feat: Implement identity lock screen for sensitive user actions and introduce avatar generation.

This commit is contained in:
Christomatt
2026-01-30 04:44:57 +01:00
parent 4c9afa42fe
commit 10a54a0ea9
16 changed files with 519 additions and 134 deletions
+34
View File
@@ -0,0 +1,34 @@
'use client';
import { useAuth } from '@/lib/contexts/AuthContext';
import { IdentityLockScreen } from '@/components/IdentityLockScreen';
import { Loader2 } from 'lucide-react';
export default function SettingsLayout({ children }: { children: React.ReactNode }) {
const { isIdentityUnlocked, loading } = useAuth();
if (loading) {
return (
<div style={{
minHeight: '60vh',
display: 'flex',
alignItems: 'center',
justifyContent: 'center',
color: 'var(--foreground-tertiary)'
}}>
<Loader2 className="animate-spin" size={24} />
</div>
);
}
if (!isIdentityUnlocked) {
return (
<IdentityLockScreen
title="Settings Locked"
description="To view or change your settings, you must unlock your identity. Your private keys are required to sign any changes you make."
/>
);
}
return <>{children}</>;
}
+17 -1
View File
@@ -4,6 +4,7 @@ import { useState, useEffect } from 'react';
import { useRouter } from 'next/navigation';
import { ArrowLeftIcon } from '@/components/Icons';
import { MessageSquare, Check } from 'lucide-react';
import { useAuth } from '@/lib/contexts/AuthContext';
export default function PrivacySettingsPage() {
const router = useRouter();
@@ -13,6 +14,8 @@ export default function PrivacySettingsPage() {
const [dmPrivacy, setDmPrivacy] = useState<'everyone' | 'following' | 'none'>('everyone');
const [status, setStatus] = useState<{ type: 'success' | 'error', message: string } | null>(null);
const { isIdentityUnlocked, setShowUnlockPrompt, signUserAction } = useAuth();
useEffect(() => {
fetch('/api/auth/me')
.then(res => res.json())
@@ -27,15 +30,23 @@ export default function PrivacySettingsPage() {
}, []);
const handleSave = async (newValue: 'everyone' | 'following' | 'none') => {
// If identity is locked, prompt to unlock and return
if (!isIdentityUnlocked) {
setShowUnlockPrompt(true);
return;
}
setDmPrivacy(newValue);
setSaving(true);
setStatus(null);
try {
const signedPayload = await signUserAction('update_profile', { dmPrivacy: newValue });
const res = await fetch('/api/auth/me', {
method: 'PATCH',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ dmPrivacy: newValue }),
body: JSON.stringify(signedPayload),
});
if (res.ok) {
@@ -44,6 +55,11 @@ export default function PrivacySettingsPage() {
} else {
const data = await res.json();
setStatus({ type: 'error', message: data.error || 'Failed to save settings' });
// If error due to identity lock
if (data.error === 'Invalid signature or identity') {
setShowUnlockPrompt(true);
}
}
} catch (error) {
setStatus({ type: 'error', message: 'An error occurred' });
+20 -1
View File
@@ -4,6 +4,7 @@ import { useState } from 'react';
import Link from 'next/link';
import { ArrowLeftIcon } from '@/components/Icons';
import { Shield, Lock, Check, AlertCircle } from 'lucide-react';
import { useAuth } from '@/lib/contexts/AuthContext';
export default function SecuritySettingsPage() {
const [currentPassword, setCurrentPassword] = useState('');
@@ -12,6 +13,7 @@ export default function SecuritySettingsPage() {
const [isSubmitting, setIsSubmitting] = useState(false);
const [error, setError] = useState<string | null>(null);
const [success, setSuccess] = useState<string | null>(null);
const { isIdentityUnlocked, setShowUnlockPrompt, signUserAction } = useAuth();
const handleSubmit = async (e: React.FormEvent) => {
e.preventDefault();
@@ -34,18 +36,35 @@ export default function SecuritySettingsPage() {
return;
}
// If identity is locked, prompt to unlock and return
// Note: It seems redundant since they entered the password,
// but this ensures the KEY is loaded in memory.
if (!isIdentityUnlocked) {
setShowUnlockPrompt(true);
return;
}
setIsSubmitting(true);
try {
// Sign the password change action
// This proves we have the key unlocked (which required knowing the password)
const signedPayload = await signUserAction('change_password', { currentPassword, newPassword });
const res = await fetch('/api/account/password', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ currentPassword, newPassword }),
body: JSON.stringify(signedPayload),
});
const data = await res.json();
if (!res.ok) {
// If error due to identity lock
if (data.error === 'Invalid signature or identity' || data.error === 'User not found') {
setShowUnlockPrompt(true);
throw new Error('Identity verification failed. Please unlock your identity.');
}
throw new Error(data.error || 'Failed to change password');
}