                  navigationItems: navigationItems,
-                  child: item.body(context),
+                child: LoadServerConfig(
+                  child: ScaffoldWithNavigation(
+                    selectedIndex: index,
+                    navigationItems: navigationItems,
+                    child: item.body(context),
+                  ),
                ),
              ),
              routes: item.routes,
--- a/moneymgr_mobile/lib/services/router/routes_list.dart
+++ b/moneymgr_mobile/lib/services/router/routes_list.dart
@@ -4,6 +4,9 @@ const homePage = "/";
 /// Authentication path
 const authPage = "/login";

+/// Qr Code authentication
+const qrAuthPath = "/login/qr";
+
 /// Manual authentication
 const manualAuthPage = "/login/manual";

--- a/moneymgr_mobile/lib/services/storage/prefs.dart
+++ b/moneymgr_mobile/lib/services/storage/prefs.dart
@@ -1,4 +1,7 @@
+import 'dart:convert';
+
 import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:moneymgr_mobile/services/api/server_api.dart';
 import 'package:riverpod_annotation/riverpod_annotation.dart';
 import 'package:shared_preferences/shared_preferences.dart';

@@ -9,3 +12,19 @@ Future<SharedPreferencesWithCache> prefs(Ref ref) =>
    SharedPreferencesWithCache.create(
      cacheOptions: const SharedPreferencesWithCacheOptions(),
    );
+
+extension MoneyMgrSharedPreferences on SharedPreferencesWithCache {
+  ServerConfig? serverConfig() {
+    final json = getString("serverConfig");
+    if (json != null) return ServerConfig.fromJson(jsonDecode(json));
+    return null;
+  }
+
+  Future<void> setServerConfig(ServerConfig config) async {
+    await setString("serverConfig", jsonEncode(config));
+  }
+
+  Future<void> clearServerConfig() async {
+    await remove("serverConfig");
+  }
+}
--- a/moneymgr_mobile/lib/services/storage/secure_storage.dart
+++ b/moneymgr_mobile/lib/services/storage/secure_storage.dart
@@ -51,6 +51,7 @@ class SecureStorage {
    if (tokenStr != null) {
      return ApiToken.fromJson(jsonDecode(tokenStr));
    }
+    return null;
  }

  /// Set auth token
--- a/moneymgr_mobile/lib/utils/extensions.dart
+++ b/moneymgr_mobile/lib/utils/extensions.dart
@@ -15,18 +15,21 @@ extension BuildContextX on BuildContext {

  /// Shows a floating snack bar with text as its content.
  ScaffoldFeatureController<SnackBar, SnackBarClosedReason> showTextSnackBar(
-      String text,
-      ) =>
-      ScaffoldMessenger.of(this).showSnackBar(SnackBar(
-        behavior: SnackBarBehavior.floating,
-        content: Text(text),
-      ));
+    String text, {
+    Duration? duration,
+  }) => ScaffoldMessenger.of(this).showSnackBar(
+    SnackBar(
+      behavior: SnackBarBehavior.floating,
+      content: Text(text),
+      duration: duration ?? Duration(milliseconds: 4000),
+    ),
+  );

  void showAppLicensePage() => showLicensePage(
    context: this,
    useRootNavigator: true,
    applicationName: 'MoneyMgr',
-    applicationLegalese: '(c) Pierre HUBERT 2025 - ${DateTime.now().year}'
+    applicationLegalese: '(c) Pierre HUBERT 2025 - ${DateTime.now().year}',
  );
 }

