refactor: update labels and placeholders in login form inputs

Reviewed-on: #55
Reviewed-by: Maximilian Liebmann <lima@noreply.git.dominikstahl.dev>

.env.example

@@ -7,5 +7,3 @@ AUTH_AUTHENTIK_SECRET=
 AUTH_AUTHENTIK_ISSUER=
 
 NEXT_PUBLIC_APP_URL=
-
-MEETUP_SKIP_LOGIN=

.github/workflows/container-scan.yml

@@ -15,7 +15,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
       - name: Build an image from Dockerfile
-        run: docker build -t git.dominikstahl.dev/dhbw-we/meetup:${{ github.sha }} .
+        run: docker buildx build -t meetup_trivy .
 
       - name: Install Trivy
         run: |
@@ -23,8 +23,8 @@ jobs:
 
       - name: Run Trivy vulnerability scanner
         run: |
-          trivy image --exit-code 1 --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed --no-progress --format table git.dominikstahl.dev/dhbw-we/meetup:${{ github.sha }}
-          trivy image --exit-code 1 --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed --no-progress --format json git.dominikstahl.dev/dhbw-we/meetup:${{ github.sha }} > trivy-report.json
+          trivy image --exit-code 1 --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed --no-progress --format table meetup_trivy
+          trivy image --exit-code 1 --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed --no-progress --format json meetup_trivy > trivy-report.json
 
       - name: Upload Trivy report
         uses: forgejo/upload-artifact@v4
@@ -33,6 +33,5 @@ jobs:
 
       - name: Clean up Docker
         run: |
-          docker builder prune -af --keep-storage 2GB
-          docker rmi $(docker images --filter=reference="git.dominikstahl.dev/dhbw-we/meetup:*" -q)
-          docker image prune -f
+          docker buildx prune --filter=until=48h -f
+          docker image rm meetup_trivy

.github/workflows/docker-build.yml

@@ -45,6 +45,7 @@ jobs:
         with:
           push: true
           tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag}}
+          cache-from: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache
 
       - name: Build and push (push_tag)
         uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
@@ -52,6 +53,7 @@ jobs:
         with:
           push: true
           tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag }},git.dominikstahl.dev/${{ env.REPO }}:latest
+          cache-from: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache
 
       - name: Build and push (push_branch)
         uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
@@ -59,8 +61,9 @@ jobs:
         with:
           push: true
           tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag }}
+          cache-from: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache
+          cache-to: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache,mode=max
 
       - name: Clean up Docker
         run: |
-          docker builder prune -af --keep-storage 2GB
-          docker image prune -f
+          docker buildx prune --filter=until=48h -f

.yarnrc.yml

@@ -0,0 +1 @@
+nodeLinker: node-modules

Dockerfile

@@ -4,13 +4,15 @@ FROM node:22-alpine@sha256:ad1aedbcc1b0575074a91ac146d6956476c1f9985994810e4ee02
 FROM base AS deps
 
 WORKDIR /app
-COPY package.json yarn.lock ./
+RUN corepack enable
+COPY package.json yarn.lock .yarnrc.yml ./
 RUN yarn install --frozen-lockfile
 
 # ----- Build -----
 FROM base AS builder
 
 WORKDIR /app
+RUN corepack enable
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .
 RUN yarn build

README.md

@@ -94,10 +94,6 @@ This project is built with a modern tech stack:
 
       # Base URL of your application
       NEXT_PUBLIC_APP_URL="http://localhost:3000"
-
-      # Development: Skip login flow (set to "true" to bypass authentication)
-      # Ensure this is NOT set to "true" in production.
-      MEETUP_SKIP_LOGIN="false"
       ```
 
 4.  **Apply database migrations (Prisma):**
@@ -111,11 +107,20 @@ This project is built with a modern tech stack:
     - (Optional: If you need to generate Prisma Client without running migrations, use `npx prisma generate`)
 
