async function api(path, options = {}) {
const response = await fetch(path, {
credentials: 'same-origin',
headers: { 'Content-Type': 'application/json', ...(options.headers || {}) },
...options,
})
const data = await response.json().catch(() => ({}))
if (!response.ok) {
const err = new Error(data.error || `Fehler ${response.status}`)
err.status = response.status
if (data.retryAfterSeconds) err.retryAfterSeconds = data.retryAfterSeconds
throw err
}
return data
}
function showError(el, message) {
if (!el) return
el.textContent = message
el.classList.remove('hidden')
}
function hideError(el) {
if (el) el.classList.add('hidden')
}
function featuresForProject(features, projectId) {
return features.filter((f) => !f.projectId || f.projectId === projectId)
}
function renderProjectCard(project, features) {
const li = document.createElement('li')
li.className = 'project-card'
const projectFeatures = featuresForProject(features, project.id)
const featureHtml = projectFeatures.length
? `${projectFeatures.map((f) => `${escapeHtml(f.featureKey)}`).join('')}
`
: 'Keine zusätzlichen Features freigeschaltet.
'
li.innerHTML = `
${escapeHtml(project.projectName || project.subdomain || 'Projekt')}
- Subdomain
- ${escapeHtml(project.subdomain || '–')}
- Vorschau
- ${project.previewUrl ? `${escapeHtml(project.previewUrl)}` : '–'}
- Live-Domain
- ${project.liveDomain ? escapeHtml(project.liveDomain) : '–'}
- Status
- ${escapeHtml(project.status || '–')}
- Bereitstellung
- ${escapeHtml(project.provisioningStatus || '–')}
${featureHtml}
`
return li
}
function escapeHtml(str) {
return String(str)
.replace(/&/g, '&')
.replace(//g, '>')
.replace(/"/g, '"')
}
function escapeAttr(str) {
return escapeHtml(str).replace(/'/g, ''')
}
async function initLoginPage() {
const form = document.getElementById('login-form')
const errorEl = document.getElementById('login-error')
const btn = document.getElementById('login-btn')
async function applyCooldown(seconds) {
if (seconds <= 0) return
showError(
errorEl,
`Zu viele Anmeldeversuche. Bitte warte noch ${seconds} Sekunden (ca. ${Math.ceil(seconds / 60)} Min.).`
)
btn.disabled = true
const tick = setInterval(async () => {
const status = await fetch('/api/auth/login-status').then((r) => r.json()).catch(() => ({}))
const left = status.retryAfterSeconds || 0
if (left <= 0) {
clearInterval(tick)
hideError(errorEl)
btn.disabled = false
return
}
showError(
errorEl,
`Zu viele Anmeldeversuche. Bitte warte noch ${left} Sekunden (ca. ${Math.ceil(left / 60)} Min.).`
)
}, 1000)
}
try {
const status = await fetch('/api/auth/login-status').then((r) => r.json())
if (status.blocked) {
await applyCooldown(status.retryAfterSeconds)
}
} catch {
/* ignore */
}
try {
const me = await api('/api/auth/me')
if (me.authenticated && me.customer) {
window.location.href = '/dashboard.html'
return
}
} catch {
/* not logged in */
}
form?.addEventListener('submit', async (e) => {
e.preventDefault()
if (btn.disabled) return
errorEl.classList.add('hidden')
btn.disabled = true
let cooldownActive = false
try {
await api('/api/auth/login', {
method: 'POST',
body: JSON.stringify({
email: document.getElementById('email').value,
password: document.getElementById('password').value,
}),
})
window.location.href = '/dashboard.html'
return
} catch (err) {
showError(errorEl, err.message)
if (err.status === 429) {
cooldownActive = true
await applyCooldown(err.retryAfterSeconds || 900)
}
} finally {
if (!cooldownActive) btn.disabled = false
}
})
}
async function initDashboardPage() {
const meta = document.getElementById('customer-meta')
const list = document.getElementById('projects')
const loading = document.getElementById('loading')
const empty = document.getElementById('empty')
const loadError = document.getElementById('load-error')
const logoutBtn = document.getElementById('logout-btn')
logoutBtn?.addEventListener('click', async () => {
await api('/api/auth/logout', { method: 'POST' })
window.location.href = '/login.html'
})
try {
const [{ authenticated, customer }, { projects }, { features }] = await Promise.all([
api('/api/auth/me'),
api('/api/projects'),
api('/api/features'),
])
if (!authenticated || !customer) {
window.location.href = '/login.html'
return
}
meta.textContent = customer.name ? `${customer.name} (${customer.email})` : customer.email
loading.classList.add('hidden')
if (!projects.length) {
empty.classList.remove('hidden')
return
}
list.classList.remove('hidden')
list.innerHTML = ''
for (const project of projects) {
list.appendChild(renderProjectCard(project, features))
}
} catch (err) {
loading.classList.add('hidden')
if (err.message.includes('401') || err.message.includes('Nicht angemeldet')) {
window.location.href = '/login.html'
return
}
showError(loadError, err.message)
}
}
window.initLoginPage = initLoginPage
window.initDashboardPage = initDashboardPage