--- a/moneymgr_mobile/lib/widgets/full_screen_error.dart
+++ b/moneymgr_mobile/lib/widgets/full_screen_error.dart
@@ -0,0 +1,49 @@
+import 'package:flutter/material.dart';
+
+class FullScreenError extends StatelessWidget {
+  final String message;
+  final String error;
+  final List<Widget>? actions;
+
+  const FullScreenError({
+    super.key,
+    required this.message,
+    required this.error,
+    this.actions,
+  });
+
+  @override
+  Widget build(BuildContext context) {
+    return Scaffold(
+      appBar: AppBar(title: Text("Error")),
+      body: Padding(
+        padding: const EdgeInsets.all(8.0),
+        child: Column(
+          mainAxisAlignment: MainAxisAlignment.center,
+          children: [
+            Card(
+              elevation: 2,
+              color: Colors.red,
+              child: Padding(
+                padding: const EdgeInsets.all(8.0),
+                child: Column(
+                  children: [
+                    Text(
+                      message,
+                      style: TextStyle(color: Colors.white, fontSize: 20),
+                    ),
+                    Text(error, style: TextStyle(color: Colors.white)),
+                  ],
+                ),
+              ),
+            ),
+            Row(
+              mainAxisAlignment: MainAxisAlignment.center,
+              children: actions ?? [],
+            ),
+          ],
+        ),
+      ),
+    );
+  }
+}
--- a/moneymgr_mobile/lib/widgets/loaders/load_server_config.dart
+++ b/moneymgr_mobile/lib/widgets/loaders/load_server_config.dart
@@ -0,0 +1,35 @@
+import 'package:flutter/material.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:moneymgr_mobile/providers/auth_state.dart';
+import 'package:moneymgr_mobile/services/api/server_api.dart';
+import 'package:moneymgr_mobile/widgets/full_screen_error.dart';
+
+class LoadServerConfig extends HookConsumerWidget {
+  final Widget child;
+
+  const LoadServerConfig({super.key, required this.child});
+
+  @override
+  Widget build(BuildContext context, WidgetRef ref) {
+    final serverConfig = ref.watch(serverConfigOrCacheProvider);
+
+    handleSignOut() {
+      ref.watch(currentAuthStateProvider.notifier).logout();
+    }
+
+    return switch (serverConfig) {
+      AsyncData() => child,
+      AsyncError(:final error) => FullScreenError(
+        message: "Failed to load server configuration!",
+        error: error.toString(),
+        actions: [
+          MaterialButton(
+            onPressed: handleSignOut,
+            child: Text("Sign out".toUpperCase()),
+          ),
+        ],
+      ),
+      _ => const Scaffold(body: Center(child: CircularProgressIndicator())),
+    };
+  }
+}
--- a/moneymgr_mobile/macos/Flutter/GeneratedPluginRegistrant.swift
+++ b/moneymgr_mobile/macos/Flutter/GeneratedPluginRegistrant.swift
@@ -6,11 +6,13 @@ import FlutterMacOS
 import Foundation

 import flutter_secure_storage_macos
+import mobile_scanner
 import path_provider_foundation
 import shared_preferences_foundation

 func RegisterGeneratedPlugins(registry: FlutterPluginRegistry) {
  FlutterSecureStoragePlugin.register(with: registry.registrar(forPlugin: "FlutterSecureStoragePlugin"))
+  MobileScannerPlugin.register(with: registry.registrar(forPlugin: "MobileScannerPlugin"))
  PathProviderPlugin.register(with: registry.registrar(forPlugin: "PathProviderPlugin"))
  SharedPreferencesPlugin.register(with: registry.registrar(forPlugin: "SharedPreferencesPlugin"))
 }
--- a/moneymgr_mobile/pubspec.lock
+++ b/moneymgr_mobile/pubspec.lock
@@ -632,6 +632,14 @@ packages:
      url: "https://pub.dev"
    source: hosted
    version: "2.0.0"
+  mobile_scanner:
+    dependency: "direct main"
+    description:
+      name: mobile_scanner
+      sha256: "54005bdea7052d792d35b4fef0f84ec5ddc3a844b250ecd48dc192fb9b4ebc95"
+      url: "https://pub.dev"
+    source: hosted
+    version: "7.0.1"
  package_config:
    dependency: transitive
    description:
@@ -1071,4 +1079,4 @@ packages:
    version: "3.1.3"
 sdks:
  dart: ">=3.8.1 <4.0.0"
-  flutter: ">=3.27.0"
+  flutter: ">=3.29.0"
--- a/moneymgr_mobile/pubspec.yaml
+++ b/moneymgr_mobile/pubspec.yaml
@@ -73,6 +73,9 @@ dependencies:
  # API requests
  dio: ^5.8.0+1

+  # Qr Code library
+  mobile_scanner: ^7.0.1
+
 dev_dependencies:
  flutter_test:
    sdk: flutter
Author	SHA1	Message	Date
Pierre HUBERT	74bb31ecc1	Load server configuration All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/pr Build is passing Details	2025-07-07 21:36:35 +02:00
Pierre HUBERT	0a87ac572b	Add QrCode authentication	2025-07-07 19:44:44 +02:00