 5.  **Run the development server:**
+
     ```bash
     yarn dev
     ```
+
     Open [http://localhost:3000](http://localhost:3000) in your browser to see the application.
 
+    The test user for the application is:
+
+    ```bash
+    email: test@example.com
+    password: password
+    ```
+
 **Self-Hosting with Docker (Planned):**
 
 - A Docker image and `docker-compose.yml` file will be provided in the future to allow for easy self-hosting of the MeetUP application. This setup will also include database services. Instructions will be updated here once available.

package.json

@@ -26,7 +26,7 @@
     "@radix-ui/react-tabs": "^1.1.11",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "lucide-react": "^0.509.0",
+    "lucide-react": "^0.510.0",
     "next": "15.3.2",
     "next-auth": "^5.0.0-beta.25",
     "next-themes": "^0.4.6",
@@ -38,8 +38,8 @@
     "@eslint/eslintrc": "3.3.1",
     "@tailwindcss/postcss": "4.1.6",
     "@types/node": "22.15.17",
-    "@types/react": "19.1.3",
-    "@types/react-dom": "19.1.3",
+    "@types/react": "19.1.4",
+    "@types/react-dom": "19.1.5",
     "eslint": "9.26.0",
     "eslint-config-next": "15.3.2",
     "eslint-config-prettier": "10.1.5",
@@ -50,5 +50,5 @@
     "tw-animate-css": "1.2.9",
     "typescript": "5.8.3"
   },
-  "packageManager": "yarn@1.22.22+sha1.ac34549e6aa8e7ead463a7407e1c7390f61a6610"
+  "packageManager": "yarn@4.9.1"
 }

src/app/home/page.tsx

@@ -1,4 +1,3 @@
-import { Logout } from '@/components/user/sso-logout-button';
 import { RedirectButton } from '@/components/user/redirect-button';
 import { ThemePicker } from '@/components/user/theme-picker';
 
@@ -8,7 +7,7 @@ export default function Home() {
       <div className='absolute top-4 right-4'>{<ThemePicker />}</div>
       <div>
         <h1>Home</h1>
-        <Logout />
+        <RedirectButton redirectUrl='/logout' buttonText='Logout' />
         <RedirectButton redirectUrl='/settings' buttonText='Settings' />
       </div>
     </div>

src/app/login/page.tsx

@@ -1,4 +1,4 @@
-import { auth } from '@/auth';
+import { auth, providerMap } from '@/auth';
 import SSOLogin from '@/components/user/sso-login-button';
 import LoginForm from '@/components/user/login-form';
 import { redirect } from 'next/navigation';
@@ -35,11 +35,15 @@ export default async function LoginPage() {
             <CardContent className='gap-6 flex flex-col'>
               <LoginForm />
 
-              <hr />
+              {providerMap.length > 0 && <hr />}
 
-              {process.env.AUTH_AUTHENTIK_ISSUER && (
-                <SSOLogin provider='authentik' providerDisplayName='SSO' />
-              )}
+              {providerMap.map((provider) => (
+                <SSOLogin
+                  key={provider.id}
+                  provider={provider.id}
+                  providerDisplayName={provider.name}
+                />
+              ))}
             </CardContent>
           </Card>
         </div>

src/app/logout/page.tsx

@@ -0,0 +1,40 @@
+import { signOut } from '@/auth';
+import { Button } from '@/components/ui/button';
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '@/components/ui/card';
+
+export default function SignOutPage() {
+  return (
+    <div className='flex flex-col items-center justify-center h-screen'>
+      <form
+        action={async () => {
+          'use server';
+          await signOut({ redirectTo: '/login' });
+        }}
+      >
+        <Card className='w-[350px] max-w-screen'>
+          <CardHeader>
+            <CardTitle className='text-lg text-center'>Logout</CardTitle>
+            <CardDescription className='text-center'>
+              Are you sure you want to log out?
+            </CardDescription>
+          </CardHeader>
+          <CardContent className='gap-6 flex flex-col'>
+            <Button
+              className='hover:bg-blue-600 hover:text-white'
+              type='submit'
+              variant='secondary'
+            >
+              Logout
