Merge branch 'feature/project-finance' of https://github.com/Worklenz/worklenz into feature/project-finance

worklenz-backend/src/controllers/auth-controller.ts

@@ -36,8 +36,18 @@ export default class AuthController extends WorklenzControllerBase {
     const auth_error = errors.length > 0 ? errors[0] : null;
     const message = messages.length > 0 ? messages[0] : null;
 
-    const midTitle = req.query.strategy === "login" ? "Login Failed!" : "Signup Failed!";
-    const title = req.query.strategy ? midTitle : null;
+    // Determine title based on authentication status and strategy
+    let title = null;
+    if (req.query.strategy) {
+      if (auth_error) {
+        // Show failure title only when there's an actual error
+        title = req.query.strategy === "login" ? "Login Failed!" : "Signup Failed!";
+      } else if (req.isAuthenticated() && message) {
+        // Show success title when authenticated and there's a success message
+        title = req.query.strategy === "login" ? "Login Successful!" : "Signup Successful!";
+      }
+      // If no error and not authenticated, don't show any title (this might be a redirect without completion)
+    }
 
     if (req.user)
       req.user.build_v = FileConstants.getRelease();

worklenz-backend/src/middlewares/session-middleware.ts

@@ -6,7 +6,7 @@ import { isProduction } from "../shared/utils";
 const pgSession = require("connect-pg-simple")(session);
 
 export default session({
-  name: process.env.SESSION_NAME,
+  name: process.env.SESSION_NAME || "worklenz.sid",
   secret: process.env.SESSION_SECRET || "development-secret-key",
   proxy: false,
   resave: true,

worklenz-backend/src/passport/passport-strategies/passport-local-login.ts

@@ -3,10 +3,16 @@ import { Strategy as LocalStrategy } from "passport-local";
 import { log_error } from "../../shared/utils";
 import db from "../../config/db";
 import { Request } from "express";
+import { ERROR_KEY, SUCCESS_KEY } from "./passport-constants";
 
 async function handleLogin(req: Request, email: string, password: string, done: any) {
+  // Clear any existing flash messages
+  (req.session as any).flash = {};
+
   if (!email || !password) {
-    return done(null, false, { message: "Please enter both email and password" });
+    const errorMsg = "Please enter both email and password";
+    req.flash(ERROR_KEY, errorMsg);
+    return done(null, false);
   }
 
   try {
@@ -20,16 +26,23 @@ async function handleLogin(req: Request, email: string, password: string, done:
     const [data] = result.rows;
 
     if (!data?.password) {
-      return done(null, false, { message: "No account found with this email" });
+      const errorMsg = "No account found with this email";
+      req.flash(ERROR_KEY, errorMsg);
+      return done(null, false);
     }
 
     const passwordMatch = bcrypt.compareSync(password, data.password);
     
     if (passwordMatch && email === data.email) {
       delete data.password;
-      return done(null, data, {message: "User successfully logged in"});
+      const successMsg = "User successfully logged in";
+      req.flash(SUCCESS_KEY, successMsg);
+      return done(null, data);
     }
-    return done(null, false, { message: "Incorrect email or password" });
+    
+    const errorMsg = "Incorrect email or password";
+    req.flash(ERROR_KEY, errorMsg);
+    return done(null, false);
   } catch (error) {
     log_error(error, req.body);
     return done(error);