Skip to content

Set up login page#8

Open
wmiq84 wants to merge 9 commits intomainfrom
wmiq84/log-in
Open

Set up login page#8
wmiq84 wants to merge 9 commits intomainfrom
wmiq84/log-in

Conversation

@wmiq84
Copy link

@wmiq84 wmiq84 commented Jan 20, 2026
edited by siwenshao
Loading

Changes

  • Setup Firebase login flow, with boilerplate borrowed from Veteran Sisters project
  • Added the respective failure and success notification components
  • When committing, I noticed that the secret-scan was scanning and flagging its own file, so I added a .gitignore file to fix this issue
  • Adjust page.module.css and page.tsx to fit the Figma design
  • Remove sign-up option
  • On failure notification is modified to fit Figma design of red box and text
  • Only allow

Authorization

  • Backend: set up the backend to verify login tokens from the frontend using Firebase. Now, the backend can check if a user is actually logged in before letting them access certain endpoints - only authenticated users can reach protected routes.
    • backend/src/firebase/admin.ts: Initializes Firebase Admin SDK using service account from environment variable
    • backend/src/middleware/auth.ts: Exports verifyToken middleware function, extracts Bearer token from Authorization header, verifies token using Firebase Admin auth.verifyIdToken(), attaches user info (uid, email) to request object.
    • backend/src/app.ts: Added express.json() middleware, imported Firebase admin, and added example public route and protected route.
  • Frontend: checks every page request, and if you don't have a login cookie, it automatically redirects you to the login page. Only the login page itself is accessible without being logged in.
    • frontend/src/middleware.ts

Testing

  • For testing, use email: tsehomestart@gmail.com and password: homestart999

  • Screenshot below confirms authentication works (successful login currently redirects to home page)

  • updated UI screenshots of correct password and invalid password:

Screenshot 2026-01-21 at 12 30 47 AM Screenshot 2026-01-21 at 12 37 07 AM
  • UI on phone:
Screenshot 2026-01-21 at 2 05 28 PM

Testing

To test middleware, login after being redirected to the login page, at which point you should be able to view other routes like "/". You can test again on an incognito tab.

Todo

  • Logout button that removes cookie added on login

@wmiq84 wmiq84 requested a review from navyaa31 as a code owner January 20, 2026 04:20
nakazawak
nakazawak approved these changes Jan 20, 2026
View reviewed changes
Copy link

@nakazawak nakazawak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything lgtm, hopefully nothing breaks lol🤞

nakazawak
nakazawak requested changes Jan 20, 2026
View reviewed changes
Copy link

@nakazawak nakazawak left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When running the frontend on this branch, I hit Missing environment variables: NEXT_PUBLIC_FIREBASE. I couldn’t find setup instructions or a .env.example in the repo. After I receive the env variable I will test the log in and follw up on whether everything is good.

nakazawak
nakazawak approved these changes Jan 20, 2026
View reviewed changes
Copy link

@nakazawak nakazawak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay I just tested it out and the logic seems to be working as described in the documentation. Looks fire.

navyaa31
navyaa31 requested changes Jan 25, 2026
View reviewed changes
Copy link
Collaborator

@navyaa31 navyaa31 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! Great job on the responsive design.

I used Michael's email and the pw test1234 to log in, but can we change it to the home start email so that everyone can log in and test the reset feature?

Also, could you create a middleware.ts so that an unauthenticated user isn't able to access any other routes, and redirect them to the log in page

@wmiq84
Copy link
Author

wmiq84 commented Jan 26, 2026

Just updated the login details to user: tsehomestart@gmail.com and password: homestart999

CharlieSuarezRobles
CharlieSuarezRobles reviewed Jan 28, 2026
View reviewed changes
Copy link

@CharlieSuarezRobles CharlieSuarezRobles left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything seems fine to me. There's just a small bug regarding the eye functionality in the login. You can see it in the comment down below.

@siwenshao
switched the displayed eye icon for show and hide password for correc…
c2465b6 
…t logic (debug)
@siwenshao
added backend auth by intergrating firebase admin sdk, now initializ…
258d809 
…es firebase admin on startup and provide middleware to proect routes
@siwenshao
Merge branch 'main' into wmiq84/log-in
320c943
@siwenshao
Revert "Merge branch 'main' into wmiq84/log-in"
a5f2343 
This reverts commit 320c943, reversing
changes made to 258d809.

t status
t log --oneline -n 3
@wmiq84 wmiq84 linked an issue Feb 3, 2026 that may be closed by this pull request
Log in #3
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@siwenshao siwenshao siwenshao left review comments

@nakazawak nakazawak Awaiting requested review from nakazawak

@CharlieSuarezRobles CharlieSuarezRobles Awaiting requested review from CharlieSuarezRobles

@navyaa31 navyaa31 Awaiting requested review from navyaa31 navyaa31 is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Log in

5 participants

@wmiq84 @nakazawak @navyaa31 @siwenshao @CharlieSuarezRobles