+            </Button>
+          </CardContent>
+        </Card>
+      </form>
+    </div>
+  );
+}

src/app/page.tsx

@@ -1,3 +1,9 @@
-export default function Home() {
-  return <div></div>;
+import { auth } from '@/auth';
+import { redirect } from 'next/navigation';
+
+export default async function Home() {
+  const session = await auth();
+
+  if (!session?.user) redirect('/login');
+  else redirect('/home');
 }

src/auth.ts

@@ -1,13 +1,49 @@
 import NextAuth from 'next-auth';
+
+import type { Provider } from 'next-auth/providers';
+import Credentials from 'next-auth/providers/credentials';
+
 import Authentik from 'next-auth/providers/authentik';
 
+const providers: Provider[] = [
+  !process.env.DISABLE_PASSWORD_LOGIN &&
+    Credentials({
+      credentials: { password: { label: 'Password', type: 'password' } },
+      authorize(c) {
+        if (c.password !== 'password') return null;
+        return {
+          id: 'test',
+          name: 'Test User',
+          email: 'test@example.com',
+        };
+      },
+    }),
+  process.env.AUTH_AUTHENTIK_ID && Authentik,
+].filter(Boolean) as Provider[];
+
+export const providerMap = providers
+  .map((provider) => {
+    if (typeof provider === 'function') {
+      const providerData = provider();
+      return { id: providerData.id, name: providerData.name };
+    } else {
+      return { id: provider.id, name: provider.name };
+    }
+  })
+  .filter((provider) => provider.id !== 'credentials');
+
 export const { handlers, signIn, signOut, auth } = NextAuth({
-  providers: [process.env.AUTH_AUTHENTIK_ISSUER ? Authentik : null].filter(
-    (x) => x !== null,
-  ),
+  providers,
+  session: {
+    strategy: 'jwt',
+  },
+  pages: {
+    signIn: '/login',
+    signOut: '/logout',
+  },
   callbacks: {
-    authorized: async ({ auth }) => {
-      return !!auth;
+    authorized({ auth }) {
+      return !!auth?.user;
     },
   },
 });

src/components/user/login-form.tsx

@@ -1,9 +1,27 @@
+import { signIn } from '@/auth';
 import LabeledInput from '@/components/labeled-input';
 import { Button } from '@/components/ui/button';
+import { AuthError } from 'next-auth';
+import { redirect } from 'next/navigation';
+
+const SIGNIN_ERROR_URL = '/error';
 
 export default function LoginForm() {
   return (
-    <form className='flex flex-col gap-5 w-full'>
+    <form
+      className='flex flex-col gap-5 w-full'
+      action={async (formData) => {
+        'use server';
+        try {
+          await signIn('credentials', formData);
+        } catch (error) {
+          if (error instanceof AuthError) {
+            return redirect(`${SIGNIN_ERROR_URL}?error=${error.type}`);
+          }
+          throw error;
+        }
+      }}
+    >
       <LabeledInput
         type='email'
         label='E-Mail or Username'

src/components/user/sso-logout-button.tsx

@@ -1,18 +0,0 @@
-import { signOut } from '@/auth';
-import { IconButton } from '@/components/icon-button';
-import { faDoorOpen } from '@fortawesome/free-solid-svg-icons';
-
-export function Logout() {
-  return (
-    <form
-      action={async () => {
-        'use server';
-        await signOut({ redirectTo: '/login' });
-      }}
-    >
-      <IconButton type='submit' variant='destructive' icon={faDoorOpen}>
-        Sign Out
-      </IconButton>
-    </form>
-  );
-}

src/middleware.ts

@@ -1,18 +1,4 @@
-import { auth } from '@/auth';
-
-export default auth((req) => {
-  if (
-    !req.auth &&
-    req.nextUrl.pathname !== '/login' &&
-    process.env.MEETUP_SKIP_LOGIN !== 'true'
-  ) {
-    const newUrl = new URL('/login', req.nextUrl.origin);
-    return Response.redirect(newUrl);
-  } else if (req.auth != null && req.nextUrl.pathname === '/') {
-    const newUrl = new URL('/home', req.nextUrl.origin);
-    return Response.redirect(newUrl);
-  }
-});
+export { auth as middleware } from '@/auth';
 
 export const config = {
   